For Immediate Release

Toronto, ON, March 6, 2017 – “Dear customer, your account has been hacked. Click on this link to sign into your account and restore it.”

If you have received an email like this recently, chances are scammers tried to target you. Here are the three telltale signs of a phishing email that you need to be on the lookout for:

Three telltale signs

  1. General greetings: Criminals will often start a phishing email with a generalized greeting such as “dear customer”, because they don’t know who you are. Phishing emails are usually sent out to thousands of people hoping to “hook” a few victims.
  2. Urgency and warnings: The email will have a sense of urgency and include warnings that your bank accounts may be closed, or your access will be limited if you don’t reply or provide information right away. e.g. “your account has been hacked.”
  3. Demands for sensitive information: Criminals will often ask you to disclose personal information such as a credit card number, bank account number or your online banking password, e.g. “sign into your account.” Your bank would never call you or send you an email asking for this information.

“Banks take extensive measures to protect their customers and have teams of security experts working behind the scenes to identify and shut down these scams,” says Terry Campbell, President of the Canadian Bankers Association. “Despite the very convincing nature of some of these emails, the general greetings, urgent warnings and demands for personal information should set off red flags for consumers.”

If you have any doubts about an email that looks like it is from your bank or a reputable company, contact them before responding. Use a phone number, email or website that you know is correct, not the toll-free number, email address or website address provided in the email – these may link you to the criminals rather than the bank.

Variations of the Phishing Scam

Unlike a typical phishing scam, sometimes fraudsters won’t cast a wide net but rather target their efforts on a specific individual. Canadians need to be vigilant about spotting these variations of the phishing scam:

  1. The CEO scam: Criminals will send an email impersonating a company executive’s email address, such as the president or employees in the accounting department. The email will look like it comes from the senior executive and attempt to trick the employee into wiring money to a third party, and include language making the request sound urgent and highly confidential. Scammers can look up company executives and use their real names to make the emails even more convincing. Business owners can educate their employees about this scam and tell them to be skeptical of urgent or suspicious requests made by email. Employees should be encouraged to communicate with their manager if they feel a request seems unusual.
  2. Angler phishing: Criminals will monitor social media for customer complaints to companies or financial institutions. They then respond to the customer impersonating a representative from that firm and requesting personal information. Always be suspicious of requests for personal information through social media accounts.

The CBA is issuing tips and information through Twitter (@CdnBankers) and its website www.cba.ca throughout the month of March. Canadians can also subscribe to the CBA’s free Fraud Prevention Tip.

Background

  • March is Fraud Prevention Month and, throughout the month, the Canadian Bankers Association will be providing Canadians with information to help protect themselves from fraud.
  • Phishing is an attempt to get you to volunteer your personal information to criminals, including your banking passwords.
  • Criminals attempt to fool you by using sending links to websites that look like they are from a legitimate company, such as a bank, credit card company, online retailer or government agency but are actually “spoof” websites that fraudsters use to steal your personal information.
  • The CBA is a member of the Fraud Prevention Forum. The Forum is comprised of a concerned group of private sector firms, consumer and volunteer groups, government agencies and law enforcement organizations, who are committed to fighting fraud aimed at consumers and businesses.
  • Through its partners, the Forum, which is chaired by the Competition Bureau, works to prevent Canadians from becoming victims of fraud by educating them on how to "Recognize it. Reject it. Report it."

About the Canadian Bankers Association

The Canadian Bankers Association works on behalf of 61 domestic banks, foreign bank subsidiaries and foreign bank branches operating in Canada and their 280,000 employees. The CBA advocates for effective public policies that contribute to a sound, successful banking system that benefits Canadians and Canada’s economy. The Association also promotes financial literacy to help Canadians make informed financial decisions and works with banks and law enforcement to help protect customers against financial crime and promote fraud awareness. www.cba.ca.

– 30 –