If you receive a reminder to update your streaming service of choice, an e-mail about suspicious activity on your bank account, or a text message saying that information is missing to deliver a package, be careful! It could be a fraud attempt. How can you detect suspicious messages and protect your personal information?
Fake websites
A widespread fraud technique involves sending messages that perfectly imitate messages you usually receive from legitimate senders. These messages invite you to log in to your online accounts via a link provided in the message. Various reasons are given: to update a subscription, confirm a delivery, or accept a bank transaction, for example.
When you click on the link, you are taken to a site that looks identical to that of the legitimate company or institution. You are asked to log in and then to update your information or validate a change. If you do, you’re giving fraudsters access to your personal information.
Usernames, passwords, birth dates, credit card numbers, or Social Insurance Numbers (SINs): fraudsters can use your information in various ways. Of course, they can use your bank and credit card info to make purchases. But if they obtain more information, they may even try to steal your identity, for example, by applying for loans in your name. Some fraudsters don’t use your data directly; they sell it on the dark web.
How can you protect yourself?
Some precautions can prevent you from falling prey to fraudsters. Here are three examples:
- Don’t click on a link in an e-mail or text message that asks you to log in to one of your accounts. If you need to update your data or to log in for any other reason, go directly to the official website or application of the company or institution in question — without using the link provided.
- When logging into an account on a website, check that the address starts with “https” rather than “http”. Also, pay attention to the address in your browser’s address bar. Is there anything unusual that might indicate fraud? For example, www.nameofthcompany.ca instead of www.nameofthecompany.ca? (The word “the” is misspelled in the first one).
- Only enter your credit card number and personal information on the sites of well-established companies. Check your bank statements regularly for unusual transactions.
What if fraudsters have deceived you?
Have you provided your credit card number after clicking on a link in an e-mail or text message and then realized it was a scam?
- Contact your credit card company to block your card and request a new one. If there has been any unauthorized use of the card, check with your bank to see if you’re entitled to a refund of the amount you were defrauded. In some cases, such amounts are covered by banks.
Have you entered your banking login information on a website that now appears suspicious?
- Change your password and immediately contact your bank to explain the situation.
Do you suspect you’ve been the victim of identity theft?
- Contact your bank to change your username and ensure that your address and telephone number have not been changed in their system.
- Contact the Equifax and Transunion credit bureaus to activate a security alert or a credit lock on your credit report.
Depending on the extent of your suspicions, you may also wish to contact various government agencies to verify the information they have on file about you.
If you’ve been the victim of fraud, contact the police. If you’re unsure which police force serves your area, you can find out in the Bottin des services de police (French only). You can also report the fraud to the Canadian Anti-Fraud Centre (1-888-495-8501). |