Cyber Security Awareness Month

On this page

• Phishing
• Protecting your information
• Fraud initiated on social media

Since the beginning of the pandemic, Canadians have turned to the internet for more and more services. There is a huge overlap between fraud and cybercrime. This month, the CAFC asks everyone to take time to learn more about cyber security and how to protect themselves.

Be sure to check this page each week for bulletin updates, follow us on our social media channels, visit Get Cyber Safe for more information and follow them on social media @GetCyberSafe.

Phishing

Phishing scams are associated with misleading and deceptive emails or text messages, falsely claiming to be from a legitimate organization such as a financial institution, business or Government agency. Phishing messages will ask you to click on a link for various reasons. The goal is to steal your personal and/or financial information, which can be used for identity fraud.

Warning signs and how to protect yourself

• Beware of unsolicited text messages and emails from individuals or organizations asking you to click on a link or attachment
• Watch for spelling mistakes
• Verify the hyperlink behind the link's text or button by hovering over the text
• Do not click on links or attachments; they can contain viruses or spyware
• The Government of Canada will never send funds by email or text message
• Learn more tips and tricks for protecting yourself from fraud

Protecting your information

Working from home, online banking, and socializing online have all increased opportunities for fraudsters to capture your personal and financial information. Fraudsters use this information to:

• access your accounts
• apply for government benefits
• apply for credit cards
• open bank accounts
• open cell phone accounts
• take over your social media and email accounts

It is important that Canadians take steps to secure their personal and financial information and know what to do when identity fraud occurs.

Recognize

• Missing bills and other mail
• Suspicious activity on your bank or credit card statements
• Letters stating that you are approved or declined credit that you did not apply for
• Unauthorized applications or accounts on your credit report
• Creditor or collection agency calls about an application or account you do not have
• Bills from service providers that you do not use
• Phishing emails asking you to click on links or open attachments
• What information has been compromised when you are notified of a database breach

Reject

• Unsolicited emails, phone calls or mail asking for personal or financial information
• Requests for your Social Insurance Number (SIN)
  • It's virtually a key to your identity and credit reports
• Links in any email that look suspicious
  • Never open an attachment from spam or sender not known to you
• Automatic login features that save your username and password
  • Take the time to re-enter your password each time
• Sharing everything through email and social networking sites
• Default privacy settings on your social accounts
• Weak passwords
  • Create strong and unique passwords for every online account including social networks, emails, financial and other accounts
• Simple login measures
  • Where possible, set-up multi-factor authentication on your accounts
• Check your credit report at least once a year
  • To get a free copy of your report, contact: Equifax Canada and TransUnion Canada

Report

• A lost or stolen wallet
• Compromised government identification to the affected government agency
• Re-routed mail requests to Canada Post
• Suspicious bank account activity to your financial institution
• Unauthorized activity on your credit report to the credit bureaus: Equifax and TransUnion
• Loss of account access to the appropriate company

Fraud initiated on social media

Social media was designed to allow users to create and share content, as well as participate in social networking. The Canadian Anti-Fraud Centre includes frauds initiated through dating websites and applications within this contact method too. Fraudsters will create fake accounts, social media bots, compromise existing accounts and create fraudulent advertisements to scam social media users.

Warning signs and how to protect yourself

• Do not accept requests from people you do not know. You do not know if they have malicious intent
• Be wary of profiles that seem perfect in their photos
• Complete a reverse image search to see where the same photo is being used online Google images and TinEye are great options
• Ask specific questions and look for inconsistencies in the responses
• Be wary of those who always have an excuse as to why you cannot meet in person
• Never send money to someone you have never met
• Beware of profiles that do not have many friends connected to it
• If someone is harassing or threatening you, remove, block and report their account
• Spot other fake accounts when: they have a high follower count but low engagement, the engagement rate is too fast, they have a large following but very few posts, they have maxed out their following count, or they only share spam content
• Accounts that only push out information and do not engage in conversations likely have a bot behind them
• Keep an eye out for wording or messages that seem unnatural
• Do not click on suspicious links
• Adjust your social account privacy settings from "public" to a more restricted option
• Do not overshare sensitive information (i.e. personal, financial, when you're away, etc)
• Recognize that what you share online, will always be online
• Do not provide your login details to anyone.

Date modified:

2021-10-28