Scammers are making their fraudulent messages more difficult to spot these days. One of our own staff members recently received an email that looked convincingly like a legitimate email from the Canada Revenue Agency (CRA). Here is how we spotted the warning signs.

Scam1(click to enlarge)

This email above looks pretty legitimate except we all know CRA does not e-INTERAC any money to accounts. When clicked, the hyperlink took us to a fake webpage that closely mimics CRA.

Scam2(click to enlarge)

The first warning flag is the webpage address…

Scam3 <- fake

Keep the following points in mind:

  • All CRA webpages has the Canadian maple as the logo.
    • The core body of the address should always begin with “”
      • Webpages that collect sensitive data are usually encrypted, and the webpage address for those pages will start with “https” instead of “http”, with the “s” denoting that it is a secured web page. These pages will usually also display a “padlock” logo to further confirm the page security. The above example does not satisfy both of these safeguards.

      • Scam4 <- example of an encrypted webpage

        Scam5<- real CRA webpage address

        So if you are receiving emails from CRA regarding an e-transfer of funds or asking you to enter your personal or banking information, be aware that these are SCAMs.

        More examples of common scams can be found at CRA’s website

        If you are ever in doubt, please contact one of our Trusted Accountants to verify the legitimacy of the CRA communication you have received.

        This post has been prepared for general information purposes. It is not advice. The information presented may not fit your unique situation, please consult one of our trusted business advisors at RHN CPA for further clarification and interpretation of your circumstances.