Laurentian Bank: Laurentian Bank of Canada.
Impersonation and authority fraud.
Impersonation and authority fraud.
These scams manipulate trust by pretending to be a known or legitimate entity.
Types of impersonation and authority fraud.
Fake representative scam.
The fake representative scam involves impersonating an acquaintance, an official organization, or any other type of authority figure. This type of scam can take several forms:
Fake services or aids: The fraudster poses as a representative of a public service or charitable organization, asking for donations to fictitious causes.
Fake recruiters: In the context of a job offer, the scammer pretends to be a recruiter or human resources manager. They may charge for tests or document creation as part of the recruitment process. The fake recruiter may go so far as to tell the victim that they’ve been selected for the job. The scammer will ask the victim to carry out orders or run errands on behalf of the employer, under the pretext that this is part of the job description.
Fake agents of a company or administration: This is the method most frequently used by fraudsters. The scammer poses as an employee of a company, bank, government agency or as a police officer and requests personal information or money. The caller claims that the customer is a victim of fraud, that a family member is arrested by the police and that bail must be paid, or mentions unpaid fines or taxes to frighten the victim.
What to watch out for:
You’re asked to hand over your bank or credit cards to an individual.
You’re told that someone will come to your home.
You’re pressured to act quickly.
You’re asked not to tell anyone.
They ask for your personal information.
How to protect yourself:
Don't share your personal and banking information.
Don't share your passwords, PIN, Social Insurance Number (SIN), two-step verification codes or other confidential information with anyone.
Don’t give your debit or credit cards to anyone.
If you receive such a call, hang up and call the company or organization in question using reliable means such as the numbers found on their official web site.
Love scam.
The love scam, also known as the romance scam or sentimental fraud, is when a fraudster gains a person's trust and feelings online through dating sites, social media, etc., with the aim of extracting money.
The scammer invents a false identity and sad stories such as financial problems, medical emergencies or travel plans, to manipulate the victim into sending money.
What to watch out for:
The scammer demands money from you or asks you to receive money on behalf of someone else.
They always have excuses for not taking your phone calls or videos and for not meeting you in person.
They declare their love very quickly.
Inconsistencies in their story and how they speak or write.
Their online profiles are recent, don't contain many photos, posts or information, and you have few or no friends in common.
They want to keep the relationship a secret.
How to protect yourself:
Verify the individual's identity by scanning their social media profiles, such as when the profile was created, list of friends, photos, etc.
Ask specific questions.
Don't give in under pressure.
Tell your friends and family about the relationship.
Don't send money.
Give priority to real contacts.
Celebrity scam.
Scammers use the identity or image of well-known people, such as celebrities, influencers, or political figures, to promote products, investments or services that don't really exist. Scammers use a variety of techniques to assume the identity of a public figure, such as creating fake social profiles or accounts to broadcast messages, or using hyper-realistic fake videos or interviews, known as deepfakes.
What to watch out for:
Promises of quick wins: If an offer seems too good to be true, such as winning money or impressive prizes, and doing so effortlessly, it probably is.
Requests for advance payments: Requests for funds before obtaining a product or service are suspicious, especially when they involve untraceable payment methods like cryptocurrency transfers or gift cards.
Inconsistencies in communication: Messages may contain typos or an overly urgent tone.
How to protect yourself:
Before you believe that a celebrity is recommending something, make sure it's an official channel of that person. For example, a verified social media account.
Never respond to solicitations requesting banking information, passwords or credit card numbers by private message.
If an offer seems too tempting, check online reviews or forums to see if others have reported negative experiences.
If you receive an offer from a public figure, contact their agency or representative to confirm if the offer is valid.
Install antivirus software and an ad blocker on your computer.
If you spot a scam, report it to social platforms or the Canadian Anti-Fraud Centre (CAFC).
By remaining vigilant and skeptical about offers that appear dubious, you can protect yourself against this kind of fraud.
Microsoft scam.
The Microsoft scam is a type of fraud where scammers pretend to be Microsoft technical support agents to trick their victims.
Scammers contact people by phone, email or pop-up on their computer posing as Microsoft employees, often claiming there's a serious problem with the victim's computer, such as a virus or security breach.
Victims are then enticed to give the scammer remote access to their device, download malware or pay for made-up services such as security software or computer repair. These scams may also aim to steal sensitive personal information such as bank details or login credentials.
What to watch out for:
Unsolicited contact: Microsoft will never call you out of the blue to report a security problem. If you didn't initiate the request, beware.
Pop-up window on your computer: If a message suddenly appears on your screen claiming there's an urgent problem with your system, and asks you to call a number or click on a link, it's probably a scam.
Remote access requests: Never allow a stranger to access your computer remotely. Microsoft never troubleshoots remotely without your explicit permission.
Demand for immediate payment: If you're asked to pay a fee to solve an urgent problem, it's often a sign that you're the victim of a scam.
Dubious phone numbers: Scammers often use numbers that look like Microsoft numbers, but they're not official. Always check with reliable sources.
Threatening messages: Messages that give you an urgent warning. For example, “Your PC is infected with a virus!”.
Syntax errors: False messages or calls often contain language errors or awkward phrasing.
Pressure to act quickly: Scammers try to push you to act without thinking, telling you that you need to act immediately to avoid damage or fix security.
How to protect yourself:
Never share personal information: If someone contacts you pretending to be from Microsoft, don't provide any sensitive data such as banking information or login details.
Check the caller's identity: If you receive a call, hang up and contact Microsoft support through their official channels to verify the authenticity of the request.
Don't click on suspicious links: That includes links in emails or pop-ups if you're not sure of their origin.
Use up-to-date antivirus software: Having a comprehensive antivirus or security software on your devices helps detect and prevent malware from breaching your system.
Enable two-factor authentication (2FA): Enable 2FA for your online accounts to add an extra layer of security.
Check system notifications: Legitimate notifications from Microsoft will always come by Windows updates or other official channels.
Stay informed: Keep up with the latest scams to better spot them.
Remember, be cautious with unsolicited calls or messages, don’t give in to pressure to act quickly, and thoroughly verify information through reliable sources.
Spear phishing.
What’s spear phishing?
Unlike phishing, spear phishing targets a specific person instead of a large group of people. The potential victim receives a personalized email, usually from a well-known company, addressed to their name and asking them to follow a link or confirm personal information.
Cyber criminals commonly target a key person in an organization, like an employee of the finance or accounting department. They’ll send a message to that person, appearing to come from a senior executive within the organization. This senior executive will then ask the employee to perform a suspicious transaction or send sensitive information.
A frequent form of spear phishing is the overpayment scam. With the popularity of online eCommerce marketplaces like Kijiji and eBay, criminals take advantage of people who are less cautious.
The payment scam involves making the person selling the item pay an extra amount. The scammer makes an offer by email to the seller and then makes a payment that is more than the agreed price. They’ll usually claim that the extra amount was included to cover fees like customs charges or shipping, or that it was simply a mistake. The scammer then asks the seller to refund the excess amount or forward it to a third party from whom they’ll retrieve their money.
Once the amount has been paid, the seller often finds out that the cheque has bounced and that they’ve given the buyer a portion of their own money.
How to spot signs of spear phishing.
Like phishing, there are signs to watch for in the email:
The email may use questionable addressing, for example, “Mr.” instead of “Ms.”
It may tell you to follow a link when it's not needed for the transaction.
The email's tone doesn't match the institution or person.
It includes a .zip file.
To keep yourself safe during online transactions, especially from payment scams, follow these steps:
Never agree to receive an amount greater than the sale price.
Always ask for the buyer’s full details, including name, address and telephone number.
Insist on a certified cheque.
Never transfer funds directly to the buyer.
What to do if you suspect you’ve received a spear phishing email.
Resist
Don’t respond to the email.
Don’t select any links.
Don’t open any attachments.
Don’t enter any personal information.
While we can communicate with our customers by text message, email or phone, we’ll never request personal information, such as credit card numbers, personal identification numbers (PIN) or online account passwords. If unsure, contact us through a known, legitimate email address or phone number.
2. Report
This type of email should be treated like spam and reported as such to your email service provider. If you’re still concerned or you suspect fraud, also contact the Fraud Prevention Department.
3. Delete
The email should be deleted from both the inbox and the deleted items folder.
For more information on spear phishing, refer to the Canadian Bankers Association's website.
Smishing.
What’s smishing?
Smishing relies on fraudulent text messages that try to pressure you into sharing money, passwords or personal details. It’s used for more than one kind of fraud.
For more details on how to spot smishing and what to do if you think you’ve been scammed, go to the Identity and personal exploitation page.
AI and deepfakes.
What’s AI?
AI, short for Artificial Intelligence, refers to computer systems that can perform tasks that normally need human intelligence, including systems that automate decision‑making, generate content, analyze data, or interact with consumers and employees.
AI is used in scams and fraud to:
create convincing emails, text messages and chat conversations that mimic a real person or entity.
automate large volumes of fraudulent messages, such as emails, SMS and phone calls, increasing the chance that someone responds.
target businesses by personalizing scam attempts using publicly available information.
What’s a deepfake?
Deepfakes are realistic but fake images, videos, or audio created using AI. They can make someone appear to say or do something they never did.
Deepfakes can be used in scams and fraud to:
create fake audio, video and images impersonating a celebrity, a family member or stranger to manipulate you.
impersonate business executives and employees to manipulate you into moving or sending funds.
produce manipulated videos that appear to show a trusted person giving instructions.
How to spot a scam or fraud that uses AI or deepfakes.
You don’t need to be a tech expert to protect yourself. Scammers still rely on the same tricks: rushing you, scaring you, manipulating your emotions and asking for personal information.
Red flags to look out for:
Someone is trying to make a situation urgent or stressful.
You’re asked to share personal or financial information.
You’re asked to act alone or keep a secret.
The situation is too good to be true, or the request is unusual or out of character.
Our tip: Always take a step back and verify who’s actually contacting you. Check with a trusted contact, such as a family member, friend, or even your bank, to confirm the person’s real identity. At work, verify with a colleague through a trusted channel, not the contact information provided in the suspicious communication. This helps ensure you’re not responding to an AI or deepfake impersonation.
How do you avoid becoming a victim of scams or fraud in the workplace? Strengthen your internal defences:
Use strict verification protocols for requests involving money or sensitive data.
Train employees regularly on AI‑enabled fraud and deepfakes.
What to do if you think you’ve been scammed:
Stop engaging with the scammer.
At work, contact your immediate superior to advise of the situation.
If your banking information was provided, contact your bank immediately.
Change passwords for any affected accounts where sensitive information was given.
Report the scam to your local police and the Canadian Anti-Fraud Centre.
Back to top