While pickpockets can only target a few people each day, Internet fraudsters can target many people, using the anonymity and reach of mass emails and fake websites. You can protect yourself from these situations by knowing how to identify and avoid these scams.
Phishing
A common way for Internet scammers to obtain your personal information is through a method called phishing. Usernames, passwords, banking information and credit card details are phished through email or instant messaging. Phishing works by sending communications, which appear to be from your financial institution, but they’re not. You’re asked, supposedly by your financial institution, to log in to your online banking to verify account information. Often some type of security concern is cited as the issue. The fake email instructs you to click on a link that takes you to a non-legitimate version of your online banking site – one that’s largely indistinguishable from the legitimate site – and you’ll be asked to enter your credentials.
Phishing emails may include:
Once you click on the link, which directs you to a phishing website, you’ll be prompted to enter personal or banking information. Phishing scams seek personal details, such as your address, social insurance number or mother’s maiden name. The details obtained will then be used for identity theft.
Scam emails appearing to be from your credit card company or financial institution often have some telling signs, including:
Never provide personal details or any account details in an email. Electronic messaging isn’t a secure form of communication. If you receive a message that you are unsure about, please contact us.
Pharming
Another way for hackers to get their hands on your personals details is by pharming them. Pharming occurs when hackers use a malicious code on your PC, which compromises your computer’s host file and redirects you to fake websites. The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser. With pharming, the dishonest redirection of URLs happens even when you type correct URLs directly into your browser, making you think that you’re on the correct website when you aren’t. Once there, you’re asked to enter your online banking credentials or account information, which hackers take and use for criminal activity.
How to Avoid Phishing and Pharming Scams
We’ll never send you emails or other forms of communication asking you to verify or provide your online banking details. The best way to protect yourself is to never use a link provided in an email to access your online banking (because we don’t send those; scammers do). Do not open emails or email attachments from unknown sources. Scan email through your anti-virus software first.
Always type your financial institution’s website address directly into your browser and remember to look for confirmation that you’re browsing securely. The letter “s” in ‘https’ indicates you are navigating in a secure site, in comparison to the open and unprotected ‘http’ URLs. Look for the ‘https’ when online shopping, too.
Don’t feel panicked when phishing emails caution of immediate account closures if your banking details cannot be verified. Don’t believe emails warning that your account has been compromised or that you’ll miss out on a great deal if you fail to act immediately. If you have concerns about emails or other communication related to your online banking, call or visit your local branch.
Bill Payment Fraud
Utility bill payments are a quick easy way to pay your accounts with your utility vendors. This service is unfortunately not immune to fraud. Bill Payment fraud occurs when someone gains unauthorized access to your online banking credentials (account number and personal access code (PAC)) and initiates fraudulent bill payments. The fraudster usually gains access to your online account details through the installation of a key logger or other malicious software on your computer. The key logger (keystroke logging) records your keystrokes and transmits this information to a fraudster. Once logged in to online banking, the fraudster sets up bill payments, typically for prepaid credit cards, and starts making frequent large payments towards the prepaid cards. Once the funds are transferred to the credit card the fraudster gains access to the funds through cash advances at ATMs or large purchases at retailers.
If this happens to you, refer to our ‘Report It, Stop It’ instructions for what to do if you become a victim of fraud.
E-Transfer Fraud
There are numerous benefits for using Interac e-Transfer. As long as you have email and online banking access, you can send and receive Interac e-Transfers. However, if your computer is compromised then your email account and your banking credentials may be at risk.
e-Transfer fraud occurs when someone steals your online banking login credentials and gains unauthorized access to your bank account. Once logged in the individual sends e-Transfers from your bank account to another bank account elsewhere usually using fraudulent sender and recipient email accounts. The email addresses need only be active for as long as it takes for the fraudster to send and receive the funds.
If this happens to you, refer to our ‘Report It, Stop It’ instructions for what to do if you become a victim of fraud.
