We use cookies on this site to enhance your experience.
By selecting “Accept” and continuing to use this website, you consent to the use of cookies.
With March comes Spring, warmer weather, and tax season! The process of filing a tax return can be stressful enough without considering the added potential for phishing and fraud. Here are some tips to ensure your hard-earned refund is kept safely out of the reach of scammers.
Phishing scams that occur over email or SMS text messages often imitate the Canada Revenue Agency (CRA)’s branding, email addresses, or phone numbers. These messages are sometimes directly tailored toward the recipient and include personal information like a name, date of birth, or even a (stolen) SIN to make their message appear more realistic.
These scams include:
Tax scams still contain all the warning signs of other phishing messages, so be vigilant of any sender that emphasizes urgency or threatens financial or legal consequences if you don’t act quickly. The CRA will not send you a direct link asking you to fill out a form or claim a refund. Treat these links with extreme caution and visit the CRA’s website directly instead of clicking on them. The CRA will also not disclose sensitive information like a SIN number via email, nor will they ask for you to pay a fee to speak to one of their agents.
When it comes to payments, the CRA does not accept Bitcoin, e-transfers, pre-paid credit cards, or gift cards (scammers might also refer to them as “Google payment cards” or “Apple payment cards” to deceive their victims). These payment methods are commonly used by scammers since they are hard to trace or refund once the scam is complete.
Even if you don't use a computer to file your tax return or communicate with the CRA, this doesn’t mean you'll automatically be safe from fraud attempts. Scammers are using technology like AI voice synthesis, caller ID “spoofing”, and stolen customer information to make their vishing (voice phishing) calls increasingly convincing and effective.
A scammer using vishing techniques over the phone may impersonate a CRA employee and ask for personal information like your SIN or attempt to gather financial details like credit card and banking info. Some automated calls (also known as “robocalls”) may instruct you to call back to a toll number, resulting in excessive phone bill charges.
Here's an example of a fraud call from the CRA’s website:
“The reason behind this call is to notify you that we have registered a criminal case against your name concerning a tax evasion and tax fraud in the federal court house. So if you want any further information about this case, please make sure you give us a call back as quick as possible to our direct hotline number to the Canada Revenue Agency Headquarters. That is 613-927-9919, I will please repeat the number, it is 613-927-9919. If we don’t receive a call from your side, please be prepared to face the legal consequences, as the issue of tax is extremely serious and time-sensitive. So have a blessed time.”
Email phishing should be reported to reportspam@wlu.ca, while SMS text messages can be reported to your mobile phone provider by forwarding to 7726 (SPAM) or using the spam-reporting features in iOS and Android.
If you receive a suspicious tax-related call, hang up and call the CRA back through their official toll-free number to verify whether the call is legitimate. Some mobile phones also support the ability to report calls to the cell provider as spam, which can help identify and prevent further calls involving other customers. Attempted fraud can also be reported to the Canadian Anti-Fraud Centre at 1-888-495-8501.
Staying informed is the best way to protect yourself against fraud. Learn more about scam prevention on the CRA's website.