Cyber Safety - Email/SMS Scams and Malicious Apps

How to protect yourself from scams and malicious apps

Scams via electronic means are on the rise - the CAFC has reported that between 2020 and 2021 the losses to Canadians has more than doubled. It is important to know how to recognize these scams to protect your identity, money and assets.

 

Email Scams

Email scams can be found all over the internet - regardless of who your provider is, being able to spot them will help keep your devices and passwords safe. They are often rife with mistakes - spelling and grammar errors; they come to you unprompted - meaning no action you performed caused the email to be sent to you; and they often will demand some kind of immediate response or action.

 

Identifying Email Scams

  1. Take a look at the sender’s email address
    • Is it the normal address you would receive email from this person/organization?
    • Does the email address look valid - Is the bank emailing you from [email protected]?
  2. Take a look at the grammar & spelling - scam emails will often have grammatical or spelling errors which would never pass for legitimate business purposes.
  3. Take a look at the tone & intention of the message - is it urgent and demanding? Is it threatening or dire? Does it sound too good to be true?
  4. Take a look at what it is asking of you - legitimate business will not send you emails requesting you validate or verify personal information.

 

What to do next?

If you have received a scam email - the next steps are important.

  1. Do not click on any links, attachments or QR codes that may come with the messages
  2. Verify with the supposed organization if they have sent the email
  3. Do report the suspicious email
    • If you received one when on a work machine and at a corporate email address - report it through your IT department.
    • Canada’s Anti Fraud Center will also take reports of Scam & Fraudulent emails. https://cyber.gc.ca/en/

 

SMS scams

SMS scams often are using the same techniques as a Scam (phishing) email - just using texting instead of email. During the Covid-19 pandemic they even used the CERB benefits as a means to try and trick unsuspecting cellphone users, targeting some of the most vulnerable members of our society.

Often these messages will prompt you to click on a link that leads the user to a falsified website or to download a malware loaded application to the device. If you have received a message that is suspicious - don’t click on any links.  

 

Identifying SMS Scams

  • It will come out of the blue and unprompted
  • It will not come from a short code number but a full 10 or 11 digit number
  • It will often prompt you to reply with “Y”, “Yes” or “ON”
  • It will often prompt you to click a link that looks unusual
  • It will contain strange spelling or grammatical errors
  • It will come with a sense of urgency

 

What to do next?

  • Take a screenshot of the message
  • If you have been a victim contact the police and your banks as soon as possible.
  • Report it to the CAFC either online or by phone at 1-888-495-8501 if you are a victim or not.

 

Malicious Apps

When it comes to App fraud - it can take many different forms; from social media styled apps to money transfer apps. Occasionally the fraud can come from other individuals using the app - not the app itself.

 

Identifying Malicious Apps

  • Be aware of the app’s download location - the apps should link you to the apps store for your device
  • Be careful of micro transactions that can be hidden in the apps use
  • Be aware of why an app is being offered for free if it is freeware
  • Take into consideration what permissions the app is requesting, things like location sharing should not be needed for a word search game

 

What to do next

If you have downloaded an app that is suspicious there are a few things you should do.

  • Uninstall the app from the device
  • Verify permissions for the app are removed
  • Run a scan of the device (using a known antivirus/malware software scan)
  • Use a VPN to protect your device’s personal data
  • Report the app to the device’s app store (Apple or Google Play Store)

Glad we could be helpful. Thanks for the feedback.

Sorry we couldn't be helpful. Your feedback will help us improve this article.

How helpful was this page?

  
Updated on Tue, 23 Apr 2024 by Sean Otway

Rendered by:WWW-C01-PRD-01.