Every year, we see attempts from cyber criminals to steal your personal information through sending false correspondence in the name of the Canadian Revenue Agency (CRA). A sample scam was recently sent to me from a University client and we wanted to make sure you weren’t fooled by what appears to be a legitimate communication.
The email contents looks like this:
Date: February 28, 2014 at 4:47:58 AM MST
To: <a uleth.ca account>
Subject: Tax Refund
Dear Tax Payer ,
You are required to follow the secured link below to login to our secure Epass site with your Social Insurance Number and complete the required details in order for your tax refund to be processed and deposited into your account.
©Copyright Canada Revenue Agency. All rights reserved.
Any red flags here? Asking for your social insurance number in an email should be an immediate warning to you that there may be something fishy (phishy) going on. The author doesn't even know your name (Dear Tax Payer). On top of all that, unless you've filed your tax returns, and are expecting a $988.44 refund this should appear to be very suspicious. No one has magically filed your taxes for you.
The link that you see in the email, doesn’t actually go to the government site but instead redirects you to location seen here (http://www.ricettivolazio.it/refund-details/taxdata-execute/... /OnlineForm.htm). This is a site in Italy that has apparently been hacked. You can discover this for yourself by hovering over the link with your mouse which will reveal the ultimate location you will be visiting. This link has been redacted for your safety but you can see how easy it is to manipulate the redirection toolset of the Internet.
If you have any additional questions or concerns please don’t hesitate to contact the Solutions Centre at 403-329-2490 or firstname.lastname@example.org.
Kevin Vadnais, Manger, Information Security Office
Information Technology Services