PHISHCA

PHISHCA
Cybercriminals routinely target Canadians with phishing lures -- often via text messages (also known as "smishing") -- impersonating financial institutions, government entities, telecommunications and other companies. Their goal is to steal banking or credit card data as well as other personal identification information in order to perpetrate fraud or sell this data to other fraudsters. PHISHCA identifies and analyzes phishing threats targeting Canadians.
Victim of fraud? Report it to the Canadian Anti-fraud Centre!

Cybercriminals routinely target Canadians with phishing lures -- often via text messages (also known as "smishing") -- impersonating financial institutions, government entities, telecommunications and other companies. Their goal is to steal banking or credit card data as well as other personal identification information in order to perpetrate fraud or sell this data to other fraudsters.

PHISHCA identifies and analyzes phishing threats targeting Canadians.

Victim of fraud? Report it to the Canadian Anti-fraud Centre!

BLOG
Phishing Campaign Spoofing WealthSimple
Dec 12, 2024 phish sms wealthsimple There is an ongoing phishing campaign spoofing WealthSimple, a Canadian online investment company. We received a fraudulent SMS message purporting to be from WealthSimple stating that there had been a security incident regarding our account and that we needed to visit a website to secure our account. The website verifymyweaithsimpie[.]com contains the letter "i" where there should be an "l" which makes it look like the proper spelling of "wealthsimple" but it is in fact a phishing website. Visiting the site displays a fake login page. Any user credentials entered into the fake website will be stolen by the attackers. WealthSimple has tips on avoiding these types of scams here. read more
Carbon Rebate Lure used in Phishing Campaign
Oct 11, 2024 phish sms interac Carbon Rebate Lure used in Phishing Campaign We received a fraudulent SMS message purporting to be an INTERAC transfer related to the Canada Carbon Rebate. The domain contains the term "securedeposit" but ends in the notorious domain suffix ".cdf" which should help users determine that this is a scam. CRA has some resources available to help identify these types of messages. read more
Continued Phishing Operations Impersonating Canada Post
Aug 28, 2024 phish sms canadapost Canada Post is an ongoing target for phishing operations. In this case, the SMS message states that the recipient's package is being held. The domain used contains the text "canadapost" in order to appear legitimate. The URL in the SMS is not hyperlinked by default, so the message encourages recipients to respond with a "Y" in order to make the link clickable. Clicking the link takes the visitor to a fake website where they are prompted to enter their information. Canada Post has some resources available to help identify these types of messages. read more

Phish URL	Date	Info
https://verifymyweaithsimpie.com/app/index	2024-12-09	Details
https://securedeposit.cfd/	2024-10-11	Details
https://canadapost-postewcanada.top/c/ca/	2024-08-28	Details