WATCH: For months, the Canada Revenue Agency has been warning Canadians not to fall for scammers who claim to have information about your tax return. Mike Le Couteur explains the scam and how you can protect yourself.
It looked legit enough, but a recent email that landed in this reporter’s inbox had all the markings of an attempt to defraud Canadians during tax season.
“Canada Revenue Agency has sent you an Interac e-Transfer,” the email read. The amount was $534.37. Awesome! But wait – that’s not what my tax return came to this year.
Also curious was the fact the note was addressed to a work email address from the days of yore; it used a Canwest email address (Global News was once a Canwest property). These things can be easy enough to overlook, though. In the event anyone does, the email provides a link the recipient has to click in order to “get their money” from the “CRA.”
The link looked like an https://, just as government sites should be, and indicated it led to the cra-arc.gc.ca site.
When clicked, though, the url became a mess of numbers and gibberish, leading to a page asking for a social insurance number, date of birth and full name. In other words, everything required to steal someone’s identity.
READ MORE: Saskatoon police warn of tax refund scams
A spokeswoman for the Canadian Anti-Fraud Centre said there has been a spike in these sorts of phishing scams since March, just as tax season ramps up.
The most important thing to know is the Canadian Revenue Agency never, ever contacts Canadians through phone calls or emails, said Cpl. Josée Rousseau, supervisor at the anti-fraud centre.
READ MORE: How to recognize and avoid online phishing scams
“The only way the CRA will communicate with you is via mail,” she said.
- ‘Shock and disbelief’ after Manitoba school trustee’s Indigenous comments
- Invasive strep: ‘Don’t wait’ to seek care, N.S. woman warns on long road to recovery
- Norad looking to NATO to help detect threats over the Arctic, chief says
- ‘Super lice’ are becoming more resistant to chemical shampoos. What to use instead
There are options if ever someone finds themselves in a situation where they gave their sensitive, private information before realizing an email or phone call was a scam, Rousseau said.
First to note, she said, is that just because a fraudster has an individual’s sensitive private information doesn’t mean they’ll use it.
“But it’s a risk,” Rousseau said. “This is why it has to be reported.” If anyone thinks they may have fallen victim to a fraudster, they should keep an eye on their accounts for any losses and report the details to police and the centre, which operates a database of mass-marketing frauds for law enforcement agencies.
According to the centre, thousands of Canadians were defrauded of $73.4 million from Jan. 1 to Dec. 31, 2014.
The CRA’s website also offers some ideas of what taxpayers can watch out for in order to avoid being defrauded.
According to the federal website, the CRA does not do the following:
- request personal information of any kind from a taxpayer by email.
- divulge taxpayer information to another person unless formal authorization is provided by the taxpayer.
- leave any personal information on an answering machine.
Comments