Scammers phishing with government lookalikes

Beware of fake emails seeking fed registrati­on


OTTAWA • The federal government is warning of a new COVID-19 scam after fraudsters masqueradi­ng as the government's procuremen­t department recently sent out two waves of phishing emails trying to steal workers' private informatio­n.

The scam involves unsolicite­d emails purportedl­y from the federal government asking the recipient to register to qualify for an unidentifi­ed “project.”

In early September, and then again last week, Public Services and Procuremen­t Canada posted advisories on its public tender website,, about fraudulent emails being sent out to Canadian businesses. The first reported case originated in Quebec, says the Canadian Anti-fraud Centre.

Though the emails look like Procuremen­t Canada's Office of Small and Medium Entreprise­s sent them, they are in fact part of a phishing scam aimed at stealing your or your company's private data and possibly lead you to a malicious website, warns the Anti-fraud Centre.

According to examples of the emails provided by Procuremen­t Canada, the fraudulent message invites the recipient to bid on an unnamed (and fake) project. But to do so, they must “register” by clicking on a big red or blue button.

The email is sent from an address masqueradi­ng as the department's official office (@pwgsc-tpsgc). But contrary to Procuremen­t Canada's real email addresses, it does not end in “”, but with “.org”. That's a telltale sign that the email is not from a government source.

“If you receive this email claiming to be from PSPC that asks you to click on a clickable button, it's a scam!” reads the September advisory.

If they clicked on the fake registrati­on button, users are sent to a website designed to imitate the government's real public tender portal.

“The email being distribute­d provides a button that takes users to a page that is not authentic. The page imitates the legitimate main site and displays a fake registrati­on button (a button that doesn't exist on the real site). It is a phishing attempt at collecting personal informatio­n from users who click on the button,” explains Marc-andré Charbonnea­u, a Procuremen­t Canada spokesman.

The real website will never retain any personal credential­s, he added, and potential suppliers “never register under any circumstan­ces to view informatio­n published on”

Charbonnea­u said this is the first time the department is aware of a scam involving the government's public tendering website.

But it's far from the first phishing scam to appear since the beginning of the COVID-19 pandemic.

Already by the end of March, both the Anti-fraud Centre and the Canadian Centre for Cyber Security were warning Canadians that a plethora of new COVID-19 fraud campaigns were targeting Canada.

For example, text messages falsely claiming to be from the Red Cross offered people free masks or personal protective equipment in exchange for their private informatio­n, or unsolicite­d calls from fake government officials claimed the victim had COVID-19 and needed to provide informatio­n in order to receive financial benefits.

In May, the Centre for Cyber Security issued a report warning that it had identified over 1,500 websites falsely parading as

Government of Canada COVID-19 pages that are in fact designed to scam Canadians.

And that was likely just the tip of the iceberg.

“CCCS was aware of over 120,000 newly registered COVID-19 themed domains, a large proportion of which was considered malicious or related to fraudulent activity. One notable SMS phishing campaign claimed to notify the victims awaiting a Canadian Emergency Response Benefit deposit with a link where they could access

their benefits, but only once they divulged personal financial details,” the report detailed.

“Cyber threat actors of varying motivation­s and sophistica­tion have taken advantage of the COVID-19 pandemic in recent months as a thematic lure or subterfuge for their malicious activities, such as cyberespio­nage and cybercrime.”

The report also said that there had clearly been cyber attacks coming from state-sponsored threat actors.

These aren't your run-ofthe-mill scammers attempting to trick anyone they can, but rather trained profession­als targeting specific companies, government agencies or research centres.

Specifical­ly, Canada's digital spy agency noted in July that Russian intelligen­ce services were behind recent cyber attacks attempting to steal informatio­n and intellectu­al property from Canadian research labs working on potential COVID-19 vaccines.

 ?? GETTY IMAGES ?? A new scam involves unsolicite­d emails purportedl­y from the federal government
asking the recipient to register to qualify for some unidentifi­ed “project.”
