Police warn citizens about recent phishing emails
The Calgary Police Service is reminding citizens to be cautious following recent reports of citizens receiving phishing emails where offenders claim to have the victim’s login credentials to various websites and accounts.
In the past several weeks, CPS has received numerous reports from concerned citizens who had received emails from scammers demanding money. Within the emails, the offenders claim that they have recorded the victim accessing a questionable website and demand money, typically through a bitcoin payment, or else they will publicise this information. To make the threat seem believable and to instill fear in the victim, offenders also included the victim’s password to attempt to prove that they had accessed the victim’s computer.
In reality, the offenders never gained access to the victim’s computer, and the victims were never recorded on a questionable website. Instead, offenders obtained the victim’s credentials from a previous and unrelated data breach in which the victim’s password was compromised, such as through an app, social media platform or retail company.
Luckily, the citizens who reported these occurrences to CPS recognized the red flags and did not lose any money.
“We want to remind citizens to always protect their personal information when online, to change their passwords regularly, and to pay attention to data breaches,” says Sgt. Ray Kelly of the CPS Cybercrime Team. “Criminals take advantage of the fact that many citizens use the same password for many of their online accounts and change these passwords infrequently. At the very least, citizens should use unique passwords for each account and passwords should be changed regularly, as well as following a data breach.”
Citizens can check if their email addresses and online account information have been compromised in a previous data breach through the website https://haveibeenpwned.com/.
Since the beginning of 2019, Calgarians have lost more than $1.2 million through phishing email scams, with 75 per cent of the losses stemming from fake employment offers and the diversion of corporate payroll deposits and financial account details through email. As with most scams, it is believed that the number of these occurrences is underreported to the Calgary Police Service.
Citizens are reminded of the following tips to protect themselves from phishing emails:
- Be suspicious of unexpected and unusual emails, especially ones demanding some form of urgent action. Never click links, send money or respond until you have confirmed the email to be legitimate through a second source.
- Know how to recognize phishing emails.
- Check who sent the email. Be suspicious of emails sent from people you don't communicate with regularly and look for spelling mistakes or extra letters, numbers and symbols in the sender's email address.
- Check for bad grammar and spelling mistakes in the body of the email.
- Check hyperlinks by hovering your mouse over a link to check its true destination. Never open attachments or click on links until you've verified it is a legitimate email.
- Check the date and time the email was sent. Phishing emails are often sent at times you wouldn't normally receive emails.
- Change passwords regularly and after an account has been compromised by a data breach.
- Check if your email addresses and online account information has been compromised in a previous data breach through the website https://haveibeenpwned.com.