Beware of fake CRA email scams – update

June 23, 2017 RHN CPA No Comments

Scammers are making their fraudulent messages more difficult to spot these days. One of our own staff members recently received an email that looked convincingly like a legitimate email from the Canada Revenue Agency (CRA). Here is how we spotted the warning signs.

Scam1(click to enlarge)

Here is another example of an email scam:
(click to enlarge)

These emails above look pretty legitimate except we all know CRA does not e-INTERAC any money to accounts. When clicked, the hyperlink took us to a fake webpage that closely mimics CRA.

Scam2(click to enlarge)

The first warning flag is the webpage address…

Scam3 <- fake

Keep the following points in mind:

  • All CRA webpages has the Canadian maple as the logo.
    • The core body of the address should always begin with “www.cra-arc.gc.ca”
      • Webpages that collect sensitive data are usually encrypted, and the webpage address for those pages will start with “https” instead of “http”, with the “s” denoting that it is a secured web page. These pages will usually also display a “padlock” logo to further confirm the page security. The above example does not satisfy both of these safeguards.


      • Scam4 <- example of an encrypted webpage

        Scam5<- real CRA webpage address

        So if you are receiving emails from CRA regarding an e-transfer of funds or asking you to enter your personal or banking information, be aware that these are SCAMs.

        More examples of common scams can be found at CRA’s website http://www.cra-arc.gc.ca/scrty/frdprvntn/menu-eng.html.

        If you are ever in doubt, please contact one of our Trusted Accountants to verify the legitimacy of the CRA communication you have received.

        Video: Beware of scammers posing as CRA employees

Comments are closed.