In today’s digital age, financial security is more important than ever. As technology advances, so do the tactics of cybercriminals. Imagine receiving an urgent email from your bank asking for your account details to approve a transaction or a phone call requesting your full password to verify your identity. These are common scenarios of how cybercriminals operate.
What Coast Capital won’t ask you:
Provide personal information via email or text message: Coast Capital will not ask for account numbers, usernames, passwords, personal identification numbers (PINs), or One Time Passcodes (OTPs). If you receive requests for personal information unexpectedly, it is likely a phishing or impersonation scam attempt. Contact us using the phone number on the back of your bank card if you are uncertain about the request for information.
There are times when we may need some information to confirm your identity and provide services, but there are limits to what we can ask. Some examples of what Coast Capital may ask include:
- Entering your Personal Access Code (PAC) using Interactive Voice Response, which is a computer-operated phone system where you interact using keypad inputs when calling the Advice Centre or visiting a branch. Never provide your PAC via email, text message or in person to another individual.
- Repeating verification codes that a Coast Capital employee sends you via email or text message when you initiate an interaction with us by calling the Advice Centre or visiting a branch. If we are the ones initiating an interaction with you, we will never ask for verification codes.
- Providing identity and income verification documents via email if you have an ongoing bank application, such as for a loan or mortgage.
- Answering transaction questions about your account.
Take immediate action by threatening to close your account: Coast Capital will not threaten to close your account or pressure you to act immediately. Verify any request by calling the number on the back of your bank card. Do not call back any number provided by the person who contacted you originally.
Click on suspicious links: Coast Capital will never send an unsolicited email or text message with a suspicious link asking you to log into your account or reset your password. Always verify the link to ensure you are on the official bank website when logging in online.
Participate in an investigation: In a Bank Investigator Scam, a cybercriminal poses as a Coast Capital employee, often from the fraud department. They provide a fake name and employee ID to appear legitimate, claiming your account has been compromised or they need help with an internal fraud case. The cybercriminal will try to involve you in the “investigation” and may even offer compensation. As part of this scheme, they may ask for your account information or OTPs with the goal of taking over your account or approving unauthorized transactions. They may also claim you need to protect your finances by transferring money into a separate account or withdrawing cash and purchasing Bitcoin (or other cryptocurrencies) at a Bitcoin ATM.
Transfer money or send gift cards: Coast Capital will never request you to transfer money or purchase gift cards as part of an investigation or for any payments or fees. Once funds are transferred or Bitcoin and/or gift cards are purchased, the funds become unrecoverable. These items are guaranteed funds, and the cybercriminals are ready to use them as soon as they receive them.
Turn over a bank card: Bank cards are never hand delivered. Coast Capital will never ask to meet you outside of a branch or ask for your home address so that someone can meet you to turn over a bank card. If you require a new bank card, visit a branch or call the Advice Centre for instructions on how you will receive the card.
Provide remote access to your computer: Coast Capital will never ask for remote access to your computer or phone. If you receive a request to install software that enables remote access, block them immediately. Cybercriminals use this tactic to gain control of your device and steal your information, including collecting your login credentials.
Ways to protect yourself:
Always verify before you act: If you receive a suspicious request via email, text message, or phone call, look for any announcements on the Coast Capital mobile app or website that may be related to the request before you take any action. If you are still uncertain, verify by contacting us directly using the phone number on the back of your bank card.
Use strong passwords and enable multi-factor authentication (MFA): The most reliable form of password is a passphrase, where you use a sequence of mixed words. They are usually longer than passwords and easier to remember, making them more secure. Enabling MFA wherever possible, such as your email accounts, provides an additional layer of verification by combining something you know (username and password) with something you have (a device with access to a unique SMS or email).
Report suspicious activity: If you suspect fraud, contact us immediately about any unauthorized transactions to secure your accounts. Also report the suspicious activity to local law enforcement and the Canadian Anti-Fraud Centre (CAFC) to protect others and help shut down the cybercriminals.
Monitor your accounts: Regularly review your bank and credit card statements for any unauthorized transactions. Turn on notifications through your online banking account to get notified by text or email for transactional, security, and bill payee alerts.
Limit what you share online: Be mindful of what you share online. Cybercriminals can use your social media information to gain insight into your personal life, create a profile on you, and compile details for social engineering or impersonation attempts.
Stay informed: Keep up with the latest scam trends by following fraud prevention alerts from the CAFC and the Coast Capital Cybersecurity Hub.
Bottom line
As cybercriminals get more sophisticated, staying informed is your best defense. By remaining vigilant and practicing secure banking habits, you can recognize suspicious requests and take action to protect your personal and financial information.
The stuff we have to say.
This article is provided for general information purposes only. It is not to be relied upon as financial, tax, or investment advice or guarantees about the future, nor should it be considered a recommendation to buy or sell. Information contained in this article, including information relating to interest rates, market conditions, tax rules, fees, and other investment factors are subject to change without notice and Cost Capital Savings Federal Credit Union is not responsible to update this information. All third party sources are believed to be accurate and reliable as of the date of publication and Coast Capital Savings Federal Credit Union does not guarantee accuracy or reliability of such sources. Readers should consult their own professional advisor for specific financial, investment, and tax advice tailored to their needs to ensure that individual circumstances are considered properly and action is taken based on the latest available information.
Links
