Canada Revenue Agency Phishing Scams

March 31, 2014

Tax season is upon us, and just like clockwork, cyber criminals have fired up their computers and are reaching out with their phishing scams. Recent attacks have been circulating under the guise of legitimate messages from the Canada Revenue Agency (CRA). As they communicate a sense of urgency and arrive just as Canadians are contemplating their tax returns, these scams can be successful in fooling those who are unaware of how to recognize them.

Love it? Lock it!

What is Phishing?
Phishing is the act of getting you to give up your personal information through trickery. When phishing, cyber criminals initiate bogus phone calls (also known as “Vishing”) or send fraudulent emails that lead to sites that appear legitimate, but are in fact operated by criminals. Phishing emails can also contain links telling you to download software to your computer, but these programs are actually malware and can put your computer at risk.

Canada Revenue Agency - Warning
CRA has been warning taxpayers about phishing scams for years. When it comes to tax season there are several types of known scams, including:

Example Phishing Email
Here is an example of what a phishing scam email looks like. Cyber criminals also use legitimate looking sites, images/logos and forms to collect your information. That link you see below is an “embedded link” and does not actually point to CRA's site, but rather an attack site.

Dear Tax Payer,
You are entitled to your tax refund now. The tax refund is $241.34. You are required to follow the link below to login to our secure Epass site with your Social Insurance number and complete the required information in order for your refund to be processed.

Yours sincerely,

Gilles Dompierre, Department of Revenue, Canada

What If I'm a Victim?
If you suspect that you are involved in a CRA phishing scam, follow these steps:

Take Preventative Steps
Even if you have not been a victim, there are steps you can take to minimize your risk:

Security Precautions at CRA
The Canada Revenue Agency has taken several steps to reduce fraud related issues:

 The risk associated with CRA phishing scams is real.  However, by informing yourself of the characteristics of these scams, and by being aware of the threat in general, you can reduce the likelihood that you will fall victim to this type of scam. Please visit Get Cyber Safe frequently for updated information.

Follow Get Cyber Safe on Twitter and Facebook.


By submitting a comment, you agree to have Public Safety Canada collect the comment and publish it on this website (comment policy).


Ann Marie

You guys make it really hard to report phishing scams. All I want to do is find the email address to report this scam that I found in my email today, and it's like I have to jump through hoops to try and report it. For a Government institution, it is ridiculous. Apple, interac, PayPal all have easy to find reporting centres. This is very frustrating.


You can report phishing scams to the Canadian Anti-Fraud Centre.

Malcolm B.

I'd report a phishing scam, however I'm not interested in creating accounts and passwords. Is their a site where I can just post a warning and copy of the email?


You can phone the Canadian Anti-Fraud Centre to report the phishing scam.

Karen GF.

Today I received an email that was a supposed Interac etransfer from CRA. Its format is almost identical to legitimate etransfers I have received from others in the past, except it was not addressed to me personally, but rather to the email address. It includes a prompt to click to receive your monies, which I'm sure would ask you to sign into your online banking account. This seems to be a new scam. Should I forward this email to CRA or an anti fraud site?


Yes, please contact the Canadian Anti-Fraud Centre to report this fraudulent email.

Janet E.

I received an email, supposedly from CRA, that is obviously a phishing scam. I have looked all over the CRA and CAFC sites, and can not find an email address to which I can forward it. Please make it easier to report these scams.


Please report any suspected scams to the Canadian Anti-Fraud Centre.

Gordon VH.

Is the following a scam?

Subj: Auto-Deposit : The Canada Revenue Agency (CRA) will issue the income tax and benefit return payments on May 14, 2018. To continue receiving the benefit and credit payments that you are entitled, you have to sign up for Auto-deposit. Auto-deposit is a fast, easy and secure way to get your payments on time in the event of an emergency or unforeseen circumstances. Register today to avoid delays!


Yes, it certainly is. Please do not click on such links, visit CRA's website for real information on direct deposit, and contact the Canadian Anti-Fraud Centre to report the scam.

Rick S.

I received a false e-mail regarding a refund from Revenue Canada. Do you want to receive these e-mails for investigation?


To report cyber incidents or fraud, call the Canadian Anti-Fraud Centre (CAFC) at 1-888-495-8501 or visit

Our website also has more information on what to do:


I received a voice-message from CRA, from a person called Officer Jonathan K. He did not leave his phone number, but I was able to track it down (1-613-XXX-XXXX). I phoned the number within 15 minutes of him calling, and talked to Officer Mark S. Officer S. said that I should phone tomorrow, as Officer K. was not in. Hmm.


Be cautious, and please check out this warning about scams involving callers pretending to be from the Canada Revenue Agency (CRA):

Louise S.

I have had 2 phone calls claiming they are from Revenue Canada and the persons name is Officer Johnathan W, phone no# to call back is 613-XXX-XXXX. They are threatening me that I have commited a misconduct on my papers and that I committed fraud. I know that this is a farce or a scam, as I have my taxes done every year by a professional, who has been in business for years. Just thought you should know.


You can learn more about telephone scams involving callers pretending to be from the Canada Revenue Agency (CRA) here:

Raquel B.

Just to let you know I have received recorded threatening messages due to "criminal actions" on my part connected with Rev. Cda., with the following phone numbers to follow up:
514-XXX-XXXX - 678- XXX-XXXX Raquel B

Barry O.

This is so sad. I am a registered e-filer and I am trying to report a suspected email. The problem is trying to find the right website or contact. I consider myself a low to mid range user of the net. Can you imagine how a low, rarely used person feels. Even trying to find a contact was near impossible. Maybe that is why so much is missed. I do have a suspicious email that I am trying to report as a registered e-filer, but even I can't find how to protect myself


You can report the incident to CRA, the Royal Canadian Mounted Police (RCMP) and the Canadian Anti-Fraud Centre.

Nandeenee I.

Hello, I received a fraudulent email, claiming to be CRA and I would like to know if there is an email address I can forward it so that it is investigated. I know it is a scam, but I want to ensure that other people who might not know, be scammed. thanks


Report fraudulent emails to the Canadian Anti-Fraud Centre online or by calling 1-888-495-8501. Learn more about tax scams.

Date modified: