Fraud Watch

Welcome to our Fraud Watch page. Here you will find information on fraud and scams, and how to spot them. We provide links to official websites that show the numerous ways online thieves are trying to steal your money and/or identity, and websites that can help you prevent fraud or coach you if you become a victim.

No matter how careful we think we are, scammers try to get the upper hand. They prey on our fears and anxieties with scare tactics that can hinder our better judgment. They try to trick us with email attachments that install malware on our computer, or send us links to fake web pages that steal our usernames and passwords.

Be wary of emails, SMS texts, letters, and phone calls from individuals and companies you don’t know, or messages that are unexpected. Be especially careful with “important” messages using scare tactics. And, don’t believe any offers for making a quick buck; if it seems too good to be true, it usually is!

Have you encountered a scam recently? Send an image or forward the email to If we haven’t already posted something similar, we’ll feature it on this page. In order to protect your privacy, we will remove your identifiers.


How to protect yourself online: 
Canadian Centre for Cyber Security
Get Cyber Safe
CIRA Canadian Shield 

Naked Security by Sophos
Phishing tricks that really work – and how to avoid them

DHS package delivery notification  In these COVID-19 times of abundant online shopping, SOPHOS tells us how to avoid this latest email scam.

Here are some websites that list newer and older scams in circulation: 
Canadian Anti-Fraud Centre
Canadian Anti-Fraud Centre (COVID-19 fraud)
10 most costly scams for Canadians in 2018 (with advice from the BBB)

What to do if you become a victim of fraud:
Canadian Anti-Fraud Centre Report a scam or fraud -Government of Ontario (includes a good list of scam types)


If you allow Google Chrome to save your passwords, you can check them at and see if any are compromised, duplicates, or weak.
See Rules for creating and safeguarding strong passwords (CNET)

If any of your passwords are on this list, you should change them: 
Top100kUsedPasswords (use Ctrl+F to search the list)

Check if your passwords have been pawned:

Check if your email address has been pawned:


The Gibson Research Corporation (GRC)
This venerable institution has been around for decades. Check if your computer ports are open to attack with this free service.
Probe your ports: ShieldsUP!!

March 14
Today we have two local examples of the baddies making use of Blind Trust actions to trick you into being scammed, please review and share.
Here’s how to tell if that CRA phone call is a scam or not!
We are all familiar with scam calls at this point. Whether it’s an air duct cleaning service, winning a cruise, or a warrant out for your arrest, you’ve surely received at least one scam call. This year, the CRA is trying to get ahead of scammers by providing tips to make sure you’re speaking to an actual CRA agent.

How to make sure it’s not a scammer on the line

  • Ask the caller for their name, phone number and office address,
  • Hang up the phone,
  • Google the information provided to you to confirm it is factual
  • Call the CRA agent back

How to identify a scammer

  • Caller refuses to provide proof that they work for the CRA (aka, won’t give you their name or phone number)
  • Caller uses aggressive language or pressures you to make an immediate decision
  • Caller asks for payment via pre-paid credit cards, cryptocurrency or gift cards
  • Caller asks for information that is not related to your tax return, such as your credit card number
  • Caller recommends you apply for benefits

Ontario police warn of text-message licence sticker scam

March 1
Are you on Instagram? OPP warn of new phishing scam!
For those of you who have had the opportunity to hear my honest appraisal on how baddies can easily initially victimize us and then continue to re-victimize you and then your family, friends & associates, comes an unfortunate confirmation of that scenario.  Again, be careful on how you respond to all messaging and if you happen to be caught, be aware you need to own it to avoid causing more harm.

Scammers are sending phishing emails with fraudulent links for fake Instagram login pages; this allows scammers to steal account credentials. Once an account is taken over, suspects blackmail victims to record a video of themselves promoting fake cryptocurrency platforms.

Suspects advise victims that this is the only way they can recover their account. After the video is recorded, it is posted on the victim’s social media accounts with a link for their followers to make a fraudulent investment. Victims will never recover their social media account and their followers are at risk of losing their funds if they invest through the fraudulent cryptocurrency platform.

Warning signs and how to protect yourself:

  • Do not click links or download attachments in text messages or e-mails as these can contain viruses or malware.
  • Beware of fraudulent cryptocurrency investment advertisements promoted through social media.
  • Prior to investing, ask for information on the investment. Research the team behind the offering and analyze the feasibility of the project.
  • Verify if the investment companies are registered with your provincial securities agency or the National Registration Search Tool (
  • Don’t be afraid to say no!
  • Create different passwords for all online accounts.
  • Enable multi-factor authentication.
  • Only log into your accounts from trusted sources.
  • Don’t reveal personal information over social media.
  • Learn more tips and tricks for protecting yourself.

February 21
QR Codes, think first before scanning!

So how do you know if a QR code is legit before you scan, the truth is you don’t.  That said, when you use your phone to scan what appears to be a legitimate QR code, observe what address is being offered and use Wise Trust before deciding to go through with the results.  A couple of points:

  • Watch out for what is now being called the “Parking Meter scam” in which a QR code was placed on Austin parking meters that resulted in banking information being sent to the scammers;


  • Remember that anyone can create and print out a QR code, much like the invoice scams we discussed last week, you need to ask yourself if a QR Code is what it claims to be;
  • Check out QR Codes in the Time of Cybercrime ( for more details.

 Oh, and here’s a QR code that’ll either make you happy or cringe (don’t say I didn’t warn you).


Non-technical Safeguards

by Chris Taylor, OPCUG
Guard yourself against email, phone, and password fraud, and more!


Malicious QR codes can do many bad things on your device.

Romance Scams

Beware of online Valentinos or Valentinas asking you for money.

QR Code Scam

Beware of fake QR codes at parking meters

MIcrosoft Windows Support Scam

Presented at the January 5, 2022 weekly Q&A session

Omicron Variant Scam

Presented at the January 5, 2022 weekly Q&A session

Security Layers (PDF)

Presented by Tom Trottier at the December 8, 2021 monthly meeting. (audio recording)


by Lawrence Patterson

Social Engineering Red Flags

Reprinted with permision from KnowBe4

Scam Tracking Overview

Submitted by Lawrence Patterson


A presentation (PDF) by Lawrence Patterson


Invoice Scams

Don't be fooled by looks

Another Rogers
E-mail Problem

"Upgrade or be deleted"

Smishing Scam

Imposter Install Now button installs malware on your phone

"DHL-Express" Delivery Scam

Pay for package "on hold"

"Can you do me a favour" scam

Just "catching up". Not really


"We have a surprise"
(it's not a good one!)

E-mail scams with attachments

Malicious code in sheep's clothing


"Take our survey"


"Your stunning horoscope at no charge"


Cell phone text scam


Snail mail scam
(If it seems too good to be true, it usually is!)


"You will be blocked"

A COVID-19 scam

Looking for Bitcoin donations