Protect Yourself From Fraud

We are Committed to keeping you safe! The security of your personal information is our top priority, we have many safeguards in place to protect the security, privacy and integrity of your personal information at all times. But, we need your help, you play a vital role in protecting your security, there are important safeguards that you need to take to help protect yourself as well:

    • Use up to date Anti-Virus, Firewalls and Anti-Malware programs on your devices.
    • Ensure your browser and operating systems are up to date.
    • Use a secure Network
    • Only install software from reputable companies
    • Maintain the care, control and confidentiality of your user name(s) and password(s) at all times
    • Use Strong Passwords - Use different user ID / password combinations for different accounts and avoid writing them down. Make the passwords more complicated by combining letters, numbers, special characters (minimum 10 characters in total) and change them on a regular basis.
    • Sign up for MemberDirect Fraud Alert (free)
    • Test your knowledge
    • Stay safe online
    • Never leave your computer unattended while using our online banking services.
    • Always exit the site using the Logout button and close your browser if you step away from your computer. Your browser may retain information you entered in the login screen and elsewhere until you exit the browser.
    • Disable automatic password-save features in the browsers and software you use to access the Internet.
    • Never Provide personal information while using public WiFi as the WiFi connection may not be secure
    • Watch for skimming Devices – card skimming occurs when a criminal attaches a device to a debit or credit card reader to collect data from the card. If the ATM or point of sale device looks as though it has been tampered with, do not insert your card or enter your PIN.

Thousands of Canadians become victims of fraud each year.  Scam artists are up to date and well-organized, they use the latest trends and sophisticated techniques:

    • Professional marketing materials
    • Well-crafted and researched telephone scripts, which are traded among criminals
    • Friendly tone and "generous" offers
    • Believable answers for your tough questions
    • Ability to impersonate legitimate businesses, charities and causes.
    • Expertise to use your own emotions against you.
    • Offers that involve sending money via wire transfers

These are professional criminals.  They know what they're doing and, unfortunately for their victims they do it well.

Types of Fraud such as, Identity theft, Telephone Fraud, Internet and email Fraud have all become a major concern. It is important to protect yourself with awareness and the knowledge on how to Recognize, Report and Stop these dangers.

If a scam artist contacts you or if you’ve been defrauded, call the Canadian Anti-Fraud Centre at 1-888-495-8501.

The Canadian Anti-Fraud Centre will gather evidence and alert law enforcement in Canada and abroad. By reporting you can prevent others from becoming victims and help put an end to fraud.


Different Types of Fraud

1. Pharming & Phishing

Pharming

Pharming is when criminal hackers redirect Internet traffic from one website to a different, identical-looking site in order to trick you into entering your user name and password into the database on their fake site.  Banking or similar financial sites are often the target of these attacks, in which criminals try to acquire your bank account, steal your identity, or commit other kinds of fraud in your name.

Fend off Phishing

“We suspect an unauthorized transaction on your account.  To ensure that your account is not compromised, please click the link below and confirm your identity.”

“During our regular verification of accounts, we couldn’t verify your information.  Please click here to update and verify your information.”

Have you received e-mail with a similar message?  It’s a scam called “phishing” – and it involves internet fraudsters who send spam or pop-up messages to lure personal information (credit card numbers, bank account information, social insurance numbers, passwords, or other sensitive information) from unsuspecting victims.

In computing, phishing (also known as carding and spoofing) is a form of social engineering, characterized by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an e-mail or an instant message.  The term phishing arises from the use of increasingly sophisticated lures to “fish” for users’ financial information and passwords.

Here are some ways to avoid being Pharmed or Phished:

Pharming

Because pharming is the more insidious of the two, it is almost impossible to tell if you are on a bogus Website, but there are ways.  Keep in mind these two really good ways to let you know if you are on a pharming site:

  1. As you enter a secure Web page that is asking for you to go ahead and input your passwords, credit card numbers, etc., the http: will change to https:. 
  2. When you are on a secure Web page preparing to input passwords, credit card numbers, etc., there will be a yellow lock at the bottom of your computer screen in the toolbar.  If you place the mouse on it for a few seconds, or click on it, it will show that it is 128 Bit encrypted, which is the standard of Web security. 

Phishing

If you are ever faced with answering a pop-up or an e-mail that asks for personal or financial information, do not reply and don’t click on the link in the message, either. Legitimate companies do not ask for this information via e-mail or pop-up’s.  If you are concerned about your account, contact the organization mentioned in the e-mail using a telephone number you know to be genuine, or open a new internet browser session and type in the company’s correct Web address yourself.  In any case, do not cut and paste the link from the message into your Internet browser – phishers can make links look like they go to one place, but actually sends you to a different site.

2. Debit Card Fraud

Using debit cards has become a way of life for many Canadians. In fact, Canadians are among the biggest per capita users of debit cards in the world. Whether you’re withdrawing cash from an ABM, using your card to pay for this week’s groceries, or punching in your Personal Identification Number (PIN) for a night at the movies, your debit card is a simple way to access your money. Using your debit card is a convenient way to get money from 59,000 banking and cash machines and for making purchases at more than 450,000 retailers across Canada.

It is also very safe, with more than 99 per cent of the four billion transactions occurring without incident each year in Canada. And while your bank is working to protect you from fraud, there are simple steps that you can take to protect yourself.

How you can protect yourself

We have  sophisticated security systems in place, but there are still important steps you can take to further protect yourself:

  • Always protect your PIN: use your shoulder or your hand to shield your PIN when entering it into the keypad.
  • If you have a chip card, always insert first instead of swiping when making a purchase. This will protect you from having your card skimmed and, if the store terminal isn’t chip capable, it will prompt you to swipe. And always remember to take your card when the transaction is done.
  • Never lend your card or disclose your PIN to anyone else.
  • Memorize your PIN; don’t write it down.
  • Make sure your PIN can not be easily detected if your card is lost or stolen — don’t use your birth date or address or part of your telephone number.
  • Regularly review your transaction history online or on your monthly bank statements and report anything unusual to your financial institution immediately.
  • Change your PIN periodically.

3. Credit Card Fraud

What is credit card fraud?

Credit card fraud can happen several ways. Your card could be lost or stolen and used to purchase goods and services. A criminal could obtain your card number and expiry date and use this information to buy merchandise by phone or over the Internet. Or criminals could tamper with payment terminals at retailers to obtain your card information and create a counterfeit credit card.

Chip-based technology

In addition to the magnetic strip on the back of debit cards, MasterCards and Global Payment Cards our cards now have a microchip –which is a small computer –in the card.

When making a purchase, rather than swiping your card and signing a receipt, you now insert it in the store payment terminal, punch in a personal identification number (PIN) and leave your card in the terminal while the transaction is processed. These cards use a technology called “cryptography” that allows the card and the store terminal to communicate with each other during the transaction and carry out security checks to ensure the card is valid.

The microchip is state-of-the-art in payment card technology and is extremely difficult for criminals to duplicate

4. WiFi Hotspot Scam

Whether you’re on a vacation at a resort, waiting in the airport or sitting in a coffee shop, it’s often possible to connect to the Internet through a wireless network provided by the property owner. Sometimes these will be offered for a small fee and sometimes they will be free. But be careful: sometimes free “WiFi” can be a scam perpetrated by criminals hoping to steal your personal information.

This is how the WiFi Hotspot scam works:

  • Users will browse their network connections to find a wireless network in the area
  • You find a network that calls itself “Free WiFi”, or something similar, and decide to connect
  • This “Free WiFi” network is not really a hotspot, but a computer-to-computer network that might have been set up as a trap
  • While you can use the Internet as normal, the attackers have set up their computer to let you browse the Internet through their computer’s connection – as a result, they can see everything you do online

This trick is especially problematic if you’re visiting websites that require you to enter financial information, like a credit card number, bank account number or passwords. Since the attackers can see everything you’re doing online, they now may have access to your sensitive financial information. If you are at a business that provides WiFi for customers make sure to ask the business’ staff if there is a hot spot available and get the name from them. Only connect to that network, and if you see two hot spots with the same name, don’t connect to either.

5. Identity Theft

Identity theft is a fast-growing crime

Identity theft is one of the fastest growing crimes in North America. in 2005, according to Phone Busters, the Canadian Anti-Fraud Call Centre, there were over 11,200 reports of identity theft in Canada alone, with reported losses of over $8.5 million. It happens when someone steals your personal information -- your social insurance number, driver's license number, health card number, credit card number, debit card, or your PIN number.

Once they have your card information and your PIN number, criminals can open a new credit card account or financial account in your name. And the worst thing is, you won't know about it until it's too late.

How identity thieves get your personal information

  • They steal wallets and purses containing your identification, credit and debit cards.
  • They steal your mail, including your debit and credit card statements, pre-approved credit offers, telephone calling cards and tax information.
  • They complete a 'change of address'  to divert your mail to another location.
  • They rummage through your garbage or the garbage of businesses for personal data.
  • They fraudulently obtain your credit report by posing as a landlord, employer or someone else who may have legititmate or legal right to the information.
  • They get your business or personnel records at work.
  • They find personal information in your home.
  • They use personal information you share on the Internet.
  • They buy your personal information from 'inside' sources -- e.g. a dishonest store employee. 

How identity thieves use your personal information

  • They call your credit card issuer and, pretending to be you, ask to increase your credit limit and to change the mailing address on your credit card account. The thief then runs up charges on your account and because the bills are being sent to another address, it may take some time before you know there's a problem.
  • They open a new credit card account using your name, date of birth and SIN number. When they use the credit card and don't pay the bills, the delinquent account and because the bills are being sent to another address, it may take some time before you know there's a problem.
  • They establish phone or Internet service in your name.
  • They open a bank account in your name and write bad cheques on that account.
  • They counterfeit cheques or debit cards and drain your account.
  • They buy cars by taking out car loans in your name.
  • They mortgage your home.  

Take steps to protect your personal identity.

  • If you have several debit cards and credit cards, carry only those that you need. Leave the other at home in a safe place.
  • Sign your cards immediately.
  • Don't carry your social insurance card or birth certificate with you and don't give out the number unless it's absolutely required. Keep it in a secure, safe place.
  • Don't attach or write your PIN number or social insurance number unless it's absolutely required. Keep it in a secure, safe place.
  • Don't attach or write your PIN number or social insurance number on anything you are going to discard, such as transaction records or scraps of paper.
  • Shred any document that contains your debit card or credit card number before you discard it.
  • Check your receipts to make sure they belong to you and not someone else.
  • Don't give personal information or account numbers to anyone until you have confirmed the identity of the person asking for it. You should also ask how the information will be used and whether it will be shared with anyone else. Ask if you have a choice about providing personal identifying information and, if you can, choose to keep it confidential.
  • Frequently check your credit report so you're aware of any changes or unusal activity. Credit information can be obtained once a year at no charge from Equifax Canada at http://www.equifax.ca or 1-800-465-7166, or Trans Union of Canada at http://www.tuc.ca or 1-800-663-9980.
  • Pay attention to your billing cycles. Follow up with creditors if your bills don't arrive on time. A missing credit card bill could mean an identity thief has taken over your credit card account and changed your billing address to cover their tracks.
  • Guard your mail from theft. Promptly remove your mail from the mail box and notify Canada Post to hold your mail if you're going to be away for some time.
  • Protect your computer with a good firewall and anti-virus software. Take advantage of technologies that enhance security and privacy when using the Internet, such as using digital signatures, data encryption, and different ways of making the information anonymous.
  • Avoid posting personal information on publicly accessible websites and on-line bulletin boards.
  • Give your social insurance number only when it's absolutely necessary. Don't include your special insurance number and other sensitive personal information in on-line resumes.
  • When you register for certain websites, use strong passwords and avoid words that are easy to guess. Don't use the same password for different sites and don't store your password in your computer.
  • Be wary of on-line offers from websites you don't know and trust.
  • Shred outdated bills, tax documents and other sensitive information

This is important: We are not responsible for losses resulting from your failure to meet your security responsibilities. For example, where you:

  • Carelessly or improperly handle, store or disclose your user name and/or password
  • Voluntarily disclose your user name and/or password
  • Allow another person to use your computer, mobile device or tablet
  • Fail to call us immediately, or immediately visit us at any branch in the event of the following:
    • Loss, theft, misuse or compromise of your user name and/or password, mobile device or tablet
    • If you suspect any unauthorized activity has occurred in your Cypress Credit Union account.

***Be sure to check your Cypress Credit Union account(s) on a regular basis to verify that you have authorized all transaction that are shown. This can be done through statements you receive online or by mail, or by checking your transaction information. I will examine my statements and tell you of any errors, irregularities or forgeries. I understand and agree that after the 30 days have expired, the statement and the balance shown on it are considered correct and that all payment and transactions are genuine and properly charged against my account(s). If I do not contact you within 30 days, I understand I will release the Credit Union from all claims in respect to the account(s) and I will have no claim against you for reimbursement even if the instrument charged to my account was forged, unauthorized or fraudulent.


What To Do If It Happens To You

Acting quickly can minimize the damage and help prevent further fraud or theft.

  1. Notify your Credit Union immediately if you suspect fraud or identity theft. They can provide advice on how to limit access to your credit card or financial accounts and investments.
  2. Call the police and file a report, keep a copy of the report for your records.
  3. Change your PIN and passwords IMMEDIATELY.

Keep a list of the people you speak to when reporting a fraud, recording all dates, names, phone numbers and what was said.

Familiarize yourself with the valuable tips and information provided in the links below:


Computer and Mobile Device Security

Internet Security

Through the use of various techniques and technologies, fraudsters trick unsuspecting internet users into divulging personal and financial information.

Protecting Your Computer and Web-Enabled Devices

Internet banking provides convenient access to information and the ability to perform transactions from home, work or other locations. Users must be aware that when you communicate via the internet, other people and software can also communicate with your device. An inadequately protected device can be accessed by an unknown party or malicious software (malware) in a very short period of time, and without your knowledge.

To help reduce risk from damaging malware, we recommend diligent use of the following security practices:

Computer, Laptop, and Tablet

Use a Firewall

Use a Firewall

When connected to the internet, users are particularly vulnerable to computer intrusions and attacks because the internet connection provides "always-on" connection capability. The likelihood of a malicious individual accessing your computer increases significantly the longer your computer is on and connected to the internet. Remember – you can work offline and only access the internet when you need it.

  • Ensure your computing system has an up-to-date firewall to prevent others from accessing your computer and your information through the internet.
  • Always ensure your firewall is enabled and up-to-date.

Install Security Patches

Install Security Patches

Malware programs commonly target security gaps in operating systems such as Windows and Android, and secondary software such as Oracle Java, Adobe Acrobat/Flash, and Internet Explorer. Installing security patches is an important layer of security in addition to the steps below.

  • Configure operating system and secondary software to regularly install security patches as soon as they become available, and consider removing secondary software programs that you do not use.

Use Anti-Virus Software

Use Anti-Virus Software

Anti-virus software can protect you from "trojan horses" or other types of viruses, which are programs that allow others to gain control of your computer system remotely without your knowledge or consent. These programs are used to capture and transmit your personal information.

  • Ensure your anti-virus software is enabled and configured to run daily updates and
    regular virus scans.

Use Anti-Spyware

Use Anti-Spyware

Spyware monitors internet surfing habits and collects personal information from the computer. Typically, spyware is secretly installed and can be difficult to detect.

  • Anti-spyware software can remove and detect spyware, but is most effective when combined with a firewall and anti-virus software. Ensure your anti-spyware is enabled and configured to run daily updates and regular spam scans.

Choose Unique Passwords

Choose Unique Passwords

Choose passwords that are a minimum of eight characters long and include a combination of letters, numbers, and special characters.

  • Use a unique password for each login ID.
  • Disable the web browser auto-complete function of your login IDs or passwords to prevent others using your computer from having instant access.
  • Keep your passwords confidential.
  • Change your password regularly, especially if you might suspect it has been guessed or seen by someone else.

Mobile Phones

Protect Your Password

Protect Your Password

Protect your data from theft - enable the auto-lock function of your mobile phone to ensure that it locks after a short period of dormancy.

  • Do not continue using the default factory password – customize your password immediately using a minimum of eight characters including a combination of letters, numbers, and special characters.

Update Your Operating System

Update Your Operating System

Your operating system (OS) is specific to your device, with BlackBerry, Android, iPhone, and Windows Mobile as examples of various OS. Check your mobile provider’s website regularly for OS security updates specific to your device make and model, install security patches as soon as they become available.

  • Do not ‘jailbreak’ your device by trying to remove limitations imposed by the manufacturer. This practice will disable or bypass security measures of your mobile OS, making you vulnerable to malware and prevent your mobile from receiving future OS upgrades.

Use Anti-Virus, Anti-Spyware, and Firewall Software

Use Anti-Virus, Anti-Spyware, and Firewall Software

If available for your make and model, install this software on your mobile.

  • Configure to run automatic updates and virus scans.

Download Apps Only from Trusted Sources

Download Apps Only from Trusted Sources

Apps that seem legitimate can contain malware or be used to collect your personal data for gain. Beware of apps that provide little company, contact, or website information.

  • Research app customer reviews and requested permissions carefully before installing – if the data requested does not align with app functionality, do not install.

Avoid Connecting to Unknown or Non-Password Protected Wi-Fi Networks

Avoid Connecting to Unknown or Non-Password Protected Wi-Fi Networks

Wi-Fi predators scan public networks for unsecured devices to target and infiltrate through hacking and malware. Only connect to public Wi-Fi you know and trust, and are confident is secure and password protected.

  • Disable settings that automatically search for Wi-Fi networks.

Avoid Activating Bluetooth in Crowded or Public Areas

Avoid Activating Bluetooth in Crowded or Public Areas

The moment you set your Bluetooth to discoverable, hackers within range can ‘see’ and possibly hack your device - mobile viruses can also be spread through Bluetooth technology.

  • Never connect to unknown, untrusted or suspicious Bluetooth sources and strangers, and never accept files from these devices.
  • Immediately delete lost/stolen Bluetooth device pairings from your remaining Bluetooth devices to prevent data compromise.

Online User Tips

  • Do not click links in unsolicited email – the link may take you to a counterfeit website that will solicit your sensitive data, known as ‘phishing’ and cause malware infection.
  • Never open MMS attachments from unknown or untrusted sources - even if they purport to be coming from your credit union or mobile provider.
  • Delete unsolicited email or text messages without opening.
  • Be aware of ‘evil twin’ Wi-Fi hotspots that bait unsuspecting users by impersonating legitimate networks - always confirm you are connecting to the correct network.
  • Store only data that your require on your mobile and erase everything else.
  • Watch for signs of mobile infection: sudden unexplained increase in your phone bill; unexplained messages in your email and social network ‘sent' folders, unexplained user interface change you didn't initiate. Contact your device manufacturer or service provider for instructions to remove malware if you suspect your mobile is infected.
  • Verify the legitimacy of free apps, software, tools, online services before you use them – research in your search engine and scan the results.
  • Do not click on pop-ups windows that say “you're a winner if you click here" – these can lead to spyware and malware downloads.
  • Be wary of ‘freeware’ or free services online – even innocent looking screen savers, fun cursors and Internet pets can be contain hidden malware.
  • Do not forget to log off.

For more tips on computer safety and to avoid other kinds of fraud, visit the Government of Canada Get Cyber Safe and Canadian Anti-Fraud Centre websites.