Stop, look and think: Thwarting cybercriminals before they get your financial info

Article content

Cybercriminals are doing all they can to stay one step ahead of us by finding new ways to take advantage of our vulnerabilities. Canadians lost $375 million to scams in 2021 alone, a 130 per cent increase over previous years. The way to protect ourselves from their creativity in trying to trick us out of our money is to improve our ability to prevent them from gaining access in the first place. 

Article content

The first step in preventing fraud is increasing our knowledge of how the fraud happens. One of the most common online scams to gain access to your financial data is when a cybercriminal sends an email (phishing) or text (smishing) regarding a refund or electronic transfer of funds. To receive the money, you must provide your banking access info. Unless you are expecting an e-transfer, do not click on the link and never provide your banking info unless directly logging into your financial institution’s secure website. 

As a result of the war in Ukraine, there has been a notable and justified increase in those collecting for humanitarian aid. Even though requests for donations could be coming from a legitimate source, be sure to verify it first. Instead of clicking on a link, go directly to that organization’s website to donate. An email/text can often appear to be authentic, but the website link or parts of the message might have slight spelling changes. These, accompanied by a sense of urgency, are warning signs to watch out for.   

Article content

The rise in online shopping has also provided a wealth of opportunities for cybercriminals. It’s important to ensure you are dealing with a reputable company when making online purchases. For example, clicking on a link from another application can result in being redirected to a fake website designed to gain access to your banking or credit-card info. It’s wiser to go directly to the company’s website to purchase the product and ensure you are buying from a legitimate seller.

Use a low-limit credit card for online purchases to reduce the amount that can be accessed should your card info fall into the wrong hands. And be sure to review your monthly credit card and bank statements to ensure that all the transactions are indeed yours.  

Article content

A telephone fraud that we have all been repeatedly warned about is fraudsters posing as staff from Canada Revenue Agency (CRA). They use fear to make the recipient believe they are in danger of being arrested or having their Social Insurance Number (SIN) suspended. The intended victim is required to make a payment, usually by untraceable gift cards, to bring their account back into good standing. Hang up if you receive such a call.

The CRA will notify you in writing if you owe any money and will never require payment by gift card or cash. Give the CRA a call or log into your secure online CRA account if you have any questions about a potential balance owing.  

Although not as common, door-to-door scams still occur. Whether they are collecting for a charity or selling a product, it’s crucial that you don’t give out your financial information to a stranger. Pay cash for goodies and if a donation is being solicited, verify the employee’s identification with the company before handing over any credit-card details.   

Article content

If you think your information has been compromised, notify your financial institutions right away. If they can freeze the accounts at risk as soon as possible, it can limit or even prevent additional losses. Next, report the situation to your local police and to the Canadian Anti-Fraud Centre. Finally, contact both credit bureaus, Equifax Canada and TransUnion Canada, to add an alert to your credit file. This will alert any potential credit granters in case someone applies for credit in your name.     

Follow best practices to keep your money safe and prevent fraud. Shred all documents and financial statements with your name, birthdate, SIN and account numbers on them. Use strong passwords and never use your birth date or family names as passwords. Cybercriminals can guess commonly used passwords based on your social-media information.

Article content

Consider using a secure password manager to store all your passwords if you can’t remember them all. Even better, use multi-factor authentication. This requires a code to be sent to your phone when accessing an account. Even if your password or account login details have been compromised, a fraudster may not have access to the second level of security provided by multi-factor authentication.

Don’t click on unknown links or download attachments you are not expecting. If you haven’t heard from a friend or client in years and unexpectedly receive an email with an attachment, don’t open it.   

If in doubt, stop before clicking on any link or reacting to a demand for money. Look to ensure you know who is contacting you and that they are legitimate. And always think to confirm whether the request is genuine and if you can afford to help.  

Sandra Fry is a Winnipeg-based credit counsellor at Credit Counselling Society, a non-profit organization that has helped Canadians manage debt for more than 25 years.

_____________________________________________________________

If you like this story, sign up for the FP Investor Newsletter.

_____________________________________________________________