Canada Emergency Response Benefit
It seemed like a good idea at the time…
With everyone being asked to stay at home and shelter in place, being given $2,000 a month to keep the money flowing was a ‘God-send’.
As a senior, I knew I wouldn’t be applying for the benefit, so there was no reason to suspect that someone might actually do that fraudulently by using my password to get into My Account with the Canada Revenue Agency.
Let’s call it a hunch, but I decided to sign in yesterday, only to see that I had supposedly signed in the day before. Huh?!
Remember that Strange Email from the CRA Last Month?
My mind instantly went back to that message, which effectively said that I would not be receiving any more email notifications from the CRA. Really?!
Well, I remedied that almost instantly by logging in to My Account and changing the notification address to a secondary email account. (I wonder if ‘they’ were following my actions because, the next day, my direct deposit details were changed and four CERB payments were applied for.) I was blissfully unaware of these events.
So, yesterday, I changed the banking details back to what they should have been, and called the Ontario Provincial Police to report the fraud.
Was It Greed or Just Stupidity?
This screenshot may be a bit blurry, but it shows how the Overview page of My Account looks today. Yes, at 6:45 pm (EDT) last night, our fraudster decided he wanted another bite of the CERB apple. Again, he changed the banking details, this time to a Bank of Montreal account in St-Constant, Quebec. (Previous bank details were for a Tangerine online account.) As I received notification of these actions within a minute of them being done, I signed in again and changed the bank details back to my own account.
But I couldn’t change the password until midnight, due to having ticked “Don’t show me these details again today.” At five minutes past midnight, this morning, I changed it from the one it had been since 2008 (when I was a Liberty Tax professional). Then I rang the CRA this morning at 9:00 am (EDT) to report the fraud.
What kind of vetting process did the CERB people run, to ensure that a senior wouldn’t apply for a benefit that he (or she) wasn’t entitled to? How did the fraudster(s) get past the initial log-in security questions when they pretended to be me? Why do people think they can get away with doing this stuff?