Online Scams To Avoid
You can download (and share) a printable copy of these notes below…
(click on the underlined down-arrow icon in the upper-right below to download)
PDF file
Online Scams To Avoid - updated June 21 2024.pdf
13.9 MB
1) If a message appears on the screen of your phone, tablet, or computer advising that your device is infected or is about to crash, and urging you to call the phone number on the screen, it's a scam.
Here are two screenshots of what these scams might look like on a Windows PC…
Here's a screenshot of what one of these scams could look like on a Mac…
And here's a screenshot of what one of these scams might look like on an iPad…
If this appears on the screen, it got there because you clicked on a button or link which took you to what's called a Browser Hijack — a website which has been crafted just to try to trick you.
Your device is NOT infected. It's just a scam.
If you call the number, it'll connect you to a call-centre (often in India) where a scammer will pose as someone from Apple or Microsoft or Samsung or Google, and will offer to fix the problem, either for a hefty fee — they'll want your credit card info — or they'll try to pursuade you to give them banking info.
NEVER call the number, and NEVER click on the button or link. Just restart your phone, tablet, or computer and it should go away.
2) Watch out for a new round of scam Microsoft "we're discontinuing your email version and you must upgrade" emails
The scam emails (see the screenshot) are being sent from email addresses @allmail.net, which is a private budget email provider based in Missouri, and claim that to avoid disruption to your email service, you must upgrade immediately to a new version…
If you were to mouse over the "click here" link on the actual email (or hold your fimnger on it on a touchscreen device), you'd get a pop-up showing that clicking on the link would take you to a fake outlook.com log-in page hosted on Google Docs (which is Microsoft's arch-competitor).
If you were to type in your email address and password, the hackers would immediately gain access to your emails and could start forwarding them to themselves, and then trigger password reset emails from your banking and other accounts, to steal your money and your identity.
NEVER click on links in emails like this!
3) Watch out for fake Shaw "closing old Mailbox versions" emails
The emails — which are coming from a @talktalk.net address (that's in Britain)… look like this screenshot which was shared by astute Tech Talk listener Vicki…
In the actual email, if you were to mouse over the "Check For Update" link they want you to click on (or hold your finger on it on a phone or tablet), you'd get a pop-up revealing that that link would take you to Linki.ee/shawweb — which is a fake Shaw webmail log-in page (hosted in China) that looks like this…
Notice that they deliberately misspelled "password" using two v's to try to evade scam filters!
If you type in your @shaw.ca email address and password, the hackers in China will immediately gain access to you email account, and will start forwarding a copy of all your incoming messages to themselves. They'll then trigger password reset emails for any financial and other accounts they can find and then lock you out of your own accounts and start stealing your money and identity.
NEVER click on links in emails like this!
4) Watch out for fake Canada Post "undelivered package" texts
The texts (screenshot on far left below) advise that a package could not be delivered because of an incomplete address. They give you a link, which, if tapped, takes you to a fake Canada Post web-page (hosted in Spain, screenshot in middle below) where they ask you for correct delivery info. If you give them that, they send you to a page ((screenshot on right, below) requesting payment of a "redelivery fee" of just $1.03.
If you give them your credit card info, within minutes, the scammers will be making purchases on your card, and before long, your card will be maxed-out or locked, and your bank will have to cancel it and issue you a new one.
NEVER respond to texts like this! Among the clues that it's a scam are the fact that these texts will never be addressed to you by name, and they'll never say what the package is or who it's from. If you're expecting a package, use the tracking number supplied by the online merchant to see where your package is.
5) Watch out for a new round of fake Service Canada Tax Credit texts
The texts, which look like the screenshot shared by Charles, are being sent from @gmail.com email addresses — not from phone numbers.
They include a link (this one is Revtxn24.com, which has since been shut down), and it takes you to a (fake) CRA "Deposit Your Money" page, at https://txgvcdn24.info (which has also since been shut down) as shown in the screenshots.
It asks you to click on the icon for your bank or credit union, and then it takes you to a (fake but very real-looking) log-in page for that bank or credit union…
If you type in your Client Card or username and password, you'll be giving overseas scammers direct access to your bank account! NEVER click on links in texts or emails like this!
6) Watch out for scam Canada Revenue Agency "refund" texts
Every tax season, scammers send us texts claiming to be from the CRA, urging you to claim your refund.
A screenshot of one of these text is shown here, and unlike a lot of previous ones, this one actually looks pretty good!
But if you look closely, you'll see that it's not from the CRA, but from a gmail.com address, and, the link they want you to click on, 2024taxs.com is also not the Canada Revenue Agency.
That link takes you to a fake Interac website with logos for all the major Canadian banks and credit unions, urging you to click on yours…
If you do, it takes you to a real-looking log-in page for your bank or credit union (but with the wrong address at the top). They're hoping you'll give them your log-in info so they can start stealing your money. NEVER click on links in texts or emails like this! The CRA will NEVER text you, and if they email you, the email will NEVER contain a link for you to click on.
7) If you get a call from someone claiming to be from Bell, Telus, or Rogers, offering you a much cheaper phone plan, it's likely a scam
The caller will know your phone number and what carrier you're with now, and will offer to give you more data and for less money than you're paying now.
In my case, Simon, who claimed to be from Bell, offered me unlimited worldwide calling and phoning and 20GB of international data for just $30 a month if I would switch to Bell from Freedom Mobile. When I asked him to confirm that in writing, he texted me the message screenshotted here.
One of the clues — besides the poor sentence structure — is that Bell does not currently offer a plan that includes international data roaming! Another clue is that the phone number which sent the text is not a Bell number, it's unassigned.
If you agree, the caller will ask for your email address to send you the new agreement, and your mailing address where they can courier your new SIM card, and then they'll advise that you'll get a text from your current carrier asking you to confirm that you're switching carriers, and if so, to reply with YES.
If you do that, you'll have just given the scammers permission to take over your phone number!
Within minutes, your phone will show "No Service", and all calls and texts to what was your phone number, will then be routed to the scammers, and your now-former carrier will be powerless to reverse the process. The scammers will then use your email address to trigger password reset text-codes for your bank, email accounts, and other accounts, so they can steal your money and your identity.
NEVER reply "YES" to a text from your carrier asking if you are changing carriers, unless you're doing that either in-person with a new carrier at their store or kiosk, or if YOU initiated a carrier change by going online to the website of a budget carrier that has no kiosks.
8) Watch out for scam emails claiming your iCloud subscription payment has failed and you're about to lose files
The email, which I've screenshotted here, contains lots of red and exclamation marks, and warns that because your payment method has expired, you may lose all your stored photos and videos.
The sentence structue is not great, and sometimes iCloud is spelled with a capital "C" and sometimes not. They also misspelled "regards" at the bottom.
If you click on the "Update my payment details" bar at the bottom of the actual email, it takes you to a fake iCloud log-in page hosted at druckshopwelver.de in Germany.
The scammers are hoping for two things: one, that you'll give them your Apple ID email and password, and two, even if you give them wrong info, you'll be taken to a payment webpage where you'll be offered a hefty iCloud renewal discount — provided you give them your credit card info.
If you do, they'll immediately begin racking-up fake charges on your card.
NEVER click on links in emails like this. If your Apple account payment method actually has expired, you'll get a red (1) on the Settings app, and a pop-up which takes you to the Payment page within the Settings, where you can provide your new card #. You can check your payment method status at any time by going to Settings, (your name), Payment & Shipping, and confirm your identity with Face ID, Touch ID, or you Apple ID password.
9) Avoid paying by cheque if you can, because cheques are no longer as secure as they used to be, due to electronic banking
Many people grew up using cheques and still use them to pay bills, but times have changed, and gaps in mobile banking have made the use of cheques vulnerable for various types of fraud, including people being able to electronically deposit a cheque more than once…
CBC
RBC customer's cheque was cashed twice. He says his bank shouldn't have let it happen | CBC News
With the vast majority of paper cheques now deposited via mobile app, a security expert says it’s cheaper for banks to reimburse clients than change the deposit system.
If you remain unconvinced that cheques are not as safe to use as they used to be, the next time you give someone a cheque, make it payable to "Mickey Mouse", and when they electronically deposit it to their account, it'll go right through. Banks stopped automatically checking for the payee name on cheques years ago.
Cheques have lots of anti-counterfeiting technology embedded in them, but when they're scanned for deposit on a banking app, because of the resolution used, the banking app usually won't spot a cheque which has been altered. Here's an example which I created to show a client — a retired bank security officer — using my 2023 Peninsula Co-Op Rebate cheque. Note the altered payee name and amount…
I electronically deposited the real one. But, if I'd deposited the second one, it would've cleared. And even if someone later noticed, by then, I could've withdrawn the money and closed the account.
This is why we recommend you use a banking app instead of using cheques, and from now on, pay — or get paid — by Interac eTransfer. Also, get auto-deposit turned-on so incoming eTransfers can't be intercepted. If your bank or credit union doesn't yet support auto-deposit, get eTransfers sent to your mobile number and not your email, as text messages are much harder to intercept.
11) A new scam offers to check to see if your credit card info is in hacker databases
The clever scam appears as a pop-up like this screenshot, which says you can find out if your credit card info has been leaked online by entering your card info and having them scan "thousands of hacker databases" to see if there's a match…
If you type in your card info, you're actually giving that info to scammers!
NEVER interact with pop-ups like this.
Note the name of the scam program in the top-left of the pop-up…say it out loud if you don't get it.
12) Two ways to stop scam pop-ups on your computer like the one above: use Malwarebytes free "Browser Guard", and, stop your web-browser from showing you website Notifications
Some malicious pop-ups are the result of "drive-by downloads" — code which is secretly downloaded into your computer — sometimes with a time-delay before they appear — when you visit an infected website.
You can stop those by using a pop-up blocker. We've tried a bunch of them, and the best one we've found is the free "Browser Guard" from Malwarebytes, which also blocks ads on websites.
It's a free Extension which you add to your web-browser, and it's available for both Windows and Mac computers, for Microsoft Edge, Chrome, Safari, and Firefox web-browsers…
Malwarebytes
Malwarebytes Browser Guard 2023 - Blocks ads, scams, and trackers
Malwarebytes Browser Guard 2023 helps speed up your web browsing experience by blocking ads, scams, and trackers. Download free for Chrome and Firefox.
The other way scam pop-ups appear is through you web-browser's Notification service, which some websites have "rented out" to ad companies, and which scammers have co-opted.
On a Windows PC, these scam pop-ups usually appear in the lower-right of your screen, where real Notifications appear (top-right on a Mac), and usually copy the appearance of well-known anti-virus programs like Norton, MacAfee and even Malwarebytes, "warning" you that your computer is infected and urging you to take action. Here are screenshots of three of them…
To get rid of one of these, DO NOT TOUCH IT — instead, just restart your computer.
To stop them from coming back, go into the Settings of your web-browser and turn off Notifications.
On Microsoft Edge, click on the … in the top-right, click on Settings, and on the left, click on Cookies and Site Permissions. Scroll down and click on Notifications and toggle off "Ask before sending"…
On Google Chrome, click on the … in the top-right, click on Settings, scroll down the Settings page and select Site Settings. In the Permissions section, click Notifications and then toggle off the Sites can ask to send notifications option at the top of the page.
On Apple's Safari browser, click on the Apple logo in the top-left and click on Safari Preferences. Click on the Websites tab and then scroll down to Notifications. Now, uncheck the Allow websites to ask box highlighted in yellow...
13) Watch out for scam Google "you've won" pop-ups
The smartphone and computer pop-ups look like this screenshot, and claim that you've been selected as part of Google's Reward Program (there is no such thing) to win a variety of valuable tech prizes including a Samsung Galaxy S23 or iPhone 15 Pro…
One of the clues that this is a scam is that the prizes offered include a $500 Tesco gift card; Tesco is a British chain. Another clue is that it's not addressed to you, but to "Dear Google customer".
The biggest clue, though, is if you hold your finger (on the actual pop-up, not on our screenshot!), you'll see that tapping on it takes you to a gibbersh website hosted in Spain (.es) or Poland (.pl).
There, you'll find a fake Google Rewards website where you have to answer three basic demographic questions and then pick a prize box. No matter which box you pick, you won't "win". But, they'll give you a second chance, and no matter which box you pick, you will "win". You pick your prize, and then they'll ask for your contact info and mailing address, and then you'll be asked to give them your credit card info to pay $7 or €5 for shipping your prize.
If you give them your credit card info, within minutes, the overseas scammers will be racking-up fake charges on your card. But even if you don't, by that point, you've already given them your contact info and mailing address, which they can use to try to steal your identity.
NEVER tap on buttons in pop-ups like this! Just force-close the app or web-browser, or if necessary, restart your device.
14) Watch out for scam emails claiming you've won a $500 Petro-Canada gift card
The emails come from "Petro Canada Winner" with no email address, and say (see screenshot) that "you've been selected as one of the lucky few for an opportunity to receive a Petro-Canada $500 gift card.
If you click on the "Start Survey" button, it takes you to a fake Petro-Canada web-page (hosted on a website in Germany) where you have to answer three basic demographic questions and then pick a prize box. No matter which box you pick, you won't "win". But, they'll give you a second chance, and no matter which box you pick, you will "win". You pick your prize, and then they'll ask for your contact info and mailing address, and then you'll be asked to give them your credit card info to pay a $5 "shipping fee".
If you give them your credit card info, within minutes, the overseas scammers will be racking-up fake charges on your card. But even if you don't, by that point, you've already given them your contact info and mailing address, which they can use to try to steal your identity.
NEVER tap on buttons in pop-ups like this! Just force-close the app or web-browser, or if necessary, restart your device.
15) Watch out for fake Costco rebate texts
The texts, like the one screenshotted here, appear to come from a number in Quebec (819 area code), and include a link they want you to click on to get your 2% Costco member rebate…
First of all, Costco rebate cheques are sent by postal mail to your home address — they're not texted.
However, if you don't know that and click on the link, it takes you to a security screen that asks you to click on all the squares with a specific item in them to prove you're not a robot, just as in the Service Canada scam above. Once you do that, it takes you to a (fake) Costco reward redemption page which asks you to click on the icon for your bank or credit union, and then it takes you to a (fake but real-looking) log-in page for that bank or credit union.
If you type in your user name/card # and password, you'll be giving overseas scammers direct access to your bank account! NEVER click on links in texts or emails like this!
16) RCMP urge us to think twice before sharing 'heartbreaking' social media posts, as many are a bait-and-switch scam
How it works is, scammers duplicate a real post about a missing child or a lost pet, and encourage people to share the info, in hopes someone will spot the child or pet.
The catch is, their post is a link not to the original call for help, but to a duplicate post hosted on a website. Once the scammers see that their post is being shared, they change the content of that webpage, often to a fake rental ad or a bogus contest or a promise of some sort of cash payout.
Because you shared the link, your friends and loved ones are much more likely to click on it, and some may fall for the scam.
Before sharing a post, RCMP say it's wise to search the original poster's name and look for "red flags." Those can include the account being new and the user having very few friends. A keyword search can also be useful to see if the same post has been shared in other groups, particularly in faraway locations. A reverse image search can also be useful in finding out if the post is a scam.
British Columbia
Think twice before sharing 'heartbreaking' social media posts, RCMP warn
Mounties in B.C. are urging people to think twice before sharing "heartbreaking posts" on social media.
17) Scam Carbon Tax Rebate texts
The texts come from a New Brunswick or Ontario area code and look like the screenshot.
They encourage you to click on a numeric link which takes you to a fake Interac Direct Deposit web-page with icons for various Canadian banks and credit unions, as shown below…
The log-in pages for the banks and credit unions closely match the actual log=in-pages — except for the fake address.
If you provide yu bank account number and password, the scammers will use that info to drain your bank account!
NEVER click on links in texts like this!
Federal Carbon Tax Rebates are credited directly to your Income Tax account in those provinces where they're issued, and BC is not one of those provinces anyway, as BC has its own Carbon Tax Credit program.
18a) Watch out for scam "membership expiry" emails claiming to be from Costco
The emails, which look like the screenshot below, are coming from an email address (@mail-kfwf.com) which we traced to the same people as the McAfee scam above. The e-mail say that your Costco membership has expired, but that as part of their loyalty program, you can get a one-year membership extension for free…
If you hover your mouse over the "Extend For FREE" button on the actual email, or hold your finger on it on a phone or tablet, a pop-up will reveal that clicking or tapping on it would take you initially to a website at iad01.webex.com, which will automatically redirect you twice before ending-up at a fake Costco page at sipbelt.com asking for your email address and credit card info for a "shipping fee" of $4.
If you give them your credit card info, within minutes, the overseas scammers will start racking up fake charges on your credit card, until it's either maxxed-out or your credit card company cancels your card.
NEVER click on links in emails like this!
If you want to find out when your Costco membership expires (it'll be printed in bold across the top of every Costco receipt starting 60 days before expiry), you can go to Costco.ca and sign into your account there, or ask at Customer Service the next time you visit a Costco store.
18b) Watch out for scam Costco emails offering $2/year memberships
The emails, which look like the screenshot here, are coming from email accounts in Germany (.de), and say you can save 95% if you answer three questions.
If you hover your mouse over the "Claim Now" button on the actual email (or hold your finger on the button on a phone or tablet), you'll see that button will take you to a fake Costco webpage (footballswap.de) also in Germany.
Answer three basic demographic questions and you'll be taken to a (fake) Costco membership renewal page, where they'll want you to give them your membership number and password, plus your credit card info to pay the "$2 loyalty discount renewal fee".
If you give them that info, they'll try to buy things on your Costco account, and at the same time, they'll start racking-up fake charges on your credit card.
NEVER click on links in emails like this!
19) CRTC says to watch out for scam calls impersonating them
Canada's communications regulator — the Canadian Radio TV and Telecommunications Commission says scammers are calling people pretending to be from the CRTC and requesting personal and financial info.
The CRTC says they will never ask you for that sort of info.
The scammers are using call spoofing to make it appear that the phone is coming from the CRTC.
More about how that works is below…
crtc.gc.ca
Caller ID Spoofing
Information about Caller ID Spoofing
20) Watch out for creative fake PayPal "payment request" emails
The emails look like the screenshot below (shared by astute Tech Talk listener Monica), and are coming from service@intl.paypal.com, and employ a sneaky reverse-psychology twist…
They show you a hefty $799 USD payment request, and say, "If you don't recognize it, don't engage with this request", and give you a phone number to call. That number — the one in this email is a Provo, Utah number — will route your call to a call-centre in India, where a scammer posing as PayPal will offer to block the payment, but will need you to give them your PayPal account email address or user name, and password.
If you give them that info, they'll log into your PayPal account, change your password so you can't get in, and then start transferring money to themselves! NEVER call phone numbers in emails like this!
If you want to check payment requests, open the PayPal app, or go directly to PayPal.com.
21) Watch out for fake overdue Hydro Energy bill emails
The emails, with the subject Outstanding Hydro Energy Payment, are coming from @outlook.de accounts in Germany (.de) and look like the screenshots below from Ron Fraser…
The link they want you to click on (paristulipascde.nl) is a webpage in The Netherlands with a fake BC Hydro payment page. (It's since been shut down but will likely re-appear at a different address.)
It shows the $34 account owing and asks you to put in your credit card info to pay it to avoid having your power turned-off.
If you give them your credit card info, within minutes, the overseas scammers will begin racking-up fake charges on your credit card account! NEVER click on links in emails like this!
If you want to see the status of your BC Hydro account, go directly to BCHydro.com and log-in there.
22) Watch out for scam emails claiming to be from McAfee Security
The emails, which look like the screenshot below, are coming from an email address (@mail-gdkm.com) which we traced to Germany, and claim your info was stolen and found in a data breach…
If you hover your mouse over the "Renew Subscription" button on the actual email, or hold your finger on it on a phone or tablet, a pop-up will reveal that clicking or tapping on it would take you initially to a website at Fciflsbts-iad01.webex.com, which will automatically redirect you twice before ending-up at a fake McAfee page asking for your email address and credit card info for a charge of $99.99 CAD for a one-year licence for "unlimited devices".
If you give them your credit card info, they'll bill your card for that amount, and send you a download link for a fake version of McAfee which includes viruses, and will then also use your card info to rack up numerous other fake charges.
NEVER click on links in emails like this!
We don't recommend you use McAfee AntiVirus in any case, because it's just not very good, but if you did want to use it, either buy a licence key in a store, or go directly to McAfee's website (McAfee.com) and buy it there.
23) Watch out for scam emails offering a $500 Loblaws Gift Card
While we don't have any actual Loblaws supermarkets in Greater Victoria, Loblaws is also the parent company of Real Canadian Superstore and The Great Canadian Wholesale Club, which we do have.
The scam emails — which are coming from overseas — look like the screenshot below…
If you click the "Start Survey" button, it takes you to a fake Loblaws website at pms-popakademie.de — hosted in Germany. Once you answer four basic demographic questions, you'll be given a "chance" to win a $500 Loblaws Gift Card by clicking on one of nine gift boxes. Which ever one you pick, you will not win, but you'll be given second chance, and which ever other box you click, you will "win". You'll just have to give them your name, address, email address and credit card info to pay a $7 shipping fee.
If you give them that info, within minutes, the overseas scammers will begin racking-up charges on your credit card until your account is frozen or maxxed-out. Your credit card will have to be cancelled and replaced.
But, even if you don't give them your credit card info, by merely clicking on the "Start Survey" button and being taken to the website, the scammers will get your email address and know they got you to do that, and they'll then bombard your in-box with a raft of other scams in the ciming days and weeks.
NEVER click on links in emails like this!
If you have a Microsoft account email address and are using the new Outlook Mail app, you can click on the "Report" button at the top of the page to report the scam email to Microsoft Security, and also block and delete it.
24) Watch out for (sloppy) fake Prime account reactivation emails
A new round of fake Amazon Prime subscription recativation emails is being pushed-out, and these ones aren't very good, with poor quality graphics and an obvious spelling mistake, as shown in the screenshot below…
The emails are coming from gibberish addresses in The Netherlands (,nl) and come with a subject header which contains Latin and other symbols designed to evade scam filters…
The "Verify My Account" button takes you to a fake Amazon account log-in page, also hosted in The Netherlands.
If you type in your Amazon account email and password, the hackers will be able to order things on your account and have them shipped as gifts to other addresses, unless you have 2FA — two-factor authentication — turned-on, which we recommend you do an any website or app that involves money.
The hackers will also try your email address and password on other websites to see if you used the same info there. NEVER click on links in emails like this!
25a) Watch out for scam texts that claim you have unpaid parking ticket(s)
The scam texts look like this screenshot, shared by astute Tech Talk listener Coralee…
25b) Watch out for scam texts that claim your vehicle was caught speeding by an automated speed camera
The text (see screenshot) urges you to click on a link to pay your fine without having to go to court.
The links in both of these scams take you to overseas websites (paybc-online.com and ticket-pay2024.com are just a couple of the ones we've seen) that look like the real "PayBC Online" web-page, where you're instructed to provide your name, address, and credit card or bank account info…
…but the websites are fake. The real PayBC website looks like this…
If you give the scammers your card info, within minutes, they'll rack up scam charges on your credit card or drain your bank account. If you think we're exaggerating, North Vancouver RCMP posted this…
If you want to pay a ticket or fine online, go to Pay.gov.bc.ca.
NEVER click on a link in a text or email about a fine or ticket.
26) Watch out for scam Facebook posts about Canadian Tire and other chains selling-off "leftover" kettles and other popular small home appliances
The posts (see screenshot) claim a chain like Candian Tire is clearing-out "leftover" popular items like a Smeg kettle for $3 to celebrate an anniversary.
The posts include a TV news logo — in this case CTV News — and (fake) comments to try to make it look legit.
Tapping on the post takes you to a webpage like the one screenshotted here.
Follow the prompts and you'll be asked to provide your credit card info to pay the $3 — but if you do, within minutes, scammers will be using your card info to buy stuff on your account, and your bank will have to cancel your card and send you a new one.
"Tech Talk" listener Cair did this and her bank blocked the transaction and texted her a fraud alert. When she called the credit card people, they confirmed it was a scam, cancelled her card and are sending her a replacement. She'll now have to give the new card info to all the utilities and other firms where she has auto-payments set up. If an offer seems to good to be true — especially if it uses news logos to make it sound legit, it's a scam. Thanks, Cair, for sharing this!
27a) Package delivery problem email? It's a scam.
If your email in-box is being flooded with emails about problems delivering a package to you, you're not alone. But most importantly, like the one below, they're all scams.…
It's a hard concept to get people — especially us trusting Canadians — to accept, but it's true: any email claiming to be from a courier company about a problem delivering a package, is a scam.
Among the telltale signs: 1) they're not addressed to you by name, 2) they don't say who the package is from, 3) they don't say what the package is, 4) they don't include a phone number to call, 5) the tracking number doesn't match anything you have, 6) and the email address it's from will not be from the courier firm. In the screenshotted example above, you can see (yellow arrow) that it was sent from @aginsurance.be — that's in Belgium!
They all include a button for you to click or tap, but, if you hover your mouse over the button on a computer, or hold your finger on the button on a touchscreen device, you'll get a pop-up that shows where clicking or tapping it will take you — and you'll see it's invariably an overseas website which will have a fake landing page for the courier company being impersonated. In the example above, it's a webpage (blue arrow, above) hosted on a server in (.fr) France.
The usual scam is to ask you to type in the correct address, and then your credit card info to pay a small fuel surcharge or a processing fee. If you do that, the scammers will immediately start using your credit card info to buy things which they can sell for cash. NEVER click on links in emails like this!
Even just clicking on the link is problematic, because the gibberish after the first part of the web address is computer code which tells the scammers which email recipient clicked on the button. They then know that your email address is valid, and that you're at least a bit gullible, and as a result, your inbox will be flooded with a raft of other scam emails in the days and weeks ahead.
27b) Watch out for scam "damaged package" texts
Watch out for texts like the one screendhotted here, supposedly from the US Postal Service, advising that a package was damaged in transit and that your address was lost.
They ask you to click on a link, or to reply with Y and they'll send one.
The link takes you to a fake USPS webpage hosted in Singapore, where they ask you to fill out your name, address, email and phone number to schedule delivery.
If you submit that, it takes you to a page wanting your credit card info for a 30-cent processing fee, as shown on the right…
If you give them your credit card info, within minutes, the overseas scammers will be using that info (together with the other address info you earlier gave them) to buy expensive items on your account, and your bank will have to cancel your card and send you a new one. NEVER click on links in texts or emails like this!
28) If you're getting dozens of iPhone or iPad password reset notifications, hackers are trying to get into your account.
iPhone and iPad users are the target of a new wave of phishing attacks called "MFA Bombing" that relies on user impatience, and a bug in Apple's password reset mechanism.
Victims are inundated by "Reset Password" notifications, including the text "Use this iPhone to reset your Apple ID password," and the options to allow or reject the request. This notification is genuine. It's displayed once to the user when they attempt to reset their Apple ID password, as a form of multi-factor authentication on an iPhone, Mac, iPad, or Apple Watch.
The problem with the attack is that the attacker is bombarding the target with so many notifications. They're hoping you'll either accidentally select Allow instead of Don't Allow, or will be annoyed by the deluge of notifications that you'll select Allow in order to make it stop. Don't do that! Selecting Allow would let the attacker reset your Apple ID password, granting them access to your account, and locking you out.
It's hoped that Apple will make a system change to limit the number of Reset Password notifications that can be sent within a set period of time.
29) If you're a Freedom Mobile customer, watch out for scam texts offering compensation for a bill overcharge.
The scam texts, like the one shown on the left, instruct you to click on a link to get your money via Interac transfer.
The link, freedom0mobile.com (note the deliberate typo), takes you to a "Verify you're a human" page and if you click on "I'm not a robot", it'll ask you to tap on all the images of a particular object.
If you do that, it'll take you to a fake Interac page listing all the main Canadian banks and credit unions, as shown on the left. Tap on one and it'll take you to a fake log-in page for that bank or credit union, shown on the right.
If you type in your card number and password, the scammers get immediate access to your bank account.
NEVER click on links in texts like this!
30) Watch out for scam emails supposedly from Outlook warning that your device is at risk
Watch out for scam emails like the one on the left, claiming that your device is at high risk of being infected with viruses.
The emails are coming from overseas accounts (this one was from an address @iwbza.com) and have lots of bold red words and symbols.
If you hover your mouse over the "How to remove virus" or "Security Check" buttons, or hold your finger on either of those buttons on a phone or tablet, you'll get a pop-up showing that they'll take you to a web-page at semimaration.ro — that's in Romania.
Those links go to a fake Microsoft sign-in page, where scammers are hoping you'll type in your email address and Microsoft account password, so they can immediately begin stealing your identity and money.
NEVER click on links in emails or texts like this!
31) Watch out for scam Facebook texts, advising that your account is to be permanently deleted because of a trademark violation.
A screenshot of one of these scam texts is on the left.
Note the link they want you to click on to request a review of their "decision" (yellow arrow)…it'll take you to a fake Facebook log-in page hosted on a website in Brazil (.br red circle).
If you put in your Facenbook password, the scammers will send you a message advising that you are going to be sent a security code to confirm your identity, and to type that code in the reply to them.
If you do that, you will be giving the scammers what they need to change your password and take over your Facebook account and lock you out!
NEVER click on links in texts or emails like this.
If you think a message like this is real — it never is — you could go to your Account Status within your Facebook app and look for any Notifications there.
32) Watch out for scam emails that appear to be a PayPal receipt for an item or service which you did not purchase.
The screenshot on the left, submitted by astute Tech Talk listener Peter, claims to be a receipt for a printer for $247, and encourages you to call a toll-free number if you did not make this purchase.
If you call that number (which connects to a call-centre in India), scammers posing as PayPal will offer to refund you the purchase, and will try to talk you into logging into your credit card or bank account online, and sharing the screen with them. They will then make it look like they vastly over-refunded you and will pressure you into transferring them the difference.
NEVER call phone numbers in emails like this.
If you think the receipt mightr be real, open your PayPal app or log into PayPal.com and check your transactions therre, and you'll see there's no sign of this fake one.
33) Watch out for scam texts that appear to be from Fido, offering you a $50 credit as a "thank you", as shown in these screenshots…
The texts are coming from a (since-shut-down) Ontario number, but will likely resume being sent from a different number. In the screenshots above, which Charles Martin sent us, the text includes a link (red arrow) to a fake Fido webpage at secure-fidosolutions.com, which we traced to Algeria.
If you click on the "Interac e-Transfer" banner, it takes you to a fake Interac web-page hosted on the same website, and if you click or tap on your bank or credit union, it'll take you to a fake log-in page for them. If you put in your account number and password, the scammers will proceed to empty your account. NEVER click on a link in a text like this!
If Fido, or some other company, was actually giving you a $50 "thank you" credit (not likely!), it'd show up on your bill…you wouldn't have to do anything to get it.
34) Fake Tangerine Bank texts
Watch out for scam texts that look like they're from Tangerine Bank, like the one shown on the left, submitted by astute Tech Talk listener Wendy.
The text says transactions may not be authorized until you validate your recent account activity, and it urges you to click on a link (with misspelled "assistance") which takes you to a fake Tangerine Bank log-in page, which we traced to Spain.
If you were to type in your Tangerine log-in info, you'd be giving hackers access to your account.
NEVER click on links in texts or emails like this!
If you wanted to check if it was real, you could use the Tangerine app, or go directly to their website, and check your account status there.
35) Watch out for scam "Unusual Activity On Your Account" emails
There's been a resurgence in scam emails claiming to be from Microsoft, warning you of unusual activity on your account, namely a log-in from Russia, as shown in the screenshot below…
What's unusual about the emails is that you can't see the email account they were sent from.
If you hover your mouse over the "Report The User" button. or if you hold your finger on it on a mobile device, you'll see that clicking or tapping on it will trigger an email from you to info@secaccinfoaccesses.com with the subject Report This User. The scammers at that address will then immediately send you a personalized email back, posing as Microsoft, and urging you to click on a special link to secure your account, which takes you to a fake Microsoft account log-in page. They're hoping you'll give them your account password. They'll then send you a second email advising that you'll get a code from Microsoft to secure your account and asking you to send them that code. If you do, you'll have given them the code they need to change your password and lock you out of your account.
NEVER click on links in emails or texts like this! If you think your account might actually have been accessed, go directly to your account at Account.Microsoft.com and check there for unsuual activity. If you have an Apple device, you can go directly to your account at AppleID.Apple.com. If you have a Google account, go directly to Accounts.Google.com.
36) Watch out for scam package delivery emails
Because so many of us are expecting packages these days, scammers are busy pumping-out emails advising of problems trying to deliever a package, like the one below…
The above email is from an email address (@sizeer.com) highlighted in yellow above which I traced to Poland. The scammers even used Photoshop to replace the UPS logo with IPS, although they failed to change the logo on the semi-trailer!
Scam emails like this have several things in common: they never mention your name, they never say what the delivery address was, they never say who the sender is, or what the package is.
The "Check Here" box takes you to a fake UPS webpage where they'll offer to try again to deliver your package — provided you pay a small fuel surcharge. But if you give them your credit card info, they'll rack-up fake charges and max-out your credit within hours.
NEVER click on links in emails like this! If you're waiting for a package, only use the tracking number provided by the sender.
37) Watch out for scam emails that look like they're from Norton.
The scam Norton emails are currently coming mostly in one of two styles. One is a receipt for an expensive subscription to Norton AntiVirus which you did not buy, which looks like this…
…if you call the toll-free number, you'll be connected to someone at a scam call-centre in India, and they'll "offer" to reverse the charge, but will want you to let them share your screen to make sure it goes through. If you let them do that, they'll make it appear you got a refund 10x the amount, and then pressure you to send them the difference. They'll often also try to secretly transfer money out of your account to themselves.
The second type of Norton email scam is a bright-coloured email warning you that your computer is badly infected because your Norton Security subscription has lapsed. It looks like this…
If you click the RENEW SUBSCRIPTION button, you'll be taken to a fake Norton screen hosted on a website in France (.fr), where they'll offer you a renewal at a rediculously low price — provided you give them your credit card info. If you do, the scammers will max out your credit within an hour!
Two important lessons: one, NEVER call a number in an email invoice or receipt for something you didn't order, and two, NEVER click on buttons in emails (or texts) warning you that something bad will happen if you don't take action immediately.
38) Watch out for fake "An email address was just added to your Facebook account" emails
The emails (see screenshots shared by Kyle) look like ones which Facebook would send you, if a new email address or phone number is added to your account.
But the sender is wrong: "Facebook-Alert", if you tap on it, shows as actually being from an email address that is not Facebook — in this case, from an account at minimogul.com, which is a website hosted in Tampa. FL…
They want you to click on the blue-&-white "This was not me" button.
If you do, it generates an email from your address to the scammers at an address that sort-of looks like Facebook. If you send that email, within seconds, you'll get a personalized email back that appears to be from Facebook, thanking you for reporting the 'scam' and advising that your Facebook account is being locked for your security, and that they'll email you a code in a separate email so you can change your password, and asking that you email them back with that code. Seconds later, you'll get an authentic email from Facebook, with a Password reset code…
If you email that code to the scammers pretending to be Facebook Security, they'll immediately use that code to change your password, locking you out of your Facebook account. They'll then use your FB account to try to scam your all your friends — and you'll be virtually powerless to stop them.
NEVER click on links in emails like this. If you think an email like this might be real, open your Faceook app or log into to Facebook.com, and click on your Account> Settings and Privacy> Settings> Password and Security> Personal Details, and see if under Contact Info a new email address or phone # that is not yours has been added. In almost every case, it has not — the email was a scam.
39) Watch out for scam Facebook accounts claiming to be BC Transit, offering online top-up of Umo Transit cards
Umo is the transit app being used by BC Transit here in Greater Victoria, in the Cowichan valley, and in more and more other parts of BC. You can also get a physical Umo card and reload it at convenience stores where you get the card. But scammers are creating fake Umo Facebook pages with links to scam online sale and top-up websites…
The scam Facebook accounts look like this…
If you use (or want to use) the Umo transit app, you can add your credit card into the app for reloading your account. If you don't want to do that, or if you want to use a physical Umo card, you have to reload it at a convenience store that distributes the cards. You cannot reload it via social media. Any post or text that claims you can, is a scam.
40) Watch out for a scam letter mailed to you via Canada Post claiming you're entitled to millions in a life insurance inheritance
The scam letter (which is mailed in an envelope to your home address from an Ottawa postmark) looks like this scan shared by our friend Ron Fraser…
The letter urges you to email the writer, who claims to be in England, and explains that the letter has a Canadian postmark because he supposedly mailed it to you while he was in Canada for meetings.
If you email the sender, he'll email you back and offer to guide you through the process to claim the multi-million-dollar "inheritance". He'll email you all sorts of official-looking documents to supposedly confirm that you're entitled to the inheritance, and will ask you to email him pictures of your photo ID to confirm you're the benificiary.
The catch is, you'll have to wire him a substantial sum of money — usually several thousand dollars — by Western Union to cover the costs. If you do, you'll never see your money again, and you'll never hear from him again. NEVER correspond with people who send letters like this.