Scammers busy phishing with gov't look-alikes
Beware of fake emails seeking fed registration
OTTAWA • The federal government is warning of a new COVID-19 scam after fraudsters masquerading as the government's procurement department recently sent out two waves of phishing emails trying to steal workers' private information.
The scam involves unsolicited emails purportedly from the federal government asking the recipient to register to qualify for an unidentified “project.”
In early September, and then again last week, Public Services and Procurement Canada posted advisories on its public tender website, BuyandSell.gc.ca, about fraudulent emails being sent out to Canadian businesses. The first reported case originated in Quebec, says the Canadian Anti-Fraud Centre.
Though the emails look like Procurement Canada's Office of Small and Medium
Entreprises sent them, they are in fact part of a phishing scam aimed at stealing your or your company's private data and possibly lead you to a malicious website, warns the Anti-fraud Centre.
According to examples of the emails provided by Procurement Canada, the fraudulent message invites the recipient to bid on an unnamed (and fake) project. But to do so, they must “register” by clicking on a big red or blue button.
The email is sent from an address masquerading as the department's official office (@pwgsc-tpsgc). But contrary to Procurement Canada's real email addresses, it does not end in “.gc.ca”, but with “.org”. That's a telltale sign that the email is not from a government source.
“If you receive this email claiming to be from PSPC that asks you to click on a clickable button, it's a scam!” reads the September advisory.
If they clicked on the fake registration button, users are sent to a website designed to imitate the government's real public tender portal.
“The email being distributed provides a button that takes users to a page that is not authentic. The page imitates the legitimate Buyandsell.gc.ca main site and displays a fake registration button (a button that doesn't exist on the real site). It is a phishing attempt at collecting personal information from users who click on the button,” explains Marc-André Charbonneau, a Procurement Canada spokesman.
The real website will never retain any personal credentials, he added, and potential suppliers “never register under any circumstances to view information published on Buyandsell.gc.ca.”
Charbonneau said this is the first time the department is aware of a scam involving the government's public tendering website.
But it's far from the first phishing scam to appear since the beginning of the COVID-19 pandemic.
Already by the end of March, both the Anti-fraud Centre and the Canadian Centre for Cyber Security were warning Canadians t hat a plethora of new COVID-19 fraud campaigns were targeting Canada.
For example, text messages falsely puing to be from the Red Cross offered people free masks or personal protective equipment in exchange for their private information, or unsolicited calls from fake government officials claimed the victim had COVID-19 and needed to provide information in order to receive financial benefits.
In May, the Centre for Cyber-security issued a report warning that it had identified over 1,500 websites falsely parading as Government of Canada COVID-19 pages that are in fact designed to scam Canadians.
The report also said that there had clearly been cyber attacks coming from state-sponsored threat actors.
These aren't your run-ofthe-mill scammers attempting to trick anyone they can, but rather trained professionals targeting specific companies, government agencies or research centres.
Specifically, Canada's digital spy agency noted in July that Russian intelligence services were behind recent cyber attacks attempting to steal information and intellectual property from Canadian research labs working on potential COVID-19 vaccines.