Internet, Text Scams and Other Fraud
Internet and Text Scams
Wealth One Bank of Canada believes that its clients can protect themselves from internet and text scams and other frauds by knowing how to identify and avoid these situations.
Phishing
A common way for Internet scammers to obtain your personal information is through a method called phishing. Usernames, passwords, banking information and credit card details are phished through email or instant messaging. A person with malicious intent sends out communications, which appear to be from your financial institution, but they are not. You are asked, supposedly by your financial institution, to log in to your online banking to verify account information; often some type of security concern is cited as the issue. The fake email instructs you to click a link which then takes you to a non-legitimate version of your online banking site – one that is largely indistinguishable from the legitimate site – where you will be asked to enter your personal or banking information.
Phishing emails may include some of the following common indicators:
- warnings about account closures;
- requests to update your information;
- offers to register for a new service;
- offers for pre-approved credit cards; and
- free virus-protection programs.
Phishing scams seek personal details, such as your address, social security number or mother's maiden name. The details obtained will then be used for identity theft.
Scam and phishing emails purporting to be from your credit card company or financial institution often have some telling signs, including:
- poor spelling or grammar;
- odd, simplistic (text-only) or unprofessional format;
- asking you to click on a link (URL);
- alarmist content, such as a warning that your account will be closed if you do not provide your banking or personal details immediately, or informing you that something is wrong with your account and/or you need to reactivate the services; and
- notices that you have won a prize and are required to pay a fee in order to claim it.
Never provide personal details or any banking or account details in an email. Electronic messaging is not a secure form of communication. If you receive a message relating to your Wealth One account that you are unsure about, please contact us immediately.
Pharming
Another way for hackers to get their hands on your personal details is through a method referred to as pharming. Pharming occurs when hackers use a malicious code on your PC, which compromises your computer's host file and re-directs you to fake websites. The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser. With pharming, the dishonest re-direction of URLs happens even when you type correct URLs directly into your browser, making you think that you are on the correct website, when in fact you are not. Once there, you are asked to enter your online banking credentials or account information, which hackers will then take and use for criminal activity.
How to Avoid Phishing and Pharming Scams
We will never send you emails or communications asking you to verify or provide your online banking details. The best way to protect yourself is to avoid using a link that is provided in an email to access your online banking (because we do not send those; scammers do). Do not open emails or email attachments from unknown sources. Scan email through your anti-virus software.
Always type your financial institution's website address directly into your browser and remember to look for confirmation that you are browsing securely. The letter "s" in 'https' indicates you are navigating a secure site, in comparison to the open and unprotected 'http' URLs. Look for the 'https' when conducting any sensitive tasks such as banking or shopping online.
Do not feel panicked when phishing emails caution of immediate account closures if your banking details cannot be verified. Do not believe emails warning that your account has been compromised or that you will miss out on a great deal if you fail to act immediately. If you are concerned, please forward the e-mail without the attachment to us at help@wealthonebank.ca or call us at 1.866.392.1088. We would like to remind you that Wealth One will never open any attachments or links you provide through communications with us.
Protecting Against Malicious Software
Malware
Malicious software (malware), spyware, worms and Trojans are examples of computer viruses which steal your personal information, take over your computer and use your computer to attack other people's computers. Your computer can become infected through email attachments, downloading infected content or visiting harmful websites.
Spyware
‘Spyware’ is exactly what it sounds like – tracking software downloaded to your computer (without your knowledge) when you visit certain internet sites. Secretly, it gathers information about you and your browsing habits. This information can be trivial or can include passwords and personal data that you would not want criminals to get their hands on. It can also interfere with user controls and disable legitimate anti-virus programs.
The best way to protect your computer against spyware is smart browsing. Stay away from sites that look unsafe and avoid streaming or downloading content from untrustworthy sources. Many anti-virus products offer targeted spyware solutions that inspect your operating system, installed programs, downloads and files.
Scareware
One of the most common viruses to watch out for is known as ‘scareware’. These scams pop-up on your screen and display alarmist warnings, telling you a virus has invaded your computer. Scareware prompts you to download (and often pay for) fake anti-virus software to remove the non-existent viruses. Scareware is a scam that tries to trick you into paying money in exchange for nothing.
You can protect yourself against scareware by keeping your anti-virus software up-to-date and by being judicious about what you choose to download onto your computer, websites you visit and items to click on. You should also familiarize yourself with the interface of your legitimate anti-virus program, so you won't be fooled if one of these pop-ups appear.
Ransomware
‘Ransomware’ is a modern variation on malware that works by installing a hidden program on your computer, blocking you from accessing your computer until you make a ransom payment to the hacker who installed the program. An even newer variation on ransomware will encrypt certain file types on your computer, and will force you to make a ransom payment to the hacker in order to get a decryption key.
You can protect your computer against ransomware by following the same steps you would use to avoid spyware and scareware. In addition, it’s important to back up your files regularly, and encrypt the backed up files so that you’re the only person who can access them.
Free Software
A number of websites will offer free software that promises to improve your computer’s internet speed, scan your e-mails for viruses, or view movies or photos. Some of this free software may allow third parties to monitor your internet browsing and capture your personal or sensitive information.
In order to reduce the possibility of this occurring, we recommend that you carefully read the terms and conditions of such free software, and only download free software from websites that you know are safe.
Anti-Virus Software
Install anti-virus software on your computer to protect your information, money and privacy. Such software detects viruses and other malware and cleans your computer so that harmful viruses do not spread. Set up your anti-virus to run frequent scans and update the software as soon as it is required. Ensure you have real-time scanning of every email and every file you download. Please note that even when running anti-virus software you are not invulnerable to intrusions and malicious content that has yet to be discovered as a threat. We encourage that you remain vigilant.
Other Common Fraudulent Schemes
The following are other common fraud schemes of which you should be aware. Just being informed about these harmful schemes can be enough for you to prevent yourself from being a victim.
Moving Money for a Stranger
Criminals use a variety of schemes to gain access to your account to facilitate their criminal transactions. By accepting and re-directing any money from such individuals, you may be participating in a money-laundering scheme if those deposits were proceeds of fraud or other criminal activities. These actions could carry serious consequences for those involved.
Be wary of scams offering you financing from an unknown third party and the ability to “Earn Money From Home”, as well as schemes involving government officials requesting your help with a wire transfer or relatives that you have never met who are looking to leave you an inheritance.
We advise you to never conduct financial transactions on behalf of individuals that you do not know, avoid wiring funds until you can confirm the legitimacy of an electronic deposit, and remain wary of any offer that seems too good to be true.
Requests to Change a Supplier’s Banking Details and/or Mailing Address
We advise that all of our business clients implement preventative measures to avoid fraudulent calls, faxes and emails requesting a change to a supplier’s address or banking information, such that future payments will be sent to this new account and/or address. If you are unsure about the legitimacy of the caller, refrain from making any changes until you contact a trusted person and are able to verify the request.
Telephone Fraud
The telephone is a widely used tool for fraud, and criminals often make calls pretending to be a bank investigator, examiner or employee of the bank, to the extent that the call is even disguised as a bank on your call display. It has become one of the methods of choice for criminals to gain information about you that could aid in identity theft and other fraud schemes.
We will call you if we are concerned about unusual activity in your account or in response to a request you initiated. Wealth One may also call you periodically about new products and services if your express consent/permission was given for us to do so. Wealth One will never ask you to disclose your passwords, withdraw money, or perform any financial transactions over the telephone.
If you receive a call purporting to be from Wealth One that you suspect to be fraudulent, please hang up and notify us immediately at 1.866.392.1088.
Identity Fraud
Identity fraud occurs when personal information, such as your social insurance, driver’s license, or bank account number, is stolen and then used to make purchases, take out loans, or apply for credit cards in your name. Your personal information can be retrieved from unshredded documents in your trash, unsecure online websites, or losing your wallet or purse and any information that is collected may be used to access your financial accounts. If you believe that you are a victim of identity fraud, please contact us immediately.
To protect yourself from identity fraud, we recommend following these strategies:
Avoid Sharing your Personal Information
Do not provide anyone, whether in person, over the phone, or online, with your Wealth One account information, unless you can confidently verify that it is a secure source. We also recommend that you avoid carrying your social insurance number with you unless it is absolutely necessary to do so.
Wealth One employees do not have access to your login credentials such as your PAC or online banking security questions and their respective answers. Wealth One will never request the answers to your online banking security questions or your PAC.
When using telephone banking with a live representative, please ensure that you do not provide your telephone banking password until the representative has asked you the question. Your telephone banking password is the answer to the question you set up with us during your application process. Wealth One client service representatives will always pose the question and will never ask for your telephone banking password beforehand. It is our way for you to verify that you are speaking with a legitimate Wealth One client service representative. If the representative cannot provide you with the question, then you can assume the call is fraudulent.
Protect your Bank Details and Passwords
Your Personal Access Code (PAC) and other passwords (such as your telephone-banking password) are the keys to your account, and as such, we recommend that you avoid recording this information in writing. If you must, any information that you put in writing about your Wealth One account should be stored in a secure place, and not carried in your wallet or purse or stored in a file on your computer. We will never ask you for this information, so be extremely wary of any requests for it.
We recommend that when selecting your PAC, you avoid obvious choices, like your birth date or numbers that fall in sequence or pattern. Similarly, when selecting your telephone banking and online banking security question(s) and answer(s) we strongly recommend you choose questions and answers only you could provide the correct answer for (this includes your family members or close friends). The more personal you make your PAC, the less likely that your account will be compromised. If you are issued a banking card, ensure that you block others from seeing your PIN at a bank machine or debit terminal and that you remain alert when banking alone.
Utilize Technologies that Enhance your Security and Privacy
Any unexpected or unfamiliar emails should never be opened nor should you ever download attachments or click any links sent to you by email unless you recognize the sender and can be certain the attachments or links are safe. We recommend that you install up-to-date anti-virus/spyware software and enable a firewall on your computer or other device to ensure that all Wealth One online banking is safe and secure.
