It's Tax Scam Time Again.

Every year, we see attempts from cyber criminals to steal your personal information through sending false correspondence in the name of the Canadian Revenue Agency (CRA).  A sample scam was recently sent to me from a University client and we wanted to make sure you weren’t fooled by what appears to be a legitimate communication.

The email contents looks like this:

From: <info@cra-arc.gc.ca>
Date: February 28, 2014 at 4:47:58 AM MST
To: <a uleth.ca account>
Subject: Tax Refund

 

Canada Revenue Agency 

Dear Tax Payer ,
 


Part of your Canadian tax expenses for the year 2014 as been processed and completed and you are entitled to a refund for 988.44 CAD. 

You are required to follow the secured link below to login to our secure Epass site with your Social Insurance Number and complete the required details in order for your tax refund to be processed and deposited into your account.
 


To access the secure form for your Tax Refund, please click the below secured link to get started>>>>

https://cms-sgj.cra-arc.gc.ca/gol-ged/awsc/cms/login.aspx


Sincerely, 

Canada Revenue Agency. 

 

©Copyright Canada Revenue Agency. All rights reserved. 

 

 

Any red flags here?  Asking for your social insurance number in an email should be an immediate warning to you that there may be something fishy (phishy) going on.  The author doesn't even know your name (Dear Tax Payer).  On top of all that, unless you've filed your tax returns, and are expecting a $988.44 refund this should appear to be very suspicious.  No one has magically filed your taxes for you. 

The link that you see in the email, doesn’t actually go to the government site but instead redirects you to location seen here (http://www.ricettivolazio.it/refund-details/taxdata-execute/... /OnlineForm.htm).  This is a site in Italy that has apparently been hacked.  You can discover this for yourself by hovering over the link with your mouse which will reveal the ultimate location you will be visiting.  This link has been redacted for your safety but you can see how easy it is to manipulate the redirection toolset of the Internet.

 

If you have any additional questions or concerns please don’t hesitate to contact the Solutions Centre at 403-329-2490 or help@uleth.ca.

 

Stay Safe

 

Kevin Vadnais, Manger, Information Security Office

Information Technology Services

Category: