Canada has a problem when it comes to combating fraud.
Most are fed up with the relentless fraud attempts they face, and many believe the problem has only become worse since the pandemic. That’s according to an Interac survey of 1,700 Canadian adults.
At the same time, more than three quarters (78 per cent) of Canadians don’t think they have the tools to protect themselves from identity theft, phishing scams and other forms of fraud.
What does this mean? While a large proportion of Canadians acknowledge the threat of digital fraud, many could also use help recognizing the telltale signs so they can take steps to protect themselves.
Email accounts can be a hotbed for fraud attempts, so securing them is a good place to begin. Here are some tips to help Canadians recognize email fraud and protect their accounts — and advice on how to deal with possible incidents if they happen.
Email fraud and phishing scams
Phishing is one way fraudsters try to break into your email. Phishing scams involve sending messages that appear to come from a trustworthy person or business.
Hackers will often impersonate friends, government officials or brands you love to steal money or personal information. They’re trying to trick you into thinking the message is legitimate, so you’ll enter sensitive personal and/or financial information into their fake portal.
There’s a few common variations on phishing scams: Fake money transfers can trick unsuspecting Canadians into handing over answers to security questions. Tax scams can bait victims into surrendering their social insurance numbers. Fraudulent emails for streaming and other online subscription services can trick people into clicking on phony links to update payment information.
Phishing is typically carried out using email or instant message, although text messages have been used as well.
How gaps in your data privacy can lead to email fraud
Plenty of sensitive information can pass through your email inbox, and for that reason cybercriminals are keen to gain access to your account to intercept your messages. How do they get in? They often succeed by guessing people’s passwords.
Our survey revealed the importance of keeping personal details private: 38 per cent of Canadians said they’ve experienced a scam in which the would-be fraudsters already knew their personal details, including full names, addresses — and even dates of birth in some cases.
Again, fraudsters can use these personal details to guess weak passwords or security questions, thereby gaining access to your email account and all of the potentially sensitive information that your inbox may contain.
Recognizing email fraud: general tips
- Be wary of emails from senders you don’t recognize, and don’t click on any links unless you’re certain the email is really from a sender you trust.
- Trust your gut. If you receive a deposit or money request notification you weren’t expecting, contact the sender through a different channel to check if it’s real.
- Fraudsters go to great lengths to try to legitimize phishing attempts, using company logos, sometimes even including ours at Interac.
- Look for errors or strange typos in the text of an email notification. A common error in phishing emails is the “$” sign appearing after the amount, instead of before it.
Four ways to protect yourself from email fraud
- Use Interac e-Transfer Autodeposit. If you have Autodeposit set up, Interac e-Transfer transactions sent to your email address will automatically be deposited into your bank account, which allows you to bypass steps that require you to enter a password and/or an answer to a security question. Autodeposit is the secure, convenient way to accept Interac e-Transfer. Deposit may times vary, based on routine fraud checks between sending and receiving financial institutions.
- When you receive a money transfer, read the message carefully. Fraudulent emails will often ask you to reply with a security answer.
- Create strong passwords, avoiding common words or numerical strings. Remember, sometimes the strongest passwords are the ugliest.
- Be conscious about what you share online, including personal identifiable information that hackers can use to access your accounts.
What to do if you’ve encountered email fraud
- If someone has gained unauthorized access to your email account, update your password and your security questions.
- If you accidentally fill out personal information in a link from a phishing scam, change your online banking password and contact your bank right away.
If you think a notification is a scam masquerading as an Interac e-Transfer, your first instinct might be to delete the message, but we’ll appreciate it if you don’t! Kindly forward the email to email@example.com so our fraud team can further investigate and work to shut it down.