Telephone Impersonation of the Canadian Cyber Incident Response Centre

Number: AL13-002
Date: 14 June 2013

Purpose

The purpose of this alert is to bring attention to recent reports of the Canadian Cyber Incident Response Centre (CCIRC) being impersonated.

Assessment

In recent months, CCIRC has received reports from members of the public stating they have received fake phone calls from CCIRC requesting remote access to their computer.

Generally, the scam involves a fraudster calling individuals and claiming they are from CCIRC. The fraudster uses one of several potential problems as a premise for the call. These include malicious software (malware) infections, sending online errors, verifying the computer licensing ID and/or hacked computers. The fraudster then offers to repair the computer over the Internet for a fee, either by installing software or obtaining remote access to the computer. Once remote access is granted, the scam artist then has the capability of installing malware, creating backdoor access, or obtaining financial information.

Recently, the tone of these calls has become increasingly aggressive, and in some cases, the fraudster has threatened that failure to comply with their demands could result in legal repercussions.

These fraudulent calls are similar to other technical support phone scams, where malicious actors claim to work for security companies. In these cases, malicious actors have tricked users into installing malicious software, taking control of their computers, requesting credit card information, and directing users to fraudulent websites.

Suggested action

At times, CCIRC may call individuals who work for organizations that fall within Canada's critical infrastructure sectors; however, under no circumstance would CCIRC ask a user to remotely access their computer.

CCIRC recommends that users be cautious of unsolicited phone calls and when asked to provide personal information, or grant remote access to their computer.

CCIRC recommends reporting these instances of fraud to the Canadian Anti-Fraud Centre. For information on how to report fraud, you may wish to contact the Canadian Anti-Fraud Centre.

Canadian Anti-Fraud Centre
http://www.antifraudcentre-centreantifraude.ca/
info@antifraudcentre.ca
1-888-495-8501

The Government of Canada has launched a national public awareness campaign on cyber security called Get Cyber Safe that provides Canadians with the information and tools they need to stay safe while online, including how to detect scams and fraud.

For more information about CCIRC, please consult Public Safety Canada's website.

References:

Note to Readers

In support of Public Safety's mission to build a safe and resilient Canada, CCIRC's mandate is to help ensure the security and resilience of the vital non-federal government cyber systems that underpin Canada's national security, public safety and economic prosperity. As Canada's computer security incident response team, CCIRC is Canada's national coordination centre for the prevention and mitigation of, preparedness for, response to, and recovery from cyber incidents on non-federal government systems. It does this by providing authoritative advice and support, and coordinating information sharing and incident response.

Please note, CCIRC PGP key has recently been updated.
http://www.publicsafety.gc.ca/cnt/ntnl-scrt/cbr-scrt/_fl/CCIRCPublicPGPKey.txt

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: ps.communications-communications.sp@canada.ca

Date modified: