Canadian businesses owners, senior executives and employees regularly get approached by fraudsters via phone and email which has resulted in significant monetary losses as well as lots of headaches for the business operators! Beware of unsolicited emails from individuals, financial institutions or even the CRA presenting an urgent situation requiring immediate attention.
There are scammers posing as CRA employees who call and intimidate people into providing personal information or pay a fabricated balance of tax owing usually by credit card. In order to protect yourself from those scams, be aware and alert that CRA NEVER:
- Asks for information about your passport, health card or driver’s license
- Requests prepaid credit cards
- Sends text messages requiring an action to be taken
- Leaves personal information on an answering machine or asks you to leave your personal information on an answering machine
- Emails requesting any direct action. If you signed up for the CRA online mail service, a notice may be sent to your email address but it will only advise that you have an update to view in “My Account”
When you receive suspicious contacts from anyone claiming to be the CRA, please call CRA at 1-800-959-8281 or contact us first for verification.
For additional details on protection against fraud and sample scams, please visit CRA web page: CLICK HERE
“CEO Fraud” is a scam revolving around phishing attacks that rely on e-mail messages posing as urgent communications from senior officers to lower level employees. The messages demand that the employees wire funds to a destination account provided in the message.
The attacks rely on the similarities of the domains and often extensive knowledge of key players within the company, creating e-mails that are highly convincing to recipients.
The FBI estimates that the amount lost to “CEO Fraud” between October 2013 and August 2015 was over 1.2 billion principally because when the CEO or CFO tells you to do something, you do it.
“Emails sent to lower level employees from executives were brief and urgent (limiting the likelihood that the phishers would trip up on language). The message also demanded updates on the progress of the transfer, making the request seem more authentic.
A sample e-mail reads simply “Process a wire of (amount) to the attached account information.” It includes a presumed email thread with another executive regarding the transfer.
Please circulate this post among the appropriate members of your team. The scam can be thwarted if the person to whom the message is sent reaches out immediately by phone or email directly to the CEO or CFO for confirmation.
If you’re unsure whether you may be a victim of the CRA or CEO scam and you’re a client of Michael Koff & Associates, please contact Erin Feng at email@example.com or +1 (905) 731 8977 to double-check.