Another day and another scam. This morning I received a Canadian Income Tax and Benefit Return claiming to be from the Canada Revenue Agency. There was one serious error in this phishing email that many of you would flag in a heartbeat – their copyright: Internal Revenue Service. All rights reserved. Perhaps they need to hire a better proofreader so that they do not mix up the nations that they are trying to scam.
There were several warning flags:
- I am not a Canadian citizen.
- IRS Copyright error.
- Filling out personal identifiable information (PII).
- Email headers: Originating hostname: 184.108.40.206.rdns.clusterspan.net based in Seattle, WA. (the GEO location is not based in Canada honey).
[pullquote]There are people out there who would comply with this request and cry sham when their identity or bank accounts get ripped off…[/pullquote]
Though the graphics looked official with no grammatical errors the Tax Refund Online Form requests the following information: Email address, full name, credit card number, card expiration, CSC number, billing address, date of birth, work & home phone numbers, current employer, mother’s maiden name and social insurance number. Imagine what they could do with all this information! Believe me, there are people out there who would comply with this request and cry sham when their identity or bank accounts get ripped off…
- The CRA will not request personal information of any kind from a taxpayer by email.
- The CRA will not divulge taxpayer information to another person unless formal authorization is provided by the taxpayer.
- The CRA will not leave any personal information on an answering machine.
[pullquote]Internet users should be very cautious of any emails that purport to be from their nation’s tax department that ask them to provide personal information by following a link or opening an attachment. [/pullquote]
In order to make their claims seem more believable, the scammers often include seemingly official tax department logos, copyright notices and secondary links that lead to the genuine tax department website. Internet users should be very cautious of any emails that purport to be from their nation’s tax department that ask them to provide personal information by following a link or opening an attachment. No legitimate taxation body is likely to inform taxpayers about a possible refund and ask them to provide personal information via an unsolicited email. —Hoaxslayer