According to Canadian fraud statistics, 71,062 frauds and scams were reported in 2020 with over $106 million lost.1 These activities, whether online or offline, are constantly evolving and con artists around the world are working hard to target you when you least expect it.
Below is a list of the most common internet scams and what you can do to safeguard your personal information and wallet.
Phishing
Phishing involves the use of phone calls, emails, texts, or social media to convince you to respond to or click on a malicious link that appears legitimate. Every day phishing emails trick about 80,000 victims into clicking a link to a baited website.2 These websites are designed to steal your personal and financial details and can result in identity theft, financial loss, and credit card fraud. It’s critical that you stay aware and diligent to prevent these risks, as phishing emails may appear to be from a trusted email address or organization.
Here are a few things to look for when checking to see if an email is authentic.
Check the email address:
- Most email clients (e.g. Outlook, Gmail, etc.) show only the sender's name – the actual email address is hidden.
- Try clicking/tapping on the sender's name to see the full email address. The domain part of the email address (what is after the @ symbol) should match the organization.
Check links before you click on them:
- Most email clients and browsers show the real link (webpage address) in a status bar when you hover your mouse over the link.
- Most mobile email clients and browsers show the actual link if you press and hold the link.
If you are still not sure, verify the request using another medium:
- Contact the company using a phone number or website you know is real.
- Do not use the information in the email and do not click on any of the attachments and/or links in the email as these can install harmful malware.
Here are a few things to keep in mind to reduce your risk with phishing:
- Never reply to or click on links in emails or pop-ups that ask for personal or financial information.
- Install and maintain updated anti-virus software.
- If you think you received a phishing email in your Langara email inbox, use the Phish Alert Button to report it to Langara IT immediately.
For additional tips on how to recognize phishing, visit the Canadian Centre for Cyber Security.
If you think you have been the victim of a phishing attempt:
- Change passwords for services that were open at that time or that use same/similar passwords.
- If you shared banking/credit card information notify the bank/credit card company immediately.
- If you shared your Langara username/password, immediately notify IT.
Scams
Online scams include promises of rewards, offers of unrealistic amounts of money, or sound “too good to be true.” When clicked on, these ads can cause malware – specifically designed software that disrupts, damages, or gains unauthorized access to a computer system – to interfere and compromise information.
It’s safe to assume that if anyone is asking for your bank or personal information, you’re being scammed. You should never give out personal information to anyone on the internet who contacts you directly. If you must make a financial transaction online, make sure you’re doing so on a secure server and through a reputable site.
The below list highlights several of the most common scams. However, for a more detailed list of scams affecting individuals, please visit the Canadian Anti-Fraud Centre.
Description: A scammer claims to be from a legitimate organization and indicates you are in severe trouble.
Desired Outcome: The scammer will convince you to pay a fee via gift card, crypto-currency, money transfer service, or to collect your personal information.
Signs: The scammer will lead you to believe there will be dire consequences if you do not act quickly.
How to protect yourself:
-
Stay calm, do not make hasty decisions, and do not share any personal information.
-
For emails, get the actual email address vs. what is shown in the "From:" field and hover over links to get the actual URL. See Phishing for more information.
-
For phone calls, do not rely on Call Display (Caller ID). Ask the caller to spell out their full name, their organization's full name, and their direct phone number.
-
Google the information collected to see if this appears legitimate.
-
Ask someone you know and trust for advice.
Description: A scammer offers you a great deal on a product or service that you are interested in.
Desired Outcome: The scammer is targeting your credit or debit card information.
Signs: The bigger the discount, the more likely it is to be fake.
How to protect yourself:
-
Never give your credit/debit card information over the phone unless you call a verified number for a legitimate business.
-
Never enter your credit/debit card information on a website unless you have verified the website is a legitimate business.
-
Complete Google searches for the business name to verify the street address, website address, and/or phone number match exactly.
-
Check Google reviews for the business. If they have do not have any reviews or mostly negative ones, that is a bad sign.
-
Call Display (Caller ID) can be faked so never trust incoming callers.
Description: A scammer posts an ad or contacts you directly about a job.
Desired Outcome: The scammer is after your personal information and/or convincing you to pay for training, materials, and/or a recruiting fee.
Signs:
-
Receiving a job offer without an interview or only a phone interview.
-
Being hired quickly and sent employment forms to fill out.
-
Emails are sent from an address that does not match the company domain name (e.g. @langarajobs.ca instead of @langara.ca).
How to protect yourself:
-
For emails, get the actual email address vs. what is shown in the "From:" field and hover over links to get the actual URL. See Phishing for more information.
-
For phone calls, do not rely on Call Display (Caller ID). Ask the caller to spell out their full name, their organization's full name, and their direct phone number.
-
Google the information collected to see if this appears legitimate.
Description: A scammer posts a rental ad for a place that does not exist or does not belong to them.
Desired Outcome: A scammer is looking to obtain a rental deposit/advance from you.
Signs:
-
You cannot view the space in person.
-
The scammer tries to rush you to put down a deposit before a lease is signed.
-
The price is too good.
-
The ad has typos, poor grammar.
-
They do not ask you for references (tenant screening process).
-
The lease is incomplete or has blank spaces.
How to protect yourself:
-
Google the address and name of the person.
-
Meet the landlord in person, check their ID, and walkthrough the entire space.
-
If you are unable to go in person, arrange for someone you trust to visit the property in person.
-
Talk to others in the area to confirm who owns the property.
-
Conduct an online search of any photos of the rental or the address to see if it has been associated to scams in the past.
-
Ask to see previous utility bills for the address to confirm the person is indeed the landlord.
-
Ensure a proper rental agreement is provided and signed by both parties.
-
Consider paying with something other than cash or e-transfer, such as a personal cheque, a bank draft, or certified cheque.
If you believe you’ve been scammed:
- Immediately change all of your passwords.
- Delete any malicious software you may have downloaded.
- Call your credit card company, if necessary.
Contact the Canadian Anti-Fraud Centre toll-free at 1-888-495-8501 to report the scam and get help with the next steps.
Identity Theft
Identity theft occurs when a criminal gains access to a user’s personal information to steal funds, access confidential information, or participate in tax or health insurance fraud.
By finding out user’s passwords through hacking, retrieving personal information from social media, or sending phishing emails they can open a phone or internet account in your name, use your name to plan a criminal activity, and even claim government benefits in your name.
For more information about identity theft and what to do if your identity has been compromised, visit this Government of Canada site.
Cyberstalking
This kind of cybercrime involves online harassment where the user is subjected to many online messages and emails. Typically, cyberstalkers use social media, websites, and search engines to intimidate a user and instill fear. Usually, the cyberstalker knows their victim and makes the person feel afraid or concerned for their safety.
If you believe a cyber incident is being committed, please visit the Canadian Centre for Cyber Security for more information.
How do I contact the IT Department?
Have additional questions not covered above, please contact us at Ask IT.