The 2020 National Cyber Threat Assessment reported an increase in fraud and extortion among Canadians.
Its publication comes at a time when Canadians and much of the Canadian economy have been shifting online—a shift made more rapid by the onset of COVID-19, as is reflected in the number of reported COVID-19-related scams. Though the report did not reveal how many Canadians fell victim to COVID-related scams, Canadian Anti-Fraud Centre data revealed 8,583 Canadian victims of pandemic-related fraud between March 6, 2020 and January 10, 2021.
“Cyber threat actors know that people are anxious about the future and are less likely to act prudently when presented with emails, SMS messages, or advertisements related to COVID-19,” the report reads.
Pandemic-related scams include convincing people to buy fake vaccines and/or test kits, identity theft and ransomware attacks. Such scams are found to threaten the privacy of Canadians, specifically through the theft of personal information, resulting in both identity theft and financial fraud. The Canadian Anti-Fraud Centre also reported on their site that COVID-19-related fraud has cost Canadians $7 million to date.
Online fraud on the rise
The report also notes the number of cyber threat actors is rising and are becoming more sophisticated. For instance, since March 2020, the Cyber Centre has taken down over 3,500 websites, social media accounts and email servers that were fraudulently representing the Government of Canada.
“We assess that, almost certainly, over the next two years, Canadians and Canadian organizations will continue to face online fraud and attempt to steal personal, financial and corporate data,” the report reads. “Many Canadian victims will likely continue to give in to ransom demands due to the severe costs of losing business and rebuilding their networks and the potentially destructive consequences of refusing payment.”
In total, Canadian individuals lost over $43 million to cybercrime fraud in 2019 alone according to the Canadian Anti-Fraud Centre reported (though this number only accounts for reported cases of cybercrime).
“One way that cyber threat actors conduct fraud is by posing as legitimate organizations, such as government institutions, banks, or law firms to trick Canadians into clicking on malicious links or attachments which download malware onto their devices,” the report reads.
Other prominent scams include extortion of money by threatening cyber attacks or by stealing or claiming to have stolen incriminating information from victims. Another example is known as “love scams” where scammers create fake profiles on social media and/or dating websites to extort money from victims. In some cases, the scammer may obtain intimate videos of their victim and then threaten to send the video to the victim’s contacts unless they receive payment
Cybercriminals profit by obtaining login credentials, credit card details, and other personal information and then using this information to steal money, commit fraud or sell it on cybercrime marketplaces.
To read the full report, visit: https://cyber.gc.ca/sites/default/files/publications/ncta-2020-e-web.pdf