The so-called “phishing” scam is similar to ones that have been widely reported by the Canada Revenue Agency.
“New emails using Canada Post’s name or brand are circulating, inviting customers to either click a link or open a document to obtain their tracking information,” said a release from Canada Post on Monday.
“We wish to remind customers to not click on any links or open documents. These fraudulent messages … may contain viruses.”
Canadians are being instructed to delete the emails without opening any attachments or links, whether or not they are expecting a package in the mail.
As always, customers can enter their tracking number, provided by Canada Post, directly on the canadapost.ca site to find out about delivery status.
Tips to avoid falling victim to a phishing scam:
- Don’t be fooled by official logos. One of the most common ways that phishing scams will try to fool you is by using official company logos or insignias. In some cases, the email address or web address may look close to the company’s name, but is slightly altered or off by a letter.
- Watch out for poor spelling and grammar. An easy way to spot a phishing scam right away is by reading the email thoroughly, watching for bad spelling and grammar. Phishing emails are notorious for obvious spelling mistakes.
- Check links before you click on them: Often attackers will use a legitimate web address in the hyperlinked text of the email, but once you click on the link it takes you to a malicious website. If you hover your mouse over the link – without clicking on it – a small yellow box will appear showing the actual web address the link will take you to. If the link doesn’t match the hyperlinked text, it’s likely malicious.
With files from Nicole Bogart.