Internet fraudsters cast their nets widely, using the anonymity and reach of mass emails and fake websites. You can protect yourself from these situations by knowing how to identify and avoid these scams.
A common way for Internet scammers to obtain your personal information is through a method called phishing. Usernames, passwords, banking information and credit card details are solicited through email or instant messaging. Phishing works by sending communications, which appear to be from your financial institution, but they are not. You are asked, supposedly by your financial institution, to log in to your online banking to verify account information. Often some type of security concern is cited as the issue. The fake email instructs you to click on a link that takes you to a non-legitimate version of your online banking site – one that is largely indistinguishable from the legitimate site – and you'll be asked to enter your credentials.
Once you click on the link, which directs you to a phishing website, you'll be prompted to enter personal or banking information. Phishing scams seek personal details, such as your address, social security number or mother's maiden name. The details obtained will then be used for identity theft. Often these sites will look like exact replicas of the official site, once you have entered the information they will often present a very professional message that a problem happened and to retry entering your information. You are then redirected in the background to the correct site and you never realize your information has been taken.
Phishing emails or texts may include:
- Warnings about account closures
- Requests to update your information
- Offers to register for a new service
- Offers for pre-approved credit cards
- Free virus-protection programs
Scam emails purporting to be from your credit card company or financial institution often have some telling signs, including:
- Poor spelling or grammar
- Alarmist content, warning that your account will be closed if you don't provide your banking or personal details immediately
- Notices that you've won a prize and are required to pay a fee in order to claim it
The quality of these fake sites is improving and often it is difficult to tell the difference. When you are entering information to enter Online Banking you should always be on the site https://www.kawarthacu.com/Personal/. A double check of that address should confirm you are in the right place.
Never provide personal details or any account details in an email. Electronic messaging is not a secure form of communication. If you receive a message that you are unsure about, please contact us.
Another way for hackers to get their hands on your personals details is by pharming them. Pharming occurs when hackers use a malicious code on your PC, which compromises your computer's host file and redirects you to fake websites. The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser. With pharming, the dishonest redirection of URLs happens even when you type correct URLs directly into your browser, making you think that you're on the correct website when you are not. Once there, you are asked to enter your online banking credentials or account information, which hackers take and use for criminal activity.
How to Avoid Phishing and Pharming Scams
- We will never send you emails or communications asking you to verify or provide your online banking details. The best way to protect yourself is to never use a link provided in an email to access your online banking (because we don't send those; scammers do). Do not open emails or email attachments from unknown sources. Always scan email through your anti-virus software.
- Always type your financial institution's website address directly into your browser and remember to look for confirmation that you are browsing securely. The letter "s" in 'https' indicates you are navigating in a secure site, in comparison to the open and unprotected 'http' URLs. Look for the 'https' to confirm it is a secure site you are accessing. Hackers are now taking advantage of Google and other search tools to promote their hacked site links to the top of the list. Always ensure that the link used is https://kawarthacu.com/Personal/.
- Don't feel panicked when phishing emails caution of immediate account closures if your banking details cannot be verified. Don't believe emails warning that your account has been compromised or that you'll miss out on a great deal if you fail to act immediately. If you are concerned, visit your branch or call our contact centre.
Install a name brand anti-virus software on your computer to protect your personal information, money and privacy. Do not click on any link sent to you to install anti-virus – go to the corporate web site to initiate purchase and product authentications.
Such software detects viruses and cleans your computer so that harmful viruses do not spread. Set up your anti-virus to run frequent scans and update the software as soon as it is required. Ensure you have real-time scanning of every email and every file you download.
Malicious software (malware), spyware, worms and Trojans are the same class of destructive viruses; just with different names. Nobody wants a computer virus. They can steal your personal information, take over your PC and use your computer to attack other people's computers. Your PC can become infected through email attachments, downloading infected content or visiting harmful websites. Good anti-virus software will help protect your computer.
Spyware is exactly what it sounds like – tracking software that is downloaded to your computer (without your knowledge) when you visit certain Internet sites. Secretly, it gathers information about you and your browsing habits. This information can be trivial or it can include passwords and personal data that you wouldn't want criminals to get their hands on. It can also interfere with user controls and disable legitimate anti-virus programs.
The best way to protect your computer against spyware is smart browsing. Stay away from sites that look unsafe and avoid streaming or downloading content from untrustworthy sources. Many anti-virus products offer targeted spyware solutions that inspect your operating system, installed programs, downloads and files.
One of the most common viruses to watch out for is known as scareware. These scams pop-up on your screen and display alarmist warnings, telling you a virus has invaded your computer. Scareware prompts you to download (and often pay for) fake anti-virus software to remove the non-existent viruses. Scareware is a scam that tries to trick you into paying money in exchange for nothing.
You can protect against scareware by keeping your anti-virus software up-to-date and by being judicious about what you choose to download to your computer. You should also familiarize yourself with the interface of your legitimate anti-virus program, so you won't be fooled if one of these pop-ups appears.
Typical Phone Scams
Many scammers will attempt to reach you by phone and will target an individual in one of the following ways:
- Tech Support Scams: This type of scam feeds off of people’s fear of computer viruses. A pop-up often falsely represents a reputable company with offers of “free security scans,” virus removal services, or anti-virus subscription renewals and instruct the user to call them immediately. After gaining the victim’s trust, the scammer may conduct a remote session on a person’s computer and then install their own products or steal personal information. Reputable tech companies typically never call unless they are responding to a call you initiated. If you receive such a call, do not purchase software or services from them, provide your financial information, or share control of your computer. Instead, disregard the call and ensure your anti-virus software is up to date. Tech scams also manifest as alarming – but fraudulent – pop-up warnings on your computer or emails claiming a computer has a virus. Messages appear legitimate with an offer to remove the virus but the real intent is to deceive someone into providing access to their system or private information. They may also offer “services” requiring payment. As with a tech scam phone call, do not respond to these pop-up messages or emails.
- The Canada Revenue (CRA) Scam: You should understand that the CRA does not initiate a conversation with taxpayers by phone. When the CRA needs to communicate, the first communication is by mail. They do not use email, text, or social media to contact taxpayers. So if someone calls, emails, or texts you claiming to represent the CRA, it’s a scam. Ignore their threats about owing back tax or the need to transfer money or provide private information. If in doubt, hang up and call the CRA yourself to see if the query is legitimate. If not, contact the police.
- Fundraiser / Charity Scam: Be cautious about fundraisers or charity campaigns with which you are not familiar, especially if you are offered a generous gift in exchange for your donation. Ask for verification of legitimacy (a website, printed materials, a CRA registered charity number, etc.) before donating money for a cause.
- Grandparents / Emergency Scam: Scammers know you care about your family. If someone calls claiming to be a relative in trouble who needs emergency funds, you should respond by saying you will call the relative back and hang up. Alternatively, you could ask the caller a personal family-related question that only your true relatives or close friends are able to answer. Don’t succumb to the urgency communicated by the caller or the play on your sympathy.
- Credit Card Scam: If someone calls representing himself or herself as an employee of a credit card company with news that your card or account has been compromised, and then tells you not to contact your financial institution for any reason, hang up. It’s an attempt to have you release personal information or conduct unwanted transactions. Understand that banks and credit card companies already know your account or credit card number as well as your personal details. Only trust the phone number printed on the back of your credit or bank card.
Familiarize yourself with these other common scams:
- Lottery Scam: If you receive a cheque accompanied by the claim you won a sweepstakes or lottery you never entered, be very skeptical. Often you’ll be told the cheque represents only part of your winnings with the remainder to be released once you “pay the tax.” This is an obvious scam as tax on lottery or sweepstakes winnings (if any) are paid directly to the government.
- Overpayment Scam: With this scam, someone buys something from you but overpays for example, through an online classified listing such as Kijiji. Shortly after, you are asked to refund the difference. After, you discover the original payment to you was fraudulent and so your financial institution reversed the payment! If you already sent back the difference, you’ll be at a loss.
- Earn Money from Home Scam: Be careful if someone contacts you to be a mystery shopper or an account manager from home and they “pay” you in advance. Like the “overpayment scam,” they’ll pay you too much and then ask for a refund. After you refund the difference, you’ll find the cheque for your “pay” bounced and you’re now out of pocket for the refund.
- Foreign Investment Scam: Watch out if you’re asked to invest in a foreign company or property and then receive a cheque as an “advance” on future profits. Usually it’s followed by a request for you to send money for “service charges” on profits. You will then likely discover that the “advance” you deposited was fraudulent and returned, leaving you at a loss for the so-called “service changes.”
- Inheritance Scam: Be suspicious if you’re contacted out of the blue (by letter, phone, text, email, or social network) by someone claiming to be a lawyer, banker, or foreign official saying you stand to inherit from a distant relative or wealthy benefactor. This is often followed by a request for you to pay “service fees” before you can inherit. That’s not how a legitimate inheritance works.
- Romance Scam: Romance scams occur when a criminal adopts a fake online identity to gain a victim’s affection and trust. The scammer then uses the illusion of a romantic or close relationship to manipulate and/or steal from the victim.