Canadians Lured By Cash Service Phishing Scam
Corrupt emails falsely linked to the Canada Revenue Agency CRA are being used for a cyber phishing scam.
According to the Canada Revenue Agency (CRA) the reward is only $386. A fraudulent email designed to look like it comes from the CRA is typical of many phishing attacks. The email lures Canadian tax payers with a promise of cash in exchange for personal information.
The first emails were sent out on October 14, and a second wave was sent out on December 15, 2008. The origins of the first batch have since been traced to Japan, while the second wave apparently came from the U.S., the CRA has revealed.
The corrupt email contains an embedded link to a phishing Web page which looks like the CRA's website. It uses the same color scheme and logo, and even includes links to the real website. The page presents a form asking the taxpayer to enter vital personal details including social insurance number, date of birth, full name, and the amount of money received on the last tax return.
There are a couple of telltale signs a watchful observer would recognize as a phishing Web page.
Seven signs to watch for:
- The message does not address you by your actual name, but instead addresses you as: "User, "Customer," "Client," "Member," "Sir," "Madam" etc.
- The message contains spelling errors, grammatical errors, awkward wording or phrases, or a combination of all of these.
- The message uses threatening, urgent or alarming language in regards to your account access, e.g. "Your account has been suspended," "Security Update Required," "New software download required for continued access," etc.
- Hovering your mouse pointer over the link or viewing the source message reveals a URL that does not appear related to the company supposedly sending you the message.
- The link within the message is a truncated (shortened or tiny size) URL which then redirects you to the actual website.
- The message includes attachments that you are asked to download or open.
- You are being asked to provide information that the company should already have or shouldn't need to know such as: Username and password, payment information, banking information, credit card numbers with security code, birthday, or even Social Security Number.
Has anything like this ever happened to you? Share your story below in the comments area.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.