Back to Consumer resources

Fraudsters are always finding new ways to deceive consumers and gain access to their personal and financial information. Among other methods, they use email, phone calls, social media, and fake websites to trick people into handing over sensitive data. Understanding these tactics is the first step in protecting yourself.

The four broad types of fraud discussed below represent some of the more common ways fraudsters are currently trying to use the internet and other telecommunications services to gain access to consumers’ personal information. As telecom providers and other stakeholders put mechanisms in place to combat these attempts, fraudsters try to adapt their methods and seek other ways to gain access to consumers’ personal information. For a more comprehensive list of common types of fraud, please visit the Canadian Anti-Fraud Centre at https://antifraudcentre-centreantifraude.ca.

Phishing/Smishing/Vishing

Fraudsters impersonate trusted entities – including banks, government agencies, and other companies – to trick consumers into revealing sensitive personal or financial information. Phishing fraud typically requires a customer to click on a link in a text message or email and may often look like they are being sent from a trusted source, while vishing occurs via voice calls and usually includes a sense of urgency or time-sensitivity.

• Phishing and Smishing: This scam involves fraudulent emails (phishing) or text messages (smishing) disguised as legitimate communications from banks, government agencies, or service providers. These messages often contain links to fake websites designed to steal login credentials, credit card details, or other sensitive data.
• Vishing (Voice Phishing): Fraudsters use phone calls (including robocalls or voicemail) to impersonate trusted institutions, claiming urgent issues like fraudulent activity on your bank account, unpaid taxes, or security breaches. They manipulate victims into sharing passwords, PINs, or personal details over the phone, sometimes using caller ID spoofing to appear legitimate.

Stay Safe: Never click suspicious links or share personal info over the phone. When in doubt, contact the company directly using a trusted phone number or email.

Online fraud

Fraudsters exploit digital platforms to mislead consumers into providing personal information or making fraudulent payments. Some common examples include:

• Fake Websites: Fraudsters create counterfeit websites that closely resemble legitimate businesses or government portals. These sites trick users into entering login credentials, credit card numbers, or personal details, which are then stolen and misused.
• Social Media Scams: Fake job postings, fraudulent giveaways, and investment scams often spread through social media platforms. These scams entice users with promises of high returns, free products, or employment opportunities but ultimately aim to steal money or personal information.

Stay Safe: Always verify website URLs and be cautious of deals that seem too good to be true.

Malware/spyware

Fraudsters use malicious software to infiltrate devices, steal sensitive data, or activity.

• Malware & Spyware Attacks: Fraudsters spread harmful software through phishing emails, fake apps, or malicious website downloads. Once installed, malware can log keystrokes, steal login credentials, or give hackers remote access to a victim’s device. Some forms of spyware can silently monitor online activities, capturing banking details and other confidential data.

Stay Safe: Keep your software updated and avoid downloading apps from unverified sources.

Hacking

Cybercriminals often exploit security vulnerabilities to gain unauthorized access to personal and financial accounts.

• Hacking & Password Theft: Attackers use weak passwords, security flaws, or data breaches to steal login credentials. Information obtained from leaks on the dark web can be used to access multiple accounts if users reuse the same password across different sites.

Stay Safe: Use strong, unique passwords and enable two-factor authentication (2FA) wherever possible.

Visit GetCyberSafe.ca for additional cyber security tips and best practices or visit the Canadian Anti-Fraud Centre for detailed information on common scams, fraud tactics and how to protect yourself.