‘We have to be even more aware than we had to before’: seniors sound alarm on email scams

Nothing appeared out of the ordinary when an official-looking email — bearing the Bell MTS name and logo — arrived in Julie Leefe’s inbox, claiming she had a new voice message.

Read this article for free:

or

Already have an account? Log in here »

To continue reading, please subscribe with this special offer:

All-Access Digital Subscription

$1.50 for 150 days*

  • Enjoy unlimited reading on winnipegfreepress.com
  • Read the E-Edition, our digital replica newspaper
  • Access News Break, our award-winning app
  • Play interactive puzzles
Continue

*Pay $1.50 for the first 22 weeks of your subscription. After 22 weeks, price increases to the regular rate of $19.00 per month. GST will be added to each payment. Subscription can be cancelled after the first 22 weeks.

Nothing appeared out of the ordinary when an official-looking email — bearing the Bell MTS name and logo — arrived in Julie Leefe’s inbox, claiming she had a new voice message.

When she clicked on a link and entered her login details, she unknowingly gave hackers access to her account and contacts, including two well-intentioned friends who ended up losing $300 each in a subsequent emergency scam.

“It looked completely legitimate,” Leefe said of the email. “I stupidly clicked. I had to put in my email address and my password, and then there was no voice message there.”

The 69-year-old Oakbank resident wants Bell MTS to send an alert to its customers.

JESSICA LEE / WINNIPEG FREE PRESS

Julie Leefe fell victim to a phone scam when she received an email from “Bell MTS” claiming there was a “voice email” for her.

“They don’t seem to want to warn the public,” she said. “As seniors, we’re always dealing with change. I’ve never heard of a voice memo, but you can do voice recordings. I figured, maybe, it’s a new thing.

“We have to be even more aware than we had to before.”

The disguised email containing the malicious link displayed a “no reply” Bell MTS address. It didn’t contain the kind of typos or grammatical errors Leefe is used to seeing in most phishing attempts.

Scammers will stop at nothing

Scammers are going to all kinds of lengths to steal Canadians’ personal information or hard-earned money.

One of the most common online scams is phishing.

Scammers are going to all kinds of lengths to steal Canadians’ personal information or hard-earned money.

One of the most common online scams is phishing.

There are probably very few people with an email address who haven’t received emails or text messages which try to trick them into clicking on a malicious link.

Typically, the email or message purports to be from a recognizable utility, bank, company or public agency. It may claim the receiver needs to log in to update account details, receive something or sign an online document.

However, it’s an attempt to trick the person into divulging personal or financial information, said the Canadian Anti-Fraud Centre, which itself was impersonated in recent phishing emails.

In 2021, phishing was the sixth-most reported type of fraud to the CAFC. The federal agency received 6,953 reports. However, scams are vastly underreported. The CAFS estimates fewer than five per cent of victims file a fraud report.

Another common tactic is spear phishing, which targets specific people or organizations in an attempt to steal credentials or financial details. The CAFC received such 1,817 reports in 2021, with victims suffering $54 million in losses.

She was on a fishing trip when the email arrived around Sept. 3. Expecting a quote from a contractor, she signed in assuming he had left a voice message.

“I feel angry that I wasn’t more careful, and I feel very sad that my two friends got caught up in it,” said Leefe.

With access to her account, hackers sent emails asking her contacts if they have an Amazon account. Those who replied were given a sob story, as the con morphed into an emergency scam.

Posing as Leefe, the hackers claimed she had a “bad leg” and needed help buying a birthday present for a niece.

Each contact was asked to buy a $300 Amazon gift card and send a picture of the card numbers needed to redeem the value online.

The money would be reimbursed, the email claimed.

Thinking they were doing a good deed, at least two friends bought gift cards in stores and supplied the numbers.

JESSICA LEE / WINNIPEG FREE PRESS

Leefe was waiting for a quote from a contractor to fix her home exterior.

Zdena Price, 69, cried when she found out it was a scam.

“The reason I cried is because I always wanted to trust, and I can’t do that anymore,” said Price, who lives in Castlegar, B.C. “Now, you almost have to become suspicious of anybody and anything.”

She realized she had been defrauded when her daughter urged her to call Leefe to find out if the request for help was genuine.

When she later alerted Amazon, staff told her the card had been redeemed and the account, based overseas, would be frozen.

Like Leefe, Price decided to speak out because she wants to warn others, especially older adults.

“The crucial thing is to be educated and safeguard all your credit card numbers and personal information… Do not give it out to anybody.”–Zdena Price

“The crucial thing is to be educated and safeguard all your credit card numbers and personal information,” said Price. “Do not give it out to anybody.”

The second friend, who asked not to be named, knew she’d been scammed when she received an email asking for another $200.

The Oakbank woman had some doubts about the initial sob story, but it seemed plausible because she has seen Leefe with a brace on her leg.

“I’m disappointed in myself for falling for it. I’m frustrated this happens to decent people,” the 69-year-old woman said. “I just got caught wanting to help. People think they’re cautious enough, but it can happen to you.”

She reported the fraud to the RCMP, but accepts “there’s nothing they can do” because cyber criminals are difficult to trace.

JESSICA LEE / WINNIPEG FREE PRESS

Leefe shows the email she received recently which was actually a phone scam. The disguised email did not contain the kind of typos or grammatical errors Leefe is used to seeing in most phishing attempts.

Feeling awful about what happened, Leefe has offered to reimburse her friends.

“They’re the warmest, kindest, most honest people you can imagine,” she said. “It’s completely innocent, wonderful people who are getting sucked in.”

Leefe believes scammers obtained her email address when a different friend’s account was hacked last month.

She called Bell MTS when family and friends began asking about the suspicious emails from her address.

Staff, who helped change her password, discovered the hackers had set up a filter and were forwarding her incoming mail to a webmail account that mimicked her Bell MTS address.

“It would be lovely if there was a way of catching these people.”–Val Arklie, friend

Despite changing her security settings, the hackers were still able to erase her contacts and send and received emails, Leefe said.

She authorized Bell MTS to suspend her account.

Leefe reported the scam to the Canadian Anti-Fraud Centre. She was advised a police report wasn’t necessary because she didn’t lose any money.

Another friend, Val Arklie, said her email account was hacked Saturday.

“I have no idea what the trigger was. I got the voice memo email, but I didn’t click on it,” she said.

Hackers posing as her sent a similar sob story to her contacts.

“We want our customers to be aware that Bell MTS will never ask for personal information such as passwords, bank account information and credit card numbers in an email.”–Morgan Shipley, Bell MTS spokeswoman

Arklie, 69, said a “good-hearted” friend tried to buy a $400 Amazon gift card, but the payment was flagged as suspicious and the money was returned.

“It would be lovely if there was a way of catching these people,” said Arklie, who wasn’t defrauded.

Bell MTS encourages customers to call 204-225-5687 to verify emails or text messages.

“We want our customers to be aware that Bell MTS will never ask for personal information such as passwords, bank account information and credit card numbers in an email,” spokeswoman Morgan Shipley wrote in an email. “Customers are always advised to delete these messages and not to click on any links in them or reply to them.”

Seattle-based Amazon.com Inc. warns people to be wary of emails that create a sense of urgency. It encourages people to report scams involving its name or customer accounts.

“Scammers that attempt to impersonate Amazon put our customers and our brand at risk,” a spokesman wrote in an email.

“We consistently get multiple reports every week regarding compromised email accounts through various means… Criminal actors are constantly trying to gain access to emails.”–WPS spokeswoman

Phishing is among the most common online scams, said cybersecurity expert Mathieu Manaigre, president of Winnipeg-based Avenir IT.

His company runs test phishing scams for clients to assess the awareness and carefulness of staff.

“The ones we catch people on tend to be voicemail- or fax-related scams,” Manaigre said, adding he would welcome more efforts to educate and protect older adults from online fraud. “Seniors tend to be the ones falling victim more often to these money-sending scams.”

RCMP spokesman Sgt. Paul Manaigre (no relation) said phishing scams are becoming “more and more” sophisticated.

People should “do their due diligence” and call the purported sender before clicking on links or divulging information such as login or banking details, he said. “It’s also a very good idea, if this involves seniors, for them to contact someone they trust — family, friends — and provide the information to them to see if it what is being asked makes sense.”

Winnipeg police have not received any reports about the recent scam, a spokeswoman said.

“That said, we consistently get multiple reports every week regarding compromised email accounts through various means,” she wrote in an email. “Criminal actors are constantly trying to gain access to emails as a mechanism to defraud others or to gain access to the victims banking or other services.”

chris.kitching@freepress.mb.ca

Twitter: @chriskitching

Chris Kitching
Reporter

As a general assignment reporter, Chris covers a little bit of everything for the Free Press.

Report Error Submit a Tip