SECURITY
Frequently Asked Questions
Frequently Asked Questions Types of Fraud
I have been offered a job as an e-Transfer agent. Does Interac work with e-Transfer businesses?
No. Interac does not hire transfer agents. There have been instances of employment recruitment scams in which Canadian job hunters are hired as agents for "foreign companies". In fact, the job hunters may actually end up being used as "mules" to transfer stolen funds outside of Canada. Anyone who participates, even unknowingly, could be deemed an accomplice to a crime and may be prosecuted. We urge you to fully investigate any such job offers. 
How do some of these e-Transfer business scams work?
In the typical scenario, the "employer", very often a foreign-based company, poses as a legitimate company looking on job recruitment websites for an agent to represent the company in Canada. The job is to accept payments from Canadian customers on behalf of the foreign company, and then transfer a portion of the proceeds offshore. The employer indicates that a key qualification for the position is that employees must be online banking customers, able to receive funds electronically, using Interac e-Transfer. Once the employee receives the funds in his/her account, he/she is given instructions to transfer the money via a funds wire transfer service to a foreign address. As compensation, the employee or "transfer agent" is paid a percentage of the funds received and transferred. This is often a front for an illegal operation and the unwitting employee may be prosecuted for his or her part in this scheme.
How can I tell if this job offer is part of a scam operation? The information I am receiving looks very professional.
In order to appear authentic, fraudsters may present employment agreements, websites and other types of information, for example, a detailed contract, outline of employee job responsibilities, compensation, etc. While, these websites and employment agreements may present an appearance of legitimacy, spelling errors or the use of odd wording may be a sign that the operation is not a legitimate one. Tips to Protect Yourself Offers of easy money are often too good to be true. A web-based job that requires you to move funds outside Canada could be a front for an illegal operation. While the opportunity may look appealing, you may end up being subject to criminal prosecution for your role in the operation. Check any employment-related information for unusual phrasing and look for misspelled words. If you are suspicious, check with local law enforcement. Stay aware by checking the following sources of information about fraud:
www.phonebusters.com
www.rcmp-grc.gc.ca
www.recol.ca (Reporting Economic Crime Online)
www.fcac.gc.ca (Financial Consumer Agency of Canada)
www.strategis.gc.ca (Industry Canada)
What is email Fraud, Phishing or Spearphishing, SEO poisoning, Twitter, Web surfing, Mobile Apps, SMS phishing? How do I protect myself?
Phishing is a scam where fraudsters attempt to acquire personal and/or financial information, such as passwords, card numbers, etc., by masquerading as a trustworthy person or business through electronic communications. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. Be suspicious if you receive a notice for an Interac e-Transfer that you were not expecting. If in doubt, contact the sender to ensure he or she has initiated your transfer.
In some instances, the fraudster sends authentic-looking emails or text messages (smishing) that appear to come from legitimate companies, requesting recipients to disclose personal and/or financial information that is later used to commit fraud.
There have been some media stories indicating that fraudsters can steal card data from contactless enabled credit and debit cards using a small computer device positioned near the wallet/card. Is this true?
Interac debit cards are protected from the “electronic pick pocket” fraud tactic. In addition, the Interac Flash contactless extension of Interac Debit is protected against this fraud tactic. Both Interac Debit chip and Interac Flash transactions leverage EMV chip technology for security. The transactions are secured using a number of layered cryptographic techniques that protect against skimming, counterfeiting, and transaction replay types of fraud. The information used to secure these transactions cannot be unwrapped or duplicated from this type of fraud tactic, i.e., it is useless. Further, Interac Flash leverages RF enabled smartcard technology, which is designed to protect sensitive information and adheres to an ISO standard 14443, which outlines that communication must take place in very close proximity. We do not use RFID technology.
Debit Card Fraud
Debit card skimming involves the unauthorized copying of electronic data from your debit card magnetic stripe. Hidden equipment, such as pinhole cameras and card reading devices, are installed to obtain your PIN and card data. Stolen electronic data is then encoded onto a counterfeit card, which is used to withdraw funds without your knowledge.
How to protect yourself
Shield your PIN with your hand or body during every transaction whether you're at the merchant or an Automated Banking Machine and check your financial statements regularly for any unusual activity. See Protect Your PIN.
Contact your financial institution immediately. You are protected by the Interac Zero Liability Policy under which victims of debit card fraud will not suffer any financial losses resulting from circumstances beyond their control.
Email Fraud
Email fraud or phishing is a scam where fraudsters attempt to acquire personal and/or financial information, such as passwords, card numbers, etc., by masquerading as a trustworthy person or business through electronic communications. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. In some instances, the fraudster sends authentic-looking emails, appearing to come from legitimate companies, requesting recipients to disclose personal and/or financial information that is later used to commit fraud.
Here is a real, recent example of a phishing attempt:
From: "
This email address is being protected from spambots. You need JavaScript enabled to view it.
" <
This email address is being protected from spambots. You need JavaScript enabled to view it.
>
To:
Sent: Monday, October 15, 2012 11:00:34 AM
Subject: INTERAC e-Transfer from Canada Tax Return System
Dear customer,
Tax Return has sent you an INTERAC e-Transfer
(previously INTERAC Email Money Transfer).
Amount: $120.00 (CAD)
Sender's Message: A message was not provided
Expiry Date: 16 Oct 2012
Action Required:
To deposit your money, click here:
https://etransfer.interac.ca/CACACACA
Trouble with the link? Type it into your web browser address bar.
How to protect yourself
- If you receive an email that you suspect is fraudulent, claiming to be from Interac Association or your financial institution asking for you to access the link to verify the security do not respond. Forward the email to This email address is being protected from spambots. You need JavaScript enabled to view it. and then delete the email immediately.
- If you have already responded to this kind of email and have disclosed your personal financial information, please contact your financial institution immediately.
- Do not provide personal or financial information to anyone in an email. Interac Association does not send emails asking customers to provide, confirm or update personal records.
- Be suspicious of email attachments from unknown sources. If you do not know or recognize the sender of the email, do not open the attachment. Always check that emails you have received do not contain viruses by running your anti-virus software.
- Do not share or provide your personal information.
- Exercise caution if you receive an Interac e-Transfer that you are not expecting. Before proceeding, confirm with the person sending the Interac e-Transfer by separate email or by phone.
Mail Fraud
Mail fraud is a type of scam perpetrated when fraudsters masquerade as a legitimate person or business. They send out letters for the purpose of taking advantage of people either financially, or for the purpose of acquiring personal and/or financial information that is later used to commit fraud. One common example of this type of fraud involves a fraudster sending out letters notifying bank cardholders that they have won a large cash prize as part of a computer rewards program. A seemingly legitimate cheque is enclosed along with instructions to use the cheque to pay clearance fees on the prize. Unfortunately, the cheque does not clear, and the recipient is then out of pocket for the money they sent to process their "prize".
How to protect yourself
Do not act on the letter.
