Search

Bulletin: New technology

This year marks the 20th anniversary of Fraud Prevention Month. The theme of this year’s campaign is “20 years of fighting fraud: From then to now. With this theme, we’ll be exploring how certain frauds have evolved with the rise of the digital age, drawing insightful comparisons between the past and present. This bulletin was prepared to bring awareness on some of the new technology available to fraudsters. Over the last 20 years, we have seen many new technologies and unfortunately, fraudsters have capitalized on these advancements. The evolution of technology has created a higher risk for fraud in the online environment for Canadians. Criminals are targeting Canadians who may be new to the cyber environment or less tech-savvy, or businesses that may not have cyber protection or procedures in place. Below, we look at some of the recent technologies and methods fraudsters are using to target Canadians.

On this page

List of acronyms and abbreviations

AI
artificial intelligence
CAFC
Canadian Anti-Fraud Centre
QR code
Quick Response code

Artificial intelligence and fraud

Fraudsters are increasingly using artificial intelligence (AI) and related technologies to commit various forms of fraud. Some ways in which AI is being used by fraudsters, as observed by the Canadian Anti-Fraud Centre (CAFC) and other organizations, include:

Phishing and social engineering
AI can be used to personalize phishing emails and messages by analyzing data from social media and other sources, making them more convincing and difficult to detect by traditional spam filters.
Fraudulent account creations
AI algorithms can be used to automate the creation of fake online accounts for various purposes, such as conducting fraud or engaging in identity crimes.
Data analysis
AI can analyze large datasets to identify potential targets for fraud, such as individuals with specific demographics or behavioral traits that make them more susceptible to certain types of fraud.
Deepfake technology
This technology uses machine-learning algorithms to create realistic-looking fake videos or audio recordings. This is most commonly seen in investment and merchandise frauds where fake celebrity endorsements and fake news are used to promote the fraudulent offers.

QR code fraud

The CAFC is receiving reports of fraudsters using QR codes in various scams to steal personal information and money. Similar to fraudulent links or URLs, QR codes can be inserted into emails and text messages to direct potential victims to fraudulent or malicious websites. Below are some of the variations we have seen:

Phishing with QR codes
Fraudsters claim to be a service provider, government agency, or financial institution. Instead of asking the victim to click on a link or download an attachment, fraudsters instruct the victim to scan a QR code.
Vendor fraud
Victims selling items are being targeted by QR-code fraud. Fraudsters send a fake payment advising that the victim must scan a QR code in order to receive a payment. When the victim scans the QR code, they are asked for their online banking information putting them at risk for identity fraud.
In another variation, fraudsters send a QR code to the victim claiming that they are sending a payment. In reality, it is a request for a payment. When the victim enters their banking information, fraudsters receive the payment or gain access to the victim’s bank account.
Cryptocurrency QR codes
Fraudsters ask for crypto currency as a payment in many different types of fraud. In many cases, criminals send a crypto currency address in the form of a QR code. Victims are then directed to scan it to make a payment. In the end, payments will be sent to crypto wallets controlled by the fraudsters.

Notable technology used by fraudsters in recent years

Data breaches, identity theft and identity fraud
The proliferation of data breaches has exposed millions of individuals' personal and financial information, leading to a surge in related fraud. Fraudsters use stolen data for credential stuffing attacks to gain access to victim accounts to commit fraud.
Search engine optimization
While not new, fraudsters continue to use search engine optimization to promote their websites to appear in the top results of an online search. This technique is most commonly used in investment fraud, merchandise fraud, and service fraud.
Compromised social media accounts
Fraudsters gain unauthorized access to social media accounts and target friends lists with fraudulent offers for crypto investment opportunities, job offers, prize claims, or grant solicitations.
Spoofing
Spoofing is used to mislead and convince victims that they’re communicating with people they think are trustworthy, such as service providers, government agencies or law enforcement. Fraudsters can change the numbers that appears on a phone’s caller-ID display, a sender’s address in an email, and often mimic legitimates websites.

Warning signs - How to protect yourself

Visit the CAFC online to learn more tips and tricks for protecting yourself. Anyone who suspects they have been the victim of cybercrime or fraud should report it to their local police and to the CAFC’s online reporting system or by phone at 1-888-495-8501. If not a victim, report it to the CAFC anyway.

Date modified: