With tax season upon us, a recent fraud victim and the Better Business Bureau (BBB) are warning the public to take a moment to think twice before clicking any fishy links.
The victim, a Vancouver post-secondary student who Global News has agreed not to identify, said fraudsters were able to pull $2,800 out of her bank account in February.
The student said the attack came in the form of a text message from a number her school usually uses to communicate with her. The message said she was eligible for a $100 tax refund from Service Canada.
The student said she was in line for a coffee at the time, and because she was distracted she didn’t stop to think too closely about the transaction.
“I clicked the website link and followed the procedure,” she told Global News. “And then I had to sign in with bank account … so I did that. And I found out a few days later, I got an email and my bank said I transferred to somebody $2,800.”
Even worse, she said she hadn’t had the money in her chequing account, but the fraudster was able to withdraw it as a cash advance from her credit card. They were also able to change her password and deactivate her two-factor authentication.
Simone Lis, president and CEO of the BBB serving Mainland BC and the Yukon said scammers are always innovating their techniques, but are particularly active come tax time.
She said the number one thing people can do to protect themselves is to never click on a link in an email or text claiming to be from a government or financial agency.
“If you receive a call, an email, a text, and it says it’s coming from the Canada Revenue Agency, do not respond, do not click, just delete it — if you think you have some sort of issue with the CRA, just call them directly,” she said.
The Canada Revenue Agency does not use text or instant messages to communicate about taxes, benefits or accounts. It also never sends personal information like tax refund amounts or balances owing by text or email.
Lis said that when the Vancouver student followed the scammers’ link, she inadvertently gave them access to her bank account.
Scammers, she added, will often use language meant to cause fear or anxiety — or to make victims think the issue is time sensitive. Both techniques are designed to get them to click a malicious link without stopping to think about it.
“Take some time, take a few minutes,” she said.
It’s something the student says she wishes she had done, and hopes others do so they don’t get caught like she did.
“I’m mad at myself,” she said. “Because I’ve heard the news many times but I didn’t know it would happen to me.”
The student said her bank reimbursed her for the loss because it was an unauthorized transaction. She’s since reset all of her security on the account.