Canadians Receiving Fake Tax Refund E-mails
A new phishing e-mails scam is making its way to Canadian users' inboxes at the time when the 2008 tax stimuli are coming via mail. A typical message in the e-mails tells the recipient that he is eligible to get a tax rebate from the CRA (Canada Revenue Agency).
The message suggests the recipient to click on a given link to claim the refund. However, the link takes the user to a spoofed CRA website where the visitor is encouraged to furnish information in an online form that asks for tax-related details like the tax sum he must submit as returns, full name, birth date and social security number.
Police said that the fake e-mails are once again attempts of scammers to steal private information from unwitting Canadians.
Marc Fossi , Manager of Development for the Security Technologies and Response Organization at Symantec Corp., said that by carefully examining the site, one would find that the phishing scammers have copied each and every graphic along with other details from the CRA website. The idea is to make the fake site look exactly as the original site, as reported by itWorldCanada on January 19, 2009.
However, two major clues suggest the site's fraudulent nature. First one relates to the Canadian government agencies normally show a link in the menu leading to the French translation of the page having the word "Francais". But, according to Fossi, the phishers were using different set of characters, so whenever a user attempts to obtain the 'ç' he doesn't get the original character, but a Chinese letter.
The other clue relates to the URL. It is not cra-arc.gc.ca, but it is a website hosted in Taiwan. The phishing trick maintains an ordinary scale of sophistication with no wrongly spelled words or like that.
Meanwhile, CRA stressed that it never sends refund notices over e-mail. It also advised Canadian citizens to deploy all security software like spyware filters, antivirus software, firewall programs and e-mail filters on their computers and not respond to any electronic mail soliciting personal information.
Related article: Canadian Retailer Faces Security Breach of Customer Credit Numbers
» SPAMfighter News - 04-02-2009