This afternoon, a rather official-looking email popped into my inbox, emblazoned with the subject line "YOUR 2013 TAX REFUND IS READY!".
The body of the email featured a fairly authentic Canada Revenue Agency Logo and its site's correct URL. But something still seemed amiss. First off, I haven't filed my 2013 taxes yet. Second, the CRA doesn't strike me as the type to use excessive exclamation points in their official correspondence. And upon closer examination, that maple leaf is looking a tad wilted.
A bigger red flag - the email directed me to "follow the link below to login to our secure Epass site with your Social Insurance Number...". Yeah... I don't think so.
It's a rule of thumb that you should NEVER provide information to external sources you have not contacted yourself (same rule goes for phones - if they called you, don't hand out your info). Even the promise of a whole 655.44$ (note the placement of the dollar sign) won't be enough to make me click that link.
A quick Google search proved my suspicions right - The Canadian Revenue agency has their own page warning unsuspecting taxpayers of these imposter emails. A few pointers to keep in mind:
As tax season kicks into full swing, it's important for consumers to stay vigilant and keep an eye out for such phishing attempts. Remember, these attacks are becoming progressively sophisticated, and the use of an official logo is never enough to indicate whether an email comes from a trusted source.
Happy tax season!