Fraud Awareness Booklet - Servus Credit Union

More documents

Recommendations

Info

• If you do have to send personal or confidentialinformation via email, send it in an attachment (Wordor Excel file, for example) that is secured via a strongpassword and an industrial-strength encryptiontechnique. The password should not be provided tothe recipient via email but instead via a more securemedium such as the phone.• All attachments or website links that are sent in anunsolicited email message should be consideredsuspect and not opened.• Do not conduct online financial transactions where youcan be observed or at Internet cafés or libraries wherea previous user may have accessed a site thatdownloaded a keylogger.• Always confirm that you are accessing online transactionsthrough the correct credit union website address.• Disable file sharing in Windows ® * products.• Do not follow links provided in an email form, thatappears to be from your credit union or any otherfinancial institution, that request you to provide personalinformation. If you are unsure, call your financialinstitution through a known number, other than one thatmay appear in the content of the email, to verify if themessage was sent from them.• The easiest way to tell if an email is fraudulent is tobear in mind that your credit union or another financialinstitution will never ask you for your personal information,passwords, PIN, or login information in an email.• When using social networking websites, limit theamount of personal information you share or post toyour profile (e.g. full birthday or address), and don’taccept friend requests from people you don’t know.• Before you connect your laptop, tablet or smartphone:be cautious of free or unsecured wireless Internetconnections (wi-fi) in public places. While there aremany legitimate free wireless connections available,such as at libraries or airports, some unsecurednetworks may be set up by criminals to accessyour personal information. Always check with theestablishment to ensure you’re connecting to theirwireless network.• Beware of malicious cell phone apps disguised asgames or apps from credible brands designed tosteal information from your smartphone, or send outexpensive text messages without your consent. Becautious and try to download apps from well-knownand trusted brands.16AWARENESS | DEFEND YOURSELF FROM FRAUD
Online <strong>Fraud</strong>: Phishing,Malware and TabnabbingPhishing — What is phishing?Phishing, or ‘brand spoofing’ attacks use ‘spoofed’ (lookalike) email and text messages, as well as fraudulentwebsites. These are designed to fool recipients intodivulging personal and financial data such as credit cardnumbers, account usernames and passwords, SIN, etc.By hijacking the trusted brands of well-known financialinstitutions, government agencies, online retailers andcredit card companies, phishers are able to convince someof the recipients to respond to them.What should Internet users do aboutphishing schemes?Internet users should follow three simple rules when theysee emails, texts or websites that may be part of a phishingscheme: Stop, Look and Call.1. Stop. Phishers typically include upsetting or exciting(but false) statements in their email or text messageswith one purpose in mind. They want people to reactimmediately to that false information, by clicking onthe link and inputting the requested data before theytake time to think through what they are doing. Internetusers however, need to resist that impulse to clickimmediately. No matter how upsetting or exciting thestatements in the message may be, there is alwaysenough time to check out the information more closely.Mobile Internet users need to be extra cautious. Asmaller screen and different layout can make identifyinga fraudulent web site more difficult.2. Look. Internet users should look more closely at theclaims made in the email or text. Think about whetherthose claims make sense, and be highly suspicious if themessage asks for any items of personal information suchas account numbers, usernames or passwords.For example:• If the email or text indicates that it comes from afinancial institution where you have a debit or creditcard account, but tells you that you have to enteryour account information again, that makes no sense.Legitimate financial institutions already have theircustomer’s account numbers in their records. Even if themessage says a customer’s account is being terminated,the real financial institution will still have that customer’saccount number and identifying information.AWARENESS | DEFEND YOURSELF FROM FRAUD 17
Page 3 and 4: Awareness is SecurityThe confidenti
Page 5: Is your credit really protected?The
Page 9 and 10: It’s a rip-off! Here’s the tip-
Page 11 and 12: How identity thieves get your perso
Page 13 and 14: • For additional security, or in
Page 15 and 16: Don’t be the weak linkInternet fr
Page 17: programs that allow them to collect
Page 21 and 22: Protect Your MoneyBe PIN Smart…Ca
Page 23 and 24: Important ContactsThe Canadian Anti

Fraud Awareness Booklet - Servus Credit Union

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?