The Canadian anti-fraud Centre is continuing to see reports of phishing text messages claiming to offer the Climate Action Incentive Benefit. The latest variation involves deceptive links leading to counterfeit provincial websites. Clicking on such links can pose a risk of device infection. Government benefits are not sent via text messages. If uncertain, verify the information by directly contacting the relevant agency through their official contact channels.
What is phishing?
Criminals use various tactics to trick individuals into divulging personal information or clicking on malicious links. These tactics could be email and website name spoofing, creating a false sense of urgency, enticing individuals with promises of refunds or monetary gains, presenting seemingly “harmless” requests to click on links, download attachments, or complete online forms, and providing instructions to scan QR codes.
For example, scammers use deceptive tactics by sending emails, texts, social media messages, or voice messages that appear to be from well-known institutions or companies, such as banks, online subscription services like Netflix or Amazon, businesses, or government agencies. Remain vigilant and exercise caution to avoid falling victim to these attempts at identity theft or financial fraud.
Another type of phishing scam involves messages urging you to click on links or download attachments, appearing as receipts, delivery notifications, or urgent notices. Clicking on these can infect your computer with viruses or malware, so exercise caution.
Phishing lures
Common phishing lures include:
- Cybercriminals and fraudsters exploit popular current events as lures to persuade victims to click on links or divulge personal information. Examples of themes used in phishing campaigns include Ukrainian relief efforts, cryptocurrency-themed lures, and more
- COVID-19 themed lures: Phishing campaigns falsely claim to offer COVID-19 test results, vaccine access, or access to fraudulent COVID-19-related benefit programs
- Government impersonation lures: Phishing campaigns exploit trusted government names, including Canadian Revenue Agency, RCMP, Canada Border Services, and various municipal, provincial, and federal entities, compelling victims to share information or click on links
Quick prevention tips
- Avoid clicking on links from unsolicited messages
- Refrain from downloading attachments from unsolicited messages
- Be vigilant for spelling mistakes in messages
- Do not solely trust a message based on the appearance of a legitimate-looking email address; fraudsters can spoof addresses
- Exercise caution with messages claiming to be from the Government of Canada or law enforcement agencies, as they never contact individuals to offer funds via email or e-transfer
Explore examples of phishing messages by clicking HERE.