Canada Revenue Agency Phishing Scams

March 31, 2014

Tax season is upon us, and just like clockwork, cyber criminals have fired up their computers and are reaching out with their phishing scams. Recent attacks have been circulating under the guise of legitimate messages from the Canada Revenue Agency (CRA). As they communicate a sense of urgency and arrive just as Canadians are contemplating their tax returns, these scams can be successful in fooling those who are unaware of how to recognize them.

Love it? Lock it!

What is Phishing?
Phishing is the act of getting you to give up your personal information through trickery. When phishing, cyber criminals initiate bogus phone calls (also known as “Vishing”) or send fraudulent emails that lead to sites that appear legitimate, but are in fact operated by criminals. Phishing emails can also contain links telling you to download software to your computer, but these programs are actually malware and can put your computer at risk.

Canada Revenue Agency - Warning
CRA has been warning taxpayers about phishing scams for years. When it comes to tax season there are several types of known scams, including:

Example Phishing Email
Here is an example of what a phishing scam email looks like. Cyber criminals also use legitimate looking sites, images/logos and forms to collect your information. That link you see below is an “embedded link” and does not actually point to CRA's site, but rather an attack site.

Dear Tax Payer,
You are entitled to your tax refund now. The tax refund is $241.34. You are required to follow the link below to login to our secure Epass site with your Social Insurance number and complete the required information in order for your refund to be processed.

http://www.cra-arc.gc.ca/gol-ged/gov/confirmtaxrefund?REF128328-Jh2887

Yours sincerely,

Gilles Dompierre, Department of Revenue, Canada

What If I'm a Victim?
If you suspect that you are involved in a CRA phishing scam, follow these steps:

Take Preventative Steps
Even if you have not been a victim, there are steps you can take to minimize your risk:

Security Precautions at CRA
The Canada Revenue Agency has taken several steps to reduce fraud related issues:

 The risk associated with CRA phishing scams is real.  However, by informing yourself of the characteristics of these scams, and by being aware of the threat in general, you can reduce the likelihood that you will fall victim to this type of scam. Please visit Get Cyber Safe frequently for updated information.


Follow Get Cyber Safe on Twitter and Facebook.


Comments

By submitting a comment, you agree to have Public Safety Canada collect the comment and publish it on this website (comment policy).



Comments

Rick S.

I received a false e-mail regarding a refund from Revenue Canada. Do you want to receive these e-mails for investigation?

GetCyberSafe

To report cyber incidents or fraud, call the Canadian Anti-Fraud Centre (CAFC) at 1-888-495-8501 or visit www.antifraudcentre.ca

Our website also has more information on what to do: http://www.getcybersafe.gc.ca/cnt/rsrcs/rcvr-scm-en.aspx.

linda

I received a voice-message from CRA, from a person called Officer Jonathan K. He did not leave his phone number, but I was able to track it down (1-613-XXX-XXXX). I phoned the number within 15 minutes of him calling, and talked to Officer Mark S. Officer S. said that I should phone tomorrow, as Officer K. was not in. Hmm.

GetCyberSafe

Be cautious, and please check out this warning about scams involving callers pretending to be from the Canada Revenue Agency (CRA): http://www.cra-arc.gc.ca/nwsrm/lrts/2015/l150610-eng.html.

Louise S.

I have had 2 phone calls claiming they are from Revenue Canada and the persons name is Officer Johnathan W, phone no# to call back is 613-XXX-XXXX. They are threatening me that I have commited a misconduct on my papers and that I committed fraud. I know that this is a farce or a scam, as I have my taxes done every year by a professional, who has been in business for years. Just thought you should know.

GetCyberSafe

You can learn more about telephone scams involving callers pretending to be from the Canada Revenue Agency (CRA) here: http://www.cra-arc.gc.ca/nwsrm/lrts/2015/l150610-eng.html.

Raquel B

Just to let you know I have received recorded threatening messages due to "criminal actions" on my part connected with Rev. Cda., with the following phone numbers to follow up:
514-XXX-XXXX - 678- XXX-XXXX Raquel B

Barry Ottaway

This is so sad. I am a registered e-filer and I am trying to report a suspected email. The problem is trying to find the right website or contact. I consider myself a low to mid range user of the net. Can you imagine how a low, rarely used person feels. Even trying to find a contact was near impossible. Maybe that is why so much is missed. I do have a suspicious email that I am trying to report as a registered e-filer, but even I can't find how to protect myself

GetCyberSafe

You can report the incident to CRA, the Royal Canadian Mounted Police (RCMP) and the Canadian Anti-Fraud Centre.

Date modified: