• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

TekSec

My Scribbles on security and whatever strikes my fancy . . .

  • Home
  • About
    • Privacy Policy
    • DISCLAIMER
  • Services
    • Content Strategy
    • Social Media
    • Digital Audit
  • Show Search
Hide Search

Canadian Tax Refund Phishing Scam Steals IRS Copyright!

March 26, 2012 By teksquisite Leave a Comment

Another day and another scam. This morning I received a Canadian Income Tax and Benefit Return claiming to be from the Canada Revenue Agency. There was one serious error in this phishing email that many of you would flag in a heartbeat – their  copyright:  Internal Revenue Service. All rights reserved. Perhaps they need to hire a better proofreader so that they do not mix up the nations that they are trying to scam.

There were several warning flags:

  1. I am not a Canadian citizen.
  2. IRS Copyright error.
  3. Filling out personal identifiable information (PII).
  4. Email headers:  Originating hostname: 64.79.102.35.rdns.clusterspan.net based in Seattle, WA. (the GEO location is not based in Canada honey).

CRA scam

[pullquote]There are people out there who would comply with this request and cry sham when their identity or bank accounts get ripped off…[/pullquote]

Though the graphics looked official with no grammatical errors the Tax Refund Online Form requests the following information: Email address, full name, credit card number, card expiration, CSC number, billing address, date of birth, work & home phone numbers, current employer, mother’s maiden name and social insurance number. Imagine what they could do with all this information! Believe me, there are people out there who would comply with this request and cry sham when their identity or bank accounts get ripped off…

The CRA does never does the following:

  • The CRA will not request personal information of any kind from a taxpayer by email.
  • The CRA will not divulge taxpayer information to another person unless formal authorization is provided by the taxpayer.
  • The CRA will not leave any personal information on an answering machine.

You can view other samples of fraudulant emails and Online Refund Forms at the Canada Revenue Agency.

[pullquote]Internet users should be very cautious of any emails that purport to be from their nation’s tax department that ask them to provide personal information by following a link or opening an attachment. [/pullquote]

In order to make their claims seem more believable, the scammers often include seemingly official tax department logos, copyright notices and secondary links that lead to the genuine tax department website. Internet users should be very cautious of any emails that purport to be from their nation’s tax department that ask them to provide personal information by following a link or opening an attachment. No legitimate taxation body is likely to inform taxpayers about a possible refund and ask them to provide personal information via an unsolicited email. —Hoaxslayer

–

 

 

Facebooktwitterredditpinterestlinkedinmailby feather

Filed Under: Updates

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Visit Us On TwitterVisit Us On FacebookVisit Us On PinterestVisit Us On YoutubeVisit Us On LinkedinCheck Our Feed

Recent Posts

  • 13 Reasons why WordPress hacks are successful
  • Hacked medical devices gaining traction
  • Online Travel Agency Deals: Due Diligence and Dive

Top Posts

  • Safari browser redirects on iPhone, iPad –… (10,130)
  • 6 motivations of cybercriminals–Is it all about the money? (3,875)
  • How to derail a Business Gmail Spam bomb (3,831)

RSS SecurityWeek

  • F1 Team Williams Unveils New Car After Hackers Foil Launch
  • Microsoft Shares Additional Mitigations for Exchange Server Vulnerabilities Under Attack

RSS Threatpost

  • U.S. DoD Weapons Programs Lack ‘Key’ Cybersecurity Measures
  • WordPress Injection Anchors Widespread Malware Campaign

Recent Comments

  • teksquisite on How to derail a Business Gmail Spam bomb
  • Stephanie Cleveland on About
  • bob mbeng64 on How to derail a Business Gmail Spam bomb
  • teksquisite on Remove Query Strings From Static Resources in WordPress
  • Harish on Remove Query Strings From Static Resources in WordPress

Categories

Copyright © 2021 · Teksquisite Security LLC

  • Home
  • About
  • Services
  • Privacy Policy
  • DISCLAIMER