More threads by GaryQ


With tax season upon us scammers are looking for victims and I got another one of these Canada Revenue Agency phishing emails and I thought it might be good to offer a couple tips and pointers.

"phishing" emails (an email crafted to make you think it's legitimate in order to get you to enter your account or personal info for fraudulent use) getting better and better leading some to think they are legit like this image of one I received today (image below)

There are a 2 simple "NEVER" tricks to help in not getting caught by one:

1 - NEVER PANIC: The art of the phishing scam is to get you to click and enter your personal info in excitement or panic. Examples are your bank says your e-transfer of $541.22 to has been approved and will be processed in x minutes. if you did not make this transaction please click here to cancel it. MY MONEY + DANGER = PANIC. You click thinking it's your bank and attempt to log in to stop this money from being sent from your account and bang they have your log in info and usually your other info as they will make you authenticate if you have a secret question etc and unless you have double layer authentication they can access your account. If you have double authentication like a text message to your phone when logging in from another PC and think you are safe there's a trap. If someone gains access remotely to your PC they can login to your account remotely from your PC and your bank thinks it's a regular login. The Tax refund one hits the excitement factor and is crafted in the same way. Long gone are the badly crafted text only emails of the good old days when we were chosen by some Nigerian billionaire to help him get his money out for a measly couple million dollars for our help. Don't laugh at that as many were actually caught up and defrauded of everything they had in order to get their cut. Greed + Excitement = Potential victim!

2 - NEVER CLICK ON EMAIL LINKS: even if they seem to be from an authentic source since they are crafted to mislead. On most browsers you can actually see what the real link is by simply hovering over it but there's an old saying "Better safe than sorry". If you think your bank sent you an email or something else that needs to be safe and secure log into you account as you normally would though your browser or app don't click on the link and there's no possibility of following a deceptive one.

Example of a link that looks legit but isn't: this link says google but is really a link to this forum's main page.

Here's a pic of the email I got. Not as well crafted as some bank ones I get but still a trap for some or they would not bother trying.

Stay safe and avoid dark alleys online as you would in real life and have a good antivirus and malware scanner to help.
Replying is not possible. This forum is only available as an archive.