Tax season security is just one more thing to worry about.
All year round, scammers try to impersonate the Canada Revenue Agency – through phone, text, email phishing or paper mail – to gain access to taxpayers’ personal information and finances. Individuals are particularly vulnerable around tax time when the CRA is on everyone’s mind. The Canadian Anti-Fraud Centre has identified seven different types of common fraud, with new scams invented daily.
Tax time can be stressful, and dealing with the CRA equally so. The CRA, however, will never bully, harass, or intimidate you. The CRA wants to keep your personal information and finances secure, and they provide a number of resources to help you. We’ve compiled them here, along with advice on how to stay secure this tax season. (We also have more tips about how you can be proactive about security during tax season here.)
Beyond the information found in the CAFC’s Little Black Book of Scams, there are telltale signs of scammers. Callers who insist you take immediate action are very likely to be scammers. Any caller who requests gift cards, Bitcoin, or other unusual payment methods are definitely scammers- the CRA does not want your iTunes card. The CRA will also not text message you, nor ask for personal information that does not pertain to your tax return. When in doubt, ask yourself these critical questions:
The CRA will never ask for information about your passport, health card, or driver’s license. They will never email you a link to your refund (nor any link you have not specifically requested). They will not be aggressive, nor threaten to arrest you or report you to the police. The CRA may:
In 2018, about 90% of Canadians filed their tax returns online. Utilizing free tax software is easy and secure as long as you use a product that has been certified for the 2018 tax year; the CRA recently released the latest list containing ten approved software options.
If you receive a suspicious communication from the CRA, their official stance is to reject it. Hang up the phone, and call the CRA back to verify the agent. Never download any files or accept money transfers sent via email or text message from the CRA, and never click any suspicious links. The CRA will only send you a link if you have specifically requested this with an agent. Similarly, you should never fill out or submit any unusual or suspicious forms.
If you’ve been scammed, don’t be embarrassed to admit what happened. The CRA itself fell victim to weak information security practices in 2014 when a 19-year-old computer whiz hacked into the CRA and stole 900 SIN numbers within six seconds. Police suggest that only a fraction of tax fraud is reported, with realistic estimates putting monetary losses at 10x the reported numbers.
To report scams, go to antifraudcentre.ca or call 1-888-495-8501. If you think you may be the victim of fraud or you unknowingly provided personal or financial information, contact your local police service, financial institution, and credit reporting agencies.