Important security information

Phishing, brand spoofing and email fraud
Security requirements
Clearing your cache

Phishing, brand spoofing and email fraud

Phishing (pronounced "fishing" and also referred to as brand spoofing) is a type of fraud that is designed to trick individuals into disclosing confidential and financial information for the purpose of identity theft. Perpetrators send out emails, falsely claiming to be an established legitimate enterprise in an attempt to obtain personal information from the email recipient. The email usually directs the user to visit or click on links that will take them to a Web site where they are asked to update personal information, such as User Ids, passwords, account numbers, etc. The Web site, however, is a scam and is designed only to steal the user’s information.

As a general rule, you should not provide your confidential and financial information over the Internet in response to unsolicited requests you receive. The Canada Revenue Agency (CRA) will never ask you to provide us with your personal information by email. If you receive such a request, do not respond and contact our e-service Helpdesk immediately. See what you can do to protect your personal information.

For more information, see Phishing or Brand Spoofing (Royal Canadian Mounted Police).

Top of page

Security requirements

The Canada Revenue Agency takes the confidentiality of your information very seriously. We use sophisticated security techniques to protect our site and your privacy. Powerful encryption technology and security procedures protect your personal information at all times. That's why you have to use approved security protocols to view your personal information or manage your personal income tax and benefit account online.

To use these CRA epass services, your browser must use 128-bit Secure Sockets Layer (SSL) 3.0 encryption. You can test your browser's encryption capability by using our "Test" button, this will tell you if you need to upgrade your browser's encryption. For more information, see Your browser.

Clearing your cache

After you complete a secure transaction, you should clear your browser's cache or close and reopen your browser. Information stored in the browser's cache is not encrypted, so clearing the cache helps to ensure the security of your information. If you are using Netscape Navigator, clear both your browser's disk cache and memory cache. If you are using Internet Explorer, clear your disk cache, then close and reopen your browser. If you are using Safari, select the Safari menu and select clear cache, then close and reopen your browser.