Steps To Avoid Tax-Return Identity TheftBrian Jang ON August 8, 2017
No one wants to fall victim to a phishing scam, especially one that involves the Canada Revenue Agency. In case you haven’t already heard, hackers are pretending to be from the CRA in a clever guise to get ahold of taxpayers’ personal information, like a credit card, bank account, passport, and social insurance numbers.
If you want to keep cybercriminals at bay, here are some vital steps to avoid a tax refund scam.
Fraud, Phishing Scams, and the Canada Revenue Agency
Phishing is an online email scam designed to get you to click on a link or an attachment, infecting your computer, laptop, or other devices with malware. Email scams can come from anywhere, anytime, and in many forms.
New phishing scams are popping up all the time and for good reason—they work. And if you don’t know what to look for, you could easily fall prey to one. Once hackers have reeled you in, they can use your data to create false accounts, destroy your credit, hold your information for ransom, and steal your identity. And now, cybercriminals are using the CRA to get their hands on your information.
CRA phishing email is on the rise, quickly becoming the leading online threats in the country. Many phony emails claiming to be from the CRA are notifying taxpayers that further information is needed to verify tax refunds. Another common scam informs taxpayers that tax returns are overdue and instructs them to follow a link to get further information.
How to prevent phishing attacks
Think before you click
Very few people think twice when it comes to clicking on links from friends, family, or trusted websites. But if you’ve received a shady email from the CRA (or anyone for that matter), don’t take the bait. For starters, the CRA would never contact Canadians via email, so the best thing you can do is delete the bogus message from your account. Also, listen to your gut. If something doesn’t feel right, it probably isn’t. Getting in the habit of practicing a little skepticism now can save you some major sorrows in the future.
Check a website’s security
Another great way to avoid a CRA email phishing scam is to verify a website’s security. Handing off sensitive financial information should never be taken lightly. So, before you click on a link, open an attachment, or hit send, make sure you are on a secure website. To do this, ensure the site’s URL starts with “https.” You can also verify the website’s security certificate.
Review your online account activity regularly
Did you know that you could already be tangled up in a scam and not even know it? Many folks don’t realize that hackers could be having their way with their account information until it’s too late. Get into the habit of regularly checking your online account activity to make sure no bogus transactions have taken place. Speaking of good habits, it also a good idea to regularly change your passwords.
Keep your computer safe
Cybercriminals are always on the lookout for holes in your online infrastructure—don’t make it easy for them. Use anti-virus software and firewalls, and keep your browser up-to-date. This will help prevent malware from entering your system and wreaking havoc on your network.
Phishing scams are going nowhere anytime soon. As online identity theft continues to climb, it’s vital that business owners do everything they can to stop sensitive information from getting into the wrong hands.
Worried about being targeted by the next CRA phishing email scam? BCJ Group, Chartered Professional Accountants can help show you the warning signs.