Important Security Information


Phishing or brand spoofing

Phishing (pronounced "fishing" and also referred to as brand spoofing) is a type of fraud that is designed to trick individuals into disclosing confidential and financial information for the purpose of identity theft. Perpetrators send out emails, falsely claiming to be an established legitimate enterprise, in an attempt to obtain personal information from the email recipient. The email usually directs the user to visit a Web site or click on links that will take them to a Web site where they are asked to update personal information, such as User IDs, passwords, and account numbers. The Web site, however, is a scam and is designed only to steal the user's information. For more information, see our E-mail Fraud / Phishing (Royal Canadian Mounted Police).

Email fraud alert

If you do receive a fraudulent email message claiming to be from the CRA, do not respond and delete it from your Inbox. For more information, see Taxpayer alert: Don't be fooled by unsolicited e-mails or phone calls!

Report an email or online fraud

As a general rule, you should not provide your confidential or financial information over the Internet in response to unsolicited requests you receive. The CRA will never ask you to provide your personal information by email. If you receive such a request, do not respond and delete it from your Inbox. See what you can do to protect your personal information. For more information, see our Taxpayer alert: Don't be fooled by unsolicited e-mails or phone calls!

Security requirements

The CRA takes the confidentiality of your information very seriously. We use sophisticated security techniques to protect our site and your privacy. Powerful encryption technology and security procedures protect your personal information at all times. That's why you have to use approved security protocols to view your personal information or manage your personal income tax and benefit account online. For more information, see Your browser.

Clearing your cache

If you are using a computer available in a public location (e.g., an Internet café or a library), you should clear the browser's cache or close and reopen the browser. Information stored in the browser's cache is not encrypted, so clearing the cache helps to ensure the security of your information.

Note

Clearing your cache will remove any cookies that are stored on your computer's browser. This means that each time you login using that computer, you will have to answer one of the security questions you have chosen. If you do not want to answer one of the questions you already chose and this is the personal computer that you use most often to login to the CRA services, do not clear your cache.

Report a problem or mistake on this page
Please select all that apply:

Privacy statement

Thank you for your help!

You will not receive a reply. For enquiries, contact us.

Date modified: