You receive an email telling you that a well-known company is offering you a refund, a text message congratulating you on winning an important prize, or a message from your financial institution mentioning suspicious transactions on your account... How do you react? In this article, we offer various tools to help you stay vigilant and avoid becoming a victim of fraud or, in this case, phishing.

What is Phishing?

Phishing is a fraudulent operation that consists of impersonating a commercial site, a well-known company, or a financial institution. Fraudsters send emails or text messages in the name of the company, which encourage recipients to divulge their personal or banking information, such as their credit card number, by clicking on a hyperlink. This information is then used by the fraudsters to embezzle funds, or even steal the identity of their victims.

According to the Canadian Anti-Fraud Centre, just from fraud cases related to the COVID-19 pandemic, there were 26,230 victims and a loss of $7.75 million between March 2020 and September 2021¹.

There are certain signs that can raise the red flag for identifying fraudulent messages:

• They often contain several spelling or formatting errors. However, the messages are becoming more sophisticated and personalized, and the elements found in them sometimes resemble an official email.
• They may be written in a language other than the one you normally use when communicating with that institution or company.
• You will often be asked to click on a link or open an attachment, which may contain viruses or spyware.
• The link provided does not reflect the site of the official company or institution. Also, avoid using any phone number or email address provided or clicking on a hyperlink. You may want to do some research yourself online to see if the contact information is reliable.
• Finally, if an email offer seems too good to be true, it probably is!

The Different Types of Phishing

There are several types of phishing attempts. Among them, the "CEO scam", a "spear-phishing" type of fraud, is becoming more and more frequent. In this particular case, fraudsters impersonate an individual within an organization, often an executive, and use an email address that appears to be genuine to entice an employee to transfer large sums of money to a third party or share confidential banking information, for example. Other types of phishing attempts, often done by email or text message, are used to create a sense of urgency, to cast doubt in your mind, or to throw you off balance so you react quickly. For example, they may threaten to close your bank account or delay a package that is destined for you if you do not pay customs duties.

How to Protect Yourself

First and foremost, always be vigilant. This is the best way to avoid falling into the trap of responding too quickly to a message. Make sure it comes from a reliable source and avoid clicking on the hyperlinks provided or opening attachments. Also, protect your computer with the latest anti-virus, anti-spyware and anti-spam software.

Think you've received a fraudulent email or text message? Report it quickly to the Canadian Anti-Fraud Centre to help limit the number of victims. Also, don't hesitate to share the information with your friends and family so that they too can remain vigilant.

And remember: when in doubt, it's always better not to act!