PHISHCA |
---|
Cybercriminals routinely target Canadians with phishing lures -- often via text messages (also known as "smishing") -- impersonating financial institutions, government entities, telecommunications and other companies. Their goal is to steal banking or credit card data as well as other personal identification information in order to perpetrate fraud or sell this data to other fraudsters. PHISHCA identifies and analyzes phishing threats targeting Canadians. |
|
|
BLOG |
---|
Parking Ticket Campaign Spoofing The Government of Ontario |
Dec 27, 2024 phish sms ontario parking
IOCs helpticket-park[.]com 154.216.17[.]149 |
Phishing Campaign Spoofing WealthSimple |
Dec 12, 2024 phish sms wealthsimple
The website verifymyweaithsimpie[.]com contains the letter "i" where there should be an "l" which makes it look like the proper spelling of "wealthsimple" but it is in fact a phishing website. Visiting the site displays a fake login page. Any user credentials entered into the fake website will be stolen by the attackers. WealthSimple has tips on avoiding these types of scams here. IOCs verifymyweaithsimpie[.]com |
Carbon Rebate Lure used in Phishing Campaign |
Oct 11, 2024 phish sms interac
We received a fraudulent SMS message purporting to be an INTERAC transfer related to the Canada Carbon Rebate. The domain contains the term "securedeposit" but ends in the notorious domain suffix ".cdf" which should help users determine that this is a scam. CRA has some resources available to help identify these types of messages. IOCs securedeposit[.]cfd |
Phish URL | Date | |
---|---|---|
![]() |
http://helpticket-park.com/OJfy5qLu/go/start.php | 2024-12-27 |
![]() |
https://verifymyweaithsimpie.com/app/index | 2024-12-09 |
![]() |
https://securedeposit.cfd/ | 2024-10-11 |