| PHISHCA |
|---|
| Cybercriminals routinely target Canadians with phishing lures -- often via text messages (also known as "smishing") -- impersonating financial institutions, government entities, telecommunications and other companies. Their goal is to steal banking or credit card data as well as other personal identification information in order to perpetrate fraud or sell this data to other fraudsters. PHISHCA identifies and analyzes phishing threats targeting Canadians. |
|
| BLOG |
|---|
|
RBC / Apple Pay Phish |
|
Apr 03, 2024 phish sms rbc apple
We recently received an RBC / Apple Pay phish that directed recipients to a spoofed RBC login page. The SMS suggested that Apple Pay had been added to "Andrew's IPhone" and encouraged recipients to click the phishing link if this information was incorrect. The subdomain of the domain data-en[.]fr contains "rbc-online-banking" in an attempt to appear legitimate. |
|
Netflix SMS Phishing Campaign |
|
Mar 04, 2024 phish sms netflix
|
|
USPS SMS Phishing Campaign In Canada |
|
Feb 28, 2024 phish sms usps
This may also allow the threat actors to know that the receiving phone number is valid, so that they can continue to send messages to that recipient.
|
USPS delivers to Canada, so fraudsters are conducting SMS phishing campaigns against Canadians. We spotted this campaign spoofing USPS which informs the recipient that a package cannot be delivered. It also includes instructions that cause the link in the text to become clickable. Responding with a "Y" causes the link to become hyperlinked, and the user can click the link rather than try and copy 'n paste the link into their browser.
