It’s Tax Time… CRA SCAMS come to the Forefront every Spring

Blog / It’s Tax Time… CRA SCAMS come to the Forefront every Spring

Even though it was -20 last week, Spring is supposed to be around the corner. Of course this also means it’s Tax Time in CanadaBack in the day – while attending university – I was able to look forward to a small refund, but those days are long gone. Besides some Accountant friends, I can’t think of anyone who enjoys the process of completing the annual reconciliation of incomes and expenses – and forwarding the inevitable payment to the government. The grumbling is universal.

 

But there is another group who looks forward to this time of year: SCAMMERS. They know that people are receptive to messages from officials at the Canada Revenue Agency (CRA.) Their attack methods are the same as any other time of year, but the message contains references to – and impersonations of – tax officials. This plays into the general fear people have of the CRA, and their ability to enforce payment demands for all sorts of tax-rule infringements – be they real or imagined. We all know the CRA has the power to inflict heavy financial penalties and the power to collect payment through heavy-handed methods; garnishee wages, extract funds from bank accounts, invoke criminal proceedings – the powers seem endless to push unsuspecting citizens into financial ruin. Who wouldn’t be intimidated? So, SCAMMERS have a very receptive audience.

The tactics are the same; it starts with an Email or phone call demanding payment for a tax owed. The tone is aggressive and the perceived consequences are dire. But the payment methods don’t quite line up with typical government channels. Wire transfers to numbered accounts, Bitcoin, Emailed credit card information, and personal collections of cash are NOT approved payment methods used by CRA. Nor are time-sensitive demands with short deadlines, especially on first-contact. So, if you’re reading or hearing for the first time that you have until 4:30 PM today to make this payment, something’s wrong.

I recently wrote a short article on how to identify Email viruses and SCAMS that I will re-print here. It was written at the request of a client so they could inform their staff about common ways viruses and SCAMS infect computers:

The majority of viruses that infect a user’s computer come as attachments to an Email. Many people know to avoid opening an attachment (by clicking it), but hackers are very creative in wording the emails that compel the recipient to act on the attachment; usually through threats of exposure, loss of financial information, or personal security. Emails reportedly from banks, government agencies (CRA is popular at this time of year), police, and others in positions of authority, are the most popular. Hyperlinks (the “clickable” text – usually blue underlined) are also an effective way of fooling a recipient into navigating to a bogus website, which is equally as dangerous as an infected attachment. While technical measures such as firewalls and anti-virus block a lot of bad content, they’re not infallible. The user is the final line of defense.

 

There are some simple ways to reduce your risk:

Don’t believe everything you read in Emails, especially unsolicited Email or that from someone you don’t know. Legitimate agencies and banks never communicate sensitive information, make demands for online payment, or threaten action through Emails.

Unexpected windfalls and disasters are extremely rare; usually communicated through multiple methods and times. If it’s that important, you would expect to see an Email, text, phone call, or personal message from a trusted friend – and most likely 2 or more of these.

If you’re not sure, attempt to contact the agency, company or person through another communications method. For example, phone them. DO NOT use the phone number provided in the Email, look it up in the phone book, or navigate independently to their website (NOT through a hyperlink in the Email.)

Inspect the sender’s Email address. Hold your mouse over the sender’s email address and look to see if it matches the displayed name. The majority of bogus Emails have cryptic text or numbers in the actual Email address – a sure sign that it’s bogus.

Never forward suspected Emails and attachments to a friend or work colleague. If you’re unsure, contact your IT Provider. They have ways to inspect Email technical information and open attachments safely.

 

I recently attended a local Chamber of Commerce event where an RCMP officer reinforced some of these points. She distributed a short booklet from the Competition Bureau of Canada – The Little Black Book of SCAMS – that might be helpful. It’s an easy read and can be viewed online at https://www.competitionbureau.gc.ca/eic/site/cb-bc.nsf/eng/03074.html – It can also be ordered free-of-charge.

 

We scoff at the idea that someone would be gullible enough to fall for an obvious SCAM, but many people are not used to interacting with government agencies and when confronted with the CRA – the scariest of them all – anxiety gets the better of them. In the panic to satisfy a demand, they overlook some obvious flaws in the bogus approach. The most vulnerable are the ones that can least afford to be SCAMMED and at the risk of stereotyping, seniors, the disabled and young singles come to mind. It’s best to look around at your close circle of friends and family, to see who might be an easy target.

If you’d like more information about stress-free handling of suspicious Emails, please contact me or your Account Manager. We would be very happy to help.

 

Thanks!

Dave White 

TRINUS

stress-free IT

dwhite@trinustech.com

trinustech.com

/Partners /Systems /Certifications

TRINUS is proud to partner with industry leaders for both hardware and software who reflect our values of reliability, professionalism and client-focused service.

View more partners