The IT Nerd

Canadians are facing a flood of scam attempts, with one in three reporting fraudulent job or CRA-related texts in the past three months alone, according to new research from Equifax Canada. 

The Equifax Cybersecurity Survey, reveals a growing preparedness gap in what to do in cases of scams or fraud. Nearly two-thirds of Canadians surveyed say they would contact the police if their identity was stolen, and half would reach out to a credit bureau. Of those surveyed, 79 per cent stated they would contact their bank, however nine per cent admit they wouldn’t know what to do at all.

One in four Canadians surveyed also reported receiving scam emails, while a further 13 per cent admit to clicking on a fraudulent link, and six per cent say they have already had their identity stolen.

The survey also shows a near-universal sense of risk with 97 per cent of those surveyed saying that protecting themselves online is important, and 93 per cent report that protecting their family online is important:

• 82 per cent worry about children being taken advantage of online.
• 75 per cent worry about their information being hacked from their personal computer.
• 71 per cent worry about someone using technology to trick them into giving away personal information.
• 61 per cent worry about someone impersonating them on social media.

Protecting yourself and your family
The best defence against scams is educating yourself and being cautious.

• Verify everything: Independently verify unsolicited requests. Government agencies/banks will never ask for personal info via email/text, or demand gift cards/cryptocurrency. For businesses, go directly to their official website if an account issue is suspected.
• Don’t be pressured: Legitimate organizations allow time for verification.
• Build a shield: Use strong passwords and logins, secure your Wi-Fi and be careful what you share.
• Educate yourself: Stay informed about current scams.

Equifax surveys over the past decade illustrate how fraud and scam threats have evolved. In 2015, just over half of Canadians (53 per cent) felt vulnerable to identity theft. By 2023, more than eight in ten (81 per cent) said they did. Today, nearly all Canadians place importance on protecting themselves (97 per cent) with the threat of fraud increasingly immediate and direct, arriving on the devices Canadians use every day.

• Scam exposure is widespread: 31 per cent of Canadians surveyed received fraudulent job texts and 29 per cent received CRA or banking scam texts in the last three months.

• Risky links: 13 per cent surveyed had clicked a scam link, and 15 per cent had received romance scam messages on social media.

• Top protections Canadians want: With fraud and scams on the rise, 31 per cent of Canadians surveyed think they need to do more to protect themselves online. When thinking of online security tools, respondents cited the following tools as most important: secure VPN and anti-virus software, password managers, credit monitoring, parental controls, and social media and dark web monitoring.

*The Equifax Cybersecurity Survey was conducted online by Leger between September 19 and 22, 2025, with a nationally representative sample of 1,521 Canadians. For comparative purposes, a probability sample of this size would yield a margin of error of ±2.5 per cent, 19 times out of 20.

Equifax Canada is excited to announce the successful completion of a multi-year cloud transformation of all customer products and platforms onto the Equifax Cloud^TM. This ambitious move allows Equifax Canada to help customers and partners leverage unique, proprietary Equifax data and patented EFX.AI capabilities to help them solve their business challenges, manage risk, and grow their business.

The Equifax Cloud is a top-tier global technology and security infrastructure backed by a more than $1.5 billion multi-year investment. It has changed nearly every aspect of the Equifax infrastructure and is one of the largest Cloud initiatives ever undertaken in the financial services industry. Today, Canada’s largest consumer credit bureau, and the largest commercial credit bureau are operating on The Equifax Cloud, delivering a new agile foundation of improved speed, security and resiliency, and more powerful insights than ever before.

Equifax partnered with Google Cloud in 2019 for this transformation and received three consecutive Google Cloud Financial Services Customer Awards for demonstrating innovative thinking, technical excellence and transformation execution.

With this comprehensive digital transformation now complete, Equifax Canada is now leveraging the Equifax Cloud to develop customer-focused solutions such as the Global Consumer Credit File, Canadian Small Business Health Index (in partnership with BDC), and Equifax Complete Protection.

For more information on the Equifax Cloud, please visit: https://www.equifax.ca/about-equifax/equifax-cloud/

A new survey* by Equifax Canada sheds light on a public increasingly worried about the potential rise in fraudulent activity across industries. In addition, Equifax Canada data shows mortgage fraud and identity fraud continuing to escalate across the country as economic pressure continue.

Key Overall Findings: 

• Economy Fuels Fears: Over 76 per cent of Canadians surveyed believe financial hardships may increase the likelihood of people committing fraud and theft, suggesting economic anxieties may contribute to growing auto theft and identity fraud concerns.
• Auto Industry Alarm: Over 74 per cent of Canadians surveyed believe insurance fraud impacts their auto insurance payments, highlighting the financial burden of this growing crime. Over 56 per cent believe that keyless entry and ignition systems have increased the risk of auto theft, with 48 per cent knowing someone who has had their vehicle stolen.

Equifax Data: Tracking Identity Fraud Across All Sectors
While overall fraud rates have seen a slight decline compared to the peak levels of 2022, the prevalence of identity fraud has increased. In the fourth quarter of 2023, identity fraud accounted for a staggering 75.21 per cent of all fraudulent applications across all sectors, marking a significant increase from 64.7 per cent in the previous year. This rise in identity fraud poses a substantial risk to consumers and financial institutions alike, as fraudsters employ increasingly sophisticated tactics to exploit the system. The biggest proportion of identity fraud was seen in the banking sector, where 73.5 per cent of all fraudulent credit card applications and 89.3 per cent of all deposit frauds in Q4 2023 were found to be because of identity fraud.

Auto Industry 
The Equifax application fraud data also suggests nearly 80 per cent of auto fraud cases involve first-party fraud, where individuals falsify income or financial statements when applying for a car loan. New data indicates that the proportion of identity fraud in auto fraud applications has doubled since 2019. Secured lending institutions are especially vulnerable to these attacks, as fraudsters manipulate identity information to secure loans and acquire vehicles through deceptive means.

In response to these fraud trends, Equifax Canada emphasizes the importance of proactive fraud prevention measures and heightened consumer awareness. Equifax Canada suggests businesses consider adopting a fraud prevention platform like FraudIQ Manager to protect their business.

Mortgage Woes
Equifax Canada quarterly data** also shows fraud rates in mortgage applications continue to rise, up by 9.9 per cent in Q4 compared to Q4 2022, with Ontario having the highest mortgage fraud rate among all the provinces. Mortgage fraud is most commonly seen in the form of first-party fraud, where an individual provides false information to qualify for a mortgage.

Equifax Canada encourages consumers to explore ID theft protection products that can help detect fraud sooner by alerting them to key changes on their credit reports and scores, as well as reviewing tips to protect their information, including:

• Using strong and unique passwords
• Being cautious of suspicious calls and emails
• Carefully disposing of sensitive documents like bank statements and credit card bills
• Being careful about sharing personal information and only sharing personal information and photo identification with trusted institutions

* Equifax surveyed 1,614 Canadians ages 18-65, Feb. 2-4. A probability sample of the same size would yield a margin of error of +/- 2.5 per cent, 19 times out of 20.

* *Equifax data pulled from Q4 2019 to Q4 2023

Facebook isn’t the only company who is cutting a deal to make their legal issues go away. The New York Times is reporting that Equifax who had an epic data breach in 2017 that affected 150 million people is about to cut a deal to pay a $650 million fine to the feds and state investigators to make their legal issues go away:

Most of the roughly $650 million payment would go toward compensating consumers for costs associated with the data breach, according to those familiar with the settlement discussions.

Plans for the settlement were reported earlier by The Wall Street Journal.

To be frank, this is a slap on the wrist. Given the scale of this data breach and the effects of said breach on consumers to this day, Equifax needs to be punished to a greater degree. But that’s not going to happen apparently and that’s sad. Consumers deserve better. Much better.

You might remember that the feds, specifically the SEC were looking at execs at Equifax who on the surface dumped shares in the company before it became public that the company was pwned in epic fashion by hackers. Now It seems that a former CIO of an Equifax business unit has been nailed by the feds for doing just that:

According to the SEC’s complaint, Jun Ying, who was next in line to be the company’s global CIO, allegedly used confidential information entrusted to him by the company to conclude that Equifax had suffered a serious breach.  The SEC alleges that before Equifax’s public disclosure of the data breach, Ying exercised all of his vested Equifax stock options and then sold the shares, reaping proceeds of nearly $1 million.  According to the complaint, by selling before public disclosure of the data breach, Ying avoided more than $117,000 in losses.

“As alleged in our complaint, Ying used confidential information to conclude that his company had suffered a massive data breach, and he dumped his stock before the news went public,” said Richard R. Best, Director of the SEC’s Atlanta Regional Office.  “Corporate insiders who learn inside information, including information about material cyber intrusions, cannot betray shareholders for their own financial benefit.”

Here’s the thing. When the feds charge you with insider trading, you’re likely going to the big house as your chance of defending yourself isn’t very good. So I hope this fellow has his affairs in order.

Oh, other execs whether they be current or former ones might want to put their lawyers on speed dial because the press release that I linked to above indicates that the investigation is still ongoing. Which means more Equifax types might be facing the same treatment in the near future.

Bad news if you’re following the Equifax story. Apparently the company has now said that 2.4 million more people were affected in that epic pwnage from last year. That’s the second time they’ve had to revise the number of people affected by this upward:

Equifax said all affected users will be notified, and emphasized that these findings aren’t the result of any new hacks.

“This is not about newly discovered stolen data,” said Paulino do Rego Barros Jr., interim CEO at Equifax. “It’s about sifting through the previously identified stolen data, analyzing other information in our databases that was not taken by the attackers, and making connections that enabled us to identify additional individuals.”

The latest disclosure shows just how bad the company was hit. In September, initial reports said 143.3 million Americans were affected. By October, it had gone up to 145.5 million. The new total is 147.9 million. 

I think its safe to say that they have no clue how many people are truly affected by this. That should scare you. And it should highlight this fact via Senator Elizabeth Warren:

.@Equifax can’t be trusted. Their mistakes allowed the breach to happen, their response has been a failure, and they still can’t level with the public. Enough is enough. We have to start holding the credit reporting industry accountable. https://t.co/p9oKVLqyHb

— Elizabeth Warren (@SenWarren) March 1, 2018

I agree. Equifax cannot be trusted and as a result must be held accountable.

It appears that in the shadow of a probe into the pwnage of Equifax being shelved, news is appearing that seems to indicate that the pwnage was worse than first thought:

The credit reporting company announced in September that the personal information of 145.5 million consumers had been compromised in a data breach. It originally said that the information accessed included names, Social Security numbers, birth dates, addresses and — in some cases — driver’s license numbers and credit card numbers. It also said some consumers’ credit card numbers were among the information exposed, as well as the personal information from thousands of dispute documents.

However, Atlanta-based Equifax Inc. recently disclosed in a document submitted to the Senate Banking Committee, that a forensic investigation found criminals accessed other information from company records. According to the document, provided to The Associated Press by Sen. Elizabeth Warren’s office, that included tax identification numbers, email addresses and phone numbers. Finer details, such as the expiration dates for credit cards or issuing states for driver’s licenses, were also included in the list.

The additional insight into the massive breach was first reported by the Wall Street Journal.

Equifax’s disclosure, which it has not made directly to consumers, underscores the depth of detail the company keeps on individuals that it may have put at risk. And it adds to the string of missteps the company has made in recovering from the security debacle.

This is exactly why a deeper investigation needs to be done. It is becoming clear that Equifax really dropped the ball here and consumers are really at risk. Thus understanding why that happened and what can be done to avoid in the future would be a good idea. Not only that, I’m pretty sure that someone needs to be held accountable over at Equifax over this. By that I mean some stiff fines and perhaps some time in the clink. But that will only happen if this issue is thoroughly investigated.

Reuters is reporting that the new head of the CFPB (aka: Consumer Financial Protection Bureau) is pulling back from a full-scale probe of how Equifax failed to protect consumer data in its breach affecting 145.5 million Americans.

All together now…. WTF?

This is the dumbest thing I have ever seen. About half the American population gets affected by the most epic pwnage the world has ever seen and the US Government doesn’t want to step in and protect their citizens? That’s just mind blowing. It basically means that there is no hope whatsoever when it comes to holding companies who get pwned accountable for getting pwned. Which means that the average person is pretty much on their own. Hopefully Americans remember that when they go to the polls is their mid-term elections this November.