Here are some steps you can take to keep secure in the online world.
According to the Government of Canada, 15 million people in Canada fall victim to fraud every year. These frauds occur more and more often in online environments. This is why it is more important than ever to take steps to ensure your safety online, over the phone, and through email.
Scam vs. Fraud. What’s the difference?
A scam is a fraudulent scheme aimed at making a quick profit. A fraud is a deception to secure personal information or to damage another person. While the terms are often used interchangeably, a scam is a fraudulent act that is always centred around making money.
Some Common Types of Online Scams
Phishing
One of the most common types of fraud is phishing. This is when you are sent a fraudulent email from a company claiming to be someone reputable, like your bank, and then are asked for personal information.
How can you tell if an email might be a phishing scam?
Although at first glance it may seem difficult to tell a phishing email apart from a credible one, there are some warning signs you can look for that will help you to detect if an email is fraudulent:
- When you click on a link in the email, you are asked to provide your personal identification number (PIN) or password
- The email may not be addressed to you directly, but rather to a more general “Dear Customers”
- As with many types of scams, you will often be pressured to act immediately
- The website address, email, and website will not be exactly the same as those of your financial institution, although they will be very similar
- Spelling or grammatical errors are not necessarily a sign of fraud, but they can prompt you to look for other red flags
What should you do now?
Now that you have identified enough red flags that you believe an email to be a phishing attempt, what should you do?
- Do not reveal any personal or private information through this email or through any links provided in the email
- Notify your financial institution that you have received this email and then delete it
Attempted Identity Theft
Scenario: someone calls you saying that they are from the CRA or some other government agency. They ask for your Social Insurance Number (SIN) to verify that they are talking to the correct person, and not someone claiming to be you. This seems like a reasonable request, but you are unsure if you want to reveal your SIN to someone you do not know over the phone.
In this scenario, both parties need to be verified so you can move forward
You are right to not be comfortable revealing your SIN over the phone without knowing for sure that the person you are speaking to is credible, or if the call is being recorded. This information needs to be kept secure to protect your privacy. You can suggest a compromise so that they can verify your identity and you can identify theirs:
- They provide you with the middle three digits of your SIN
- If these are correct, you provide them with the last three digits
Why does this method work?
A legitimate government representative will already have personal information about you, including your SIN. If they are unable to provide you with the middle three numbers, it is likely that they do not have it and are therefore not who they say they are. If both parties recite a set of three digits, they can verify their identities without your SIN ever having to be spoken in full over the phone to an unknown person.
Clickbait Scams
“Congratulations! You’ve Won the Lottery!” This may seem like a great thing to see pop up on your screen after you open a website, but there’s a catch: “To claim your prize, all you have to do is pay a small fee!” In actuality, you will pay the fee and then never see your prize money.
What do scammers get out of this?
In a situation like this, where you are asked to pay a fee to obtain a prize, scammers will get more than just the fee that you pay them for your fake winnings. In actuality, they could be able to obtain your chequing account or other financial information as well.
Why do people fall for these types of scams?
People often want to believe that they can get a big return from minimal effort. However, this is usually not the case. If something seems too good to be true, chances are it is. This can apply to a wide range of scams, from clickbait lottery scams to investment frauds.
Identity Fraud
Online, people can pretend to be whatever they want - or whoever. On Facebook for example, people often show some amount of personal information, even with the highest privacy settings in place. Your name and profile picture are out there for the world to see and potentially copy.
What should you do if you are contacted by an account you suspect to be fake?
The simplest and most effective step you can take is to verify their identity outside of the internet. If you see that you got a friend request from someone you already thought you were friends with on Facebook, for example, call your friend to see if they have recently made a new account. They will be able to tell you if this new account you see is real or not.
You find out someone has made a fake account pretending to be you - now what?
In the above example, you can also be on the receiving end. A friend calls you and lets you know that a fake account pretending to be you has been created and this account is now trying to add all of your friends. If any account has been made and is pretending to be you, here are some steps you can take:
- First and foremost, report them
- Most social media sites have policies in place for removing fraudulent accounts - if you provide proof of identity, they can remove impersonating accounts
- Let people you know that someone has created a fake account in your name and that they should not trust any contact from this new account
Keeping safe in the digital world can sometimes seem like a daunting task. However, by using some of these techniques and methods, we hope that you can start to feel a bit more confident about protecting your information and keeping secure against fraud.