Search

Fraud Campaigns Targeting Canadian Citizens Using Lookalike Government and Service Portals

Cyber threats and incidents
By John Kevin Hao

Related

Cyber threats and incidents

Canada Arrests Three for Operating SMS Blaster Device in Toronto

What happened Canadian authorities have arrested three men for operating...
Read more
Cyber threats and incidents

Nova Scotia Power Cyberbreach Affected More Than 900,000 Current and Former Customers

What happened A Nova Scotia Power cyberbreach affected more than...
Read more
Founders, Analysts & Industry Voices

Female Cybersecurity Leaders to Watch in Canada

Women’s History Month is a timely opportunity to recognize...
Read more
Founders, Analysts & Industry Voices

CISOs & Security Leaders to Watch in Canadian Automotive

Canada’s automotive sector is undergoing a rapid digital transformation,...
Read more
Founders, Analysts & Industry Voices

CISOs & Security Leaders to Watch in Canadian Food & Beverage

In the food and beverage sector, cybersecurity is no...
Read more

Share

What happened

Fraud campaigns are targeting Canadian citizens by exploiting trust in official services and urgent notifications to harvest personal and financial information. Attackers are sending SMS messages and displaying online ads that warn of issues like unpaid tickets, failed deliveries, or flight booking problems, and direct recipients to fake websites that mimic official Canadian portals. Analysts from CloudSEK identified multiple fraud clusters impersonating services including PayBC, ServiceOntario, Canada Post, the Canada Revenue Agency (CRA), and Air Canada. These lookalike domains are designed to trick victims into entering sensitive data, leveraging urgency and brand trust without using advanced malware. ([turn0news0])

Who is affected

Canadian citizens and residents receiving fraudulent SMS messages or encountering deceptive ads are directly exposed to these campaigns, where personal and payment information can be harvested. The campaigns exploit common public interactions with government and service brands rather than targeting specific systems. ([turn0news0])

Why CISOs should care

This incident highlights how threat actors are weaponizing public trust in official services and simple communication channels like SMS to conduct large-scale data harvesting against a national user base. Understanding these social engineering vectors and brand impersonation techniques helps inform enterprise risk profiles and public awareness strategies. ([turn0news0])

3 practical actions

  • Monitor fraud clusters. Track emerging impersonation campaigns targeting recognized brands and government services to understand evolving social engineering tactics.
  • Validate domain authenticity. Verify links in messages or ads purporting to relate to official services before interacting or prompting users to submit data.
  • Raise user awareness. Communicate known fraud patterns to users and stakeholders to help them recognize and avoid lookalike portals.
IMG 0514 2
+ posts

John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.

Previous article
Swarmer Tool Evading EDR With Stealthy Windows Registry Persistence
Next article
Threat Actors Leverage Enterprise Email Threads to Deliver Phishing Links

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.