Don’t Fall For This Interac Scam That Is Delivered By Text Message [UPDATED]

Last night I got a text message that got my attention. I snagged a screenshot of it for your viewing pleasure:


At first glance it looks like an Interac e-Transfer. And it comes from a Ontario area code to make it look legit. Except that when you look closer, specifically under the words “Deposit your INTERAC e-Transfer” you see a domain called That’s important because Interac has never used that domain. Besides, I am pretty sure that Interac doesn’t use GoDaddy to register their domains. Because when I ran the domain in question through the Whois database on GoDaddy, I found this:

Registry Domain ID: 2247282825_DOMAIN_COM-VRSN
Registrar WHOIS Server:
Registrar URL:
Update Date: 2018-04-03T01:30:36Z
Creation Date: 2018-04-03T01:30:36Z
Registrar Registration Expiration Date: 2019-04-03T01:30:36Z
Registrar:, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone: REDACTED 
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: clientRenewProhibited
Domain Status: clientDeleteProhibited
Registry Registrant ID: 
Registrant Name: Dean Ataman
Registrant Organization: 
Registrant Street: REDACTED
Registrant City: Belle River
Registrant State/Province: Ontario
Registrant Postal Code: REDACTED
Registrant Country: CA
Registrant Phone: REDACTED
Registrant Phone Ext:
Registrant Fax: 
Registrant Fax Ext:
Registrant Email: REDACTED
Registry Admin ID: 
Admin Name: Dean Ataman
Admin Organization: 
Admin Street: REDACTED
Admin City: Belle River
Admin State/Province: Ontario
Admin Postal Code:REDACTED
Admin Country: CA
Admin Phone: REDACTED
Admin Phone Ext:
Admin Fax: 
Admin Fax Ext:
Admin Email: REDACTED
Registry Tech ID: 
Tech Name: Dean Ataman
Tech Organization: 
Tech Street: REDACTED
Tech City: Belle River
Tech State/Province: Ontario
Tech Postal Code: REDACTED
Tech Country: CA
Tech Phone: REDACTED
Tech Phone Ext:
Tech Fax: 
Tech Fax Ext:
Tech Email: REDACTED
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System:
>>> Last update of WHOIS database: 2018-04-03T12:00:00Z <<< 

Seeing as Interac is not located in Belle River Ontario, this is clearly fake. Thus validating that this is a scam. Even though I redacted some potentially personal information, that info is likely fake as well. Having said that, if Interac or law enforcement are interested in what I found, feel free to contact me and I’ll hook you up.

I decided to dig in a bit deeper to find out what this scammer was up to. So I copied the link to my test iPhone and clicked on it. I got this:


Oooooo. It looks like I am going to get some money. Well, actually no. If you look at the URL in the browser, it’s the same address that I mentioned above. Clearly what this scam is counting on is that you won’t notice that. In the interest of science, I chose my financial institution and got this:


Now that’s a very good copy of the Canadian Imperial Bank Of Commerce website. To illustrate that, here’s the real Canadian Imperial Bank Of Commerce website:


It’s pretty close except that the domain is still present. Again, the scammers are hoping that you won’t notice.

At this point it’s pretty clear what this is all about. This is an attempt to get your username and password to your online banking account so that the scammers can drain it dry. I have to admit that this is pretty crafty as if you’re not paying attention to things like the domain that is in use, you might fall for it. Thus my advice is to pay attention to any Interac e-Transfer that you get. Look for weird looking URLs and anything that doesn’t seem “normal.” If you receive a notification for an Interac e-Transfer that you weren’t expecting, contact the sender through a different communication channel to verify. If the notification comes from someone you don’t know, or you suspect it may be fraudulent, do not respond or click any links. Forward the email or take screenshots and forward those to

In the meantime, I am reaching out to Interac with all the info that I complied on this scam so that they can hopefully put an end to it. Or at least put it on their radar.

UPDATE: A new variant of this scam has appeared. I posted a few Tweets on it last week:

I pinged Interac on this and got this response:

So if you get a text message like this, it’s a scam. Just delete the message and carry on with your life.


4 Responses to “Don’t Fall For This Interac Scam That Is Delivered By Text Message [UPDATED]”

  1. Natural Skin Care


  2. […] to say this is spam and it looks like a new version of this scam that I came across some time ago. Thus if you are a Rogers customer and you get one of these text […]

  3. […] 10. Don’t Fall For This Interac Scam That Is Delivered By Text Message […]

  4. I received a text today stating that I haven’t deposited a refund they owe me. I don’t even use Telus! Also if you look on details it says “refund expires on October 21st, 2018!! ( 4 months ago!)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: