Phishing is an illegal attempt to “fish” for and steal your private, sensitive information.

Identity Theft Phishing is basically an attempt to steal your identity. Under false pretenses, criminals trick you to disclose sensitive personal information, such as credit card numbers, account passwords, or social security or social insurance numbers. One of the most common phishing scams involves sending an email that fraudulently claims to be from a popular company (A bank, payment processor, Revenue Canada, IRS, etc). However, it can also be carried out in person, over the phone (social engineering), and via malicious pop-up windows and “spoof” or fake websites.

Phishing Methodology: 

  1. A criminal sends thousands, even millions, of emails to a variety of people, usually at random. These emails appear to be messages from a popular company. A common example contains a false story designed to lure you into clicking on a link, downloading and attachment or calling a phone number (419).
  2. The phishing email contains links or buttons that take you to a fraudulent website.
  3. The fraudulent website mimics the company referenced in the email, and aims to extract your sensitive personal information.

They trick you to believe that you are giving your information to a company you trust when, in fact, you’re giving it to a criminal gang.

If you believe you’ve received a phishing email, follow these steps:

  1. Do not click on any links or download any attachments within the suspicious email.
  2. Delete the suspicious email from your email account and empty your “Deleted Items” folder.
  3. Block the e-mail address that the phishing e-mail originated from in your e-mail client.
  4. Report the phishing e-mail to the organization that the criminals are trying to mimic immediately.