Phishing Email : CRA Applicant form return of $403.27 CAD
For the record, here's a recent Canada Revenue Agency (CRA) phishing email that is circulating and was caught by Junk or Spam filters, but maybe not for you.
What to do?
Report them and label them as Phishing Email not SPAM (in your online email system), see below.
Report them?
Report Phishing URLs at Google Plex now as well;
- If you have received this email, action now by clicking link below to reporting this to Google which will block this domain! The more the better.
https://www.google.com/safebrowsing/report_phish/?hl=en&url=parkshilton.in[1]
Here's the view of the email in your online mail client
Dear Rob.Hamilton@outlook.com, After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax refund of 403.27 CAD Please fill the secure tax return form and allow us 2-3 business days to process it Secure form : http://cra-arg.gc.ca/tax-return/123467890/applicant SPAM URL Points to href="http://parkshilton.in/felrvnj/index.php" [2]Tax Return Number: GB232UUSZ21 Recipient e-mail: Rob.Hamilton@outlook.com |
Here's what http://parkshilton.in/felrvnj/index.php page looks
and is hosted in USA but owned by;
This info is available for any site using a Whois lookup, https://www.godaddy.com/whois[3] has one
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | Domain ID:D5779724-AFIN Domain Name:PARKSHILTON.IN Created On:31-Jan-2012 10:59:24 UTC Last Updated On:02-Apr-2017 18:20:40 UTC Expiration Date:31-Jan-2018 10:59:24 UTC Sponsoring Registrar:Mitsu Inc (R158-AFIN) Status:CLIENT TRANSFER PROHIBITED Reason: Registrant ID:BS_10305232 Registrant Name:S P Mohanty Registrant Organization:SME Consulting Services Registrant Street1:Fort Registrant City:Mumbai Registrant State/Province:Maharashtra Registrant Postal Code:400001 Registrant Country:IN Registrant Phone:+22.9320565526 Registrant Email:smeconsulting@live.com Admin ID:BS_10305232 Admin Name:S P Mohanty Admin Organization:SME Consulting Services Admin Street1:Fort Admin City:Mumbai Admin State/Province:Maharashtra Admin Postal Code:400001 Admin Country:IN Admin Phone:+22.9320565526 Admin Email:smeconsulting@live.com Tech ID:BS_10305232 Tech Name:S P Mohanty Tech Organization:SME Consulting Services Tech Street1:Fort Tech City:Mumbai Tech State/Province:Maharashtra Tech Postal Code:400001 Tech Country:IN Tech Phone:+22.9320565526 Tech Email:smeconsulting@live.com Name Server:NS1.RHOSTJH.COM Name Server:NS2.RHOSTJH.COM |
CRA and CDN Anti-Fraud Centre ?
According to Canada Revenue Agency[4] (CRA), it's important to know that:
- The CRA never requests, by email, personal information of any kind from a taxpayer.
- The CRA will never request information from a taxpayer pertaining to a passport, health card, or driver's licence.
- The CRA will not divulge taxpayer information to another person unless formal authorization is provided by the taxpayer.
- The CRA will not leave any personal information on an answering machine.
More information about this scam is available on Canada Revenue Agency's website. If you've been a victim, report it to your local police and to the Canadian Anti-Fraud Centre. [5][6]
How to tell this is a Phishing email ?
- Convert the email view from HTML to text, check for bad URLs.
- Hover over all links in email, if it's not from the same as the text then forget it.
- The best way is to look at message source, see below.
How to examine Email Message Source ?
- Outlook.com->Actions->View Message Source.
- Gmail.com->More (down arrow to top right)->Show original.
Report Phishing Email (not as Spam)
- Outlook.com->Junk (at Top)->Phishing Scam
- Gmail.com->More (down-arrow to top right)->Report Phishing
Report phishing at Microsoft and government agencies
References
- ^ https://www.google.com/safebrowsing/report_phish/?hl=en&url=parkshilton.in (www.google.com)
- ^ http://cra-arg.gc.ca/tax-return/123467890/applicant (cra-arg.ca)
- ^ https://www.godaddy.com/whois (www.godaddy.com)
- ^ According to Canada Revenue Agency (www.cra-arc.gc.ca)
- ^ Canada Revenue Agency's website (www.cra-arc.gc.ca)
- ^ Canadian Anti-Fraud Centre (www.antifraudcentre-centreantifraude.ca)
- ^ https://www.microsoft.com/en-us/safety/online-privacy/phishing-symptoms.aspx (www.microsoft.com)