| PHISHCA |
|---|
| Cybercriminals routinely target Canadians with phishing lures -- often via text messages (also known as "smishing") -- impersonating financial institutions, government entities, telecommunications and other companies. Their goal is to steal banking or credit card data as well as other personal identification information in order to perpetrate fraud or sell this data to other fraudsters. PHISHCA identifies and analyzes phishing threats targeting Canadians. |
|
|
| BLOG |
|---|
|
Fraudsters Go Local: 407 ETR Phishing |
|
Jan 28, 2024 phish sms 407etr
|
|
More RBC Phishing |
|
Jan 19, 2024 phish sms rbc
The frausdters claim that the recipient's account is "on hold" and that action is required. |
|
Fraudsters Go Local: Toronto Parking Violations |
|
Jan 15, 2024 phish sms toronto
The domain contains the keywords "parking", "toronto" and "infraction" in order to appear legitimate. |
In late January, we received some phishing SMS texts spoofing the Ontario toll highway 407 ETR. The domains are similar to the real 407 ETR domain and the encourage the recipients to settle a small outstanding balance.
Yesterday, we received another SMS purporting to be from RBC Royalbank. The text is identical to the one we received a few days ago, but with a new domain: debitholdrbc[.]com.
We received an phishing SMS spoofing the City of Toronto. The message indicated that the recipient was issued a parking ticket that needed to be paid. The message threatened the recipient with the "revocation of your driving privileges" in an effort to generate a sense of urgency and trick the recipients into handing over their payment card details to the frausters.| Phish URL | Date | |
|---|---|---|
|
https://407web-etr.com/ | 2024-01-29 |
|
https://support-407etr.com/ | 2024-01-31 |
|
https://debitholdrbc.com/ | 2024-01-19 |
|
https://parkingtoronto-infraction.com/ | 2024-01-15 |