Phishing 101

Oct 2, 2019 5 minute read

Phishing  101

Phishing scams are becoming an ever-growing concern for Canadians, especially as these scams get more sophisticated and harder to identify. In 2018, Canada ranked 7th in the world for having the most phishing attacks. Studies show that one out of every 4,308 emails received is a phishing scam, which doesn’t seem like much. However, over 269 billion emails are received each day, meaning that over 62 million of those are phishing scams. With that many phishing emails sent in a day, you are bound to encounter one at some point in time.

What exactly is a phishing scam?

Phishing is a type of cyber-attack that uses disguised emails to deceive people into sharing sensitive information, such as credit card numbers and passwords. This type of cybercrime is distinguished from others by the form that the actual message takes. The attackers imitate a trusted person, company or government department in order to appear more realistic and urgent.

Phishing scams generally fall into one of two categories depending on the ultimate purpose of the scam. The most common type, as mentioned above, is a scam that is intended to get a victim to share personal information. However, scams that try to get a victim to download and install malware and viruses also fall under the umbrella of phishing.

Once an attacker gets someone to fall for their scam, they have access to all the victim’s sensitive information. This information is generally used to steal identities, credit cards and banking information. Not only will having this kind of information stolen affect you financially, but it can also affect your personal life. It is estimated to take an individual over 300 hours to clean up the mess that this type of fraud causes.

What are some current phishing scams in Canada?

It‘s important to be aware of the current scams going around in your area. There are many resources online to find this information, such as your local police department and government websites. The following are currently some of the most popular phishing scams in Canada:

  • Emails stating they are from police officers contacting you to collect overdue taxes owed to the CRA or you will be arrested. Police officers do not engage in any type of tax collection and do not arrest anyone for overdue taxes.
  • Emails claiming to be from companies such as Microsoft, who ask for remote access to your computer to fix a certain problem. Microsoft and other similar companies do not call their customers for anything.
  • A representative from the bank cold emailing to verify financial information. This is only ever done in person.
  • A company reaching out who provides “easy credit” or “easy loans” and then proceeds to ask you to pay a fee in advance of receiving the funds. This is actually illegal in Ontario.

How can I protect myself from phishing scams?

1. Be cautious online

Almost everyone nowadays is able to access the internet and has their own email address. However, online activities bring tons of access points and opportunities for scammers. Here are some important practices to help keep you safe while online.

  • Do not open emails from senders that you’re not familiar with. Even if a sender looks familiar, double check the email address to make sure it is spelled correctly.
  • Never click on a link inside an email unless you are positive of where it is going. Instead, navigate to the provided link by manually entering it into your browser.
  • Do not reply to any emails with your personal and confidential information, or post said information on any social media platforms.
  • Install a firewall or anti-spyware software to help regulate and filter out the spam from the legitimate emails.
  • Take extra care when opening or saving any documents/attachments from emails.

2. Educate yourself on the warning signs

It’s important for you to not only be aware of how to protect yourself from getting scammed, but also how to identify a potential phishing scam. One thing to note is that many phishing scams are actually formulated the same way, and use similar tactics. Remember to use your judgement and intuition when receiving emails that include any of the following:

  • An opening salutation that is not addressed directly to you. Many phishing scams open with phrases such as “dear valued customer”. This is because the attacker is unaware of your actual name.
  • A message saying you must confirm any sort of personal information, whether that be payment details or passwords.
  • An offer for a coupon, discount or free stuff, especially if it directs you to a website or asks for your information.
  • A link or attachment that looks suspicious, is spelled incorrectly or is embedded into the actual email message.

3. Consider getting Identify Theft insurance

Even if you follow all of the tips and steps discussed above, there is still a chance that you may fall victim to a phishing scam. After all, they are very common and sometimes harder to identify than you would think. That’s why investing in identify theft insurance can be a smart choice to help restore your identity quickly and effectively following an attack.

Whether you’ve lost wages, had your government identification stolen, or you’ve had to shell out money for notary and filing fees, ID theft insurance can cover you for up to $25,000.

This is a very affordable way for you to get a greater piece of mind, as premiums for identity theft coverage can cost as little as $20 a month.

Plus, if you already have a property insurance policy, most brokers can simply add identity theft coverage onto your existing policies for a small fee. This could save you quite a bit of money.

Identity theft insurance policies include coverage for any of the following:

  • Lost wages (as a result of money spent by others or because of an absence from employment)
  • Family coverage as a result of lost wages
  • Lawyer’s fees
  • Daycare and Eldercare expenses
  • Loan, grant and other credit instrument reapplication fees
  • Notary and filing fees
  • New government-issued ID
  • Cost of obtaining credit bureau reports
  • Credit monitoring costs

Is identity theft insurance necessary?

While it may not be a mandatory requirement in Canada for you to have this kind of coverage, it is highly recommended! Although there are laws in place that protect you from the repercussions of identity theft and phishing scams, you ultimately may end up paying a lot of money out of pocket. Investing in identify theft insurance will help ensure you don’t get stuck with any fees.

Another reason why having identity theft insurance is recommended is because the process of investigating fraud can take a long time, sometimes even up to a year. Victims can end up suffering dings to their credit score and may find it hard to obtain credit during this time. Identity theft insurance can help eliminate those risks.

Lastly, having an ID theft policy will help to not only fix any current identity theft issues, but with preventing them as well. This coverage usually comes with additional monitoring services. Your account and credit will constantly be monitored for red flags, so you can be alerted of any unusual activity.

Protect yourself with Identity Theft Insurance

Phishing scams are so prevalent and frequent in today’s society that you are bound to come into contact with one sooner or later. Protect yourself and your identity by investing in identity theft insurance.

Have more questions about our identity theft coverage? Get in touch with one of our licensed insurance professionals 7 days a week.