**** Anti-Fraud Centre Release
Spear phishing is one of the most common and most dangerous attack methods currently used to conduct fraud, usually on businesses and organizations. Fraudsters take their time to collect information on their intended targets, so they can send convincing emails seemingly from a trusted source.
- unsolicited emails
- direct contact from a senior official you are not normally in contact with
- requests for absolute confidentiality
- pressure or a sense of urgency
- unusual requests that do not follow internal procedures
- threats or unusual promises of reward
Spear phishing scams involve scammers pretending to be from legitimate sources to convince businesses or individuals to send them money. These scams leverage existing relationships between the person receiving the email and the person sending it. The sender’s address appears to be the actual email address of the source they’re pretending to be, a tactic known as spoofing. Many variations have been reported to us.
Business executive spoofs
Gift card variation
When targeting a business, a scammer sends an employee an email that appears to come from the owner, the president or another high-ranking employee. The email claims the boss is working offsite and needs help to buy gift cards for employee rewards or birthday gifts.
When targeting an individual, a scammer sends an email from a compromised and/or spoofed email account that appears to come from a known contact, such as a family member or friend. The email claims that the sender needs assistance to buy gift cards for birthday gifts or something else.
Wire transfer variation
In this variation, the email directs the employee to send an urgent, large wire transfer (e.g., more than $100,000) to a foreign account.
Financial industry client spoof
A scammer targets financial institutions, investment brokers and financial dealers with a spoofed email that appears to come from an existing client. The email directs the business to do an urgent wire transfer, usually to a foreign account.
Head office spoof
A scammer calls a franchise business and claims be from the head office. They tell the employee who answers the phone that there are problems with one of the financial products offered, such as gift cards or money transfer services. They ask the employee to select some prepaid cards, activate them, and provide them to the scammer. The scammer may also ask them to conduct a series of money transfers.
A scammer sends an email that appears to come from an existing employee. They request a change to the employee’s direct deposit information. This tricks the company into depositing the employee’s paycheque into a fraudulent account.
A scammer targets businesses that have an existing relationship with a supplier, wholesaler or contractors. They send a spoofed email informing the business of a change in payment details. The email provides new banking information. It requests that the business make future payments to this “new” account.
Report fraud and cybercrime
Please be advised there are ongoing technical issues and you may experience difficulties reporting online or reaching the CAFC by phone. We are currently working to resolve the issue and apologize for this inconvenience.
Scams and cybercrimes can touch anyone, anywhere, at any time.
If you or a family member have been affected, report it to us — even if you didn’t lose any money.
If you or a family member did lose money, please contact your local police as well.
Reporting to the Canadian Anti-Fraud Centre
Online – Reporting System
The National Cybercrime Coordination Unit (NC3) and the Canadian Anti-Fraud Centre are working on implementing a new cybercrime and fraud reporting system for Canadians and businesses. By reporting to the CAFC you may be asked to report through the new version, helping the RCMP build a new reporting system for Canadians.
You can log into the Reporting System tool using either:
- GC Key (user ID/password)
- Government Sign-In by Verified.Me
Tips for reporting online
The system will log you out if there is no activity for 20 consecutive minutes. If this happens, you won’t be able to complete your report. You’ll need to start over or call our toll-free line to report (1-888-495-8501).
Toll free: 1-888-495-8501
We answer calls Monday to Friday, from 9 am to 4:45 pm (Eastern time) and close on holidays.
The National Cybercrime Coordination Unit (NC3) are working on implementing a new cybercrime and fraud reporting system for Canadians and businesses in partnership with the CAFC. By reporting to the CAFC you may be asked to report through the new version helping the RCMP build a new reporting system for Canadians.