While cyber crime was already one of the largest and fastest growing industries in the world, it has increased 65% since the pandemic began, according to Tynan. Canada ranks third in the world for stolen identities and ninth for record disclosure, according to DigitalDefence.ca. Last year the Canada Revenue Agency was the target of a credentials attack that banned thousands of Canadians from their online accounts with the agency. More recently, it has been proactively restricting 800,000 users whose credentials matched personal information found on the dark internet.
“These articles – people dealing with pandemic-related complications, spending more time online, and the rise in cybercrime – are creating a perfect storm for taxpayers,” Tynan said.
Scammers and cyber criminals have a mind-boggling number of ways to prosecute Canadian taxpayers. A common scam tactic is phishing, in which a scammer pretending to be from the CRA contacts the victim and tries to obtain confidential information. Victims can be contacted via SMS or instant messages, which Tynan says is a red flag as the agency only communicates with taxpayers through their registered CRA account.
“Some cyber criminals who pretend to be from the rating agency are asking their victims to send money to a specific account by email, which the agency would never do,” Tynan said. “We also see fake phone calls with aggression or threats telling victims that the CRA will arrest them unless they pay a fine, which can seem convincing because they are using fake caller IDs.”
Identity protection should also be part of Canadian taxpayers’ cybersecurity efforts, she stressed. At the simplest level, users must use strong passwords. Combining letters, numbers and symbols is generally recommended. Using VPNs can help protect your activity from spyware and hackers who may be watching you with keyloggers. Your devices should also be equipped with measures to combat malware and ransomware attacks. Maintaining software and operating system updates can also go a long way in fixing latent security vulnerabilities.