Skip To Content

Protect yourself

Learn about fraud and how to safely carry out your day-to-day activities in today’s digital world

Every year, thousands of Canadians become the latest victims of fraud. It's easy to read something and believe that it could never happen to you, but there's a good chance that it will happen to you or someone close to you.

If it seems too good to be true, it probably is. 

The most important thing to know about fraud is that it can happen to anyone, anytime, anywhere, and in any number of ways. No one ever wakes up in the morning and thinks to themselves, “Today I’m going to become a victim of fraud.” We assume we know the warning signs and that we’ll recognize  fraud when we see it. And yet every day, many of us do fall prey to fraudsters, because it’s easy to be caught off-guard. 

It's not surprising, that as we all spend more time in the digital world, fraudsters have turned their attention to using today's most common means of information gathering and communication to set their trap. But remember, scammers can't make money off those who are educated, know what to look out for, and how to protect themselves from fraud.

Five good practices for safer online contact

1. Slow down

A common theme in many fraud attempts is the artificial urgency or urgent pleas that fraudsters employ to prevent you from taking time to properly think things through. Just say no! Hi-pressure sales tactics are tools to force you to make an immediate decision, but don’t listen. When presented with an enticing offer, stop, and think about it.

2. Question everything

Who is this person who contacted you? Do you know them? Did you expect the call or a delivery of a package? Is their request unsolicited? Would you trust them to watch your wallet? Why did they approach you? If you have won something, why are you being asked to provide financial information such as credit card or account information? What are the risks? If someone calls claiming to be from the government or a financial institution, take their name and then look up the business or organization’s phone number on your own, and then call and ask to speak with the name of the person who called you. 

3. Do your research

Make sure that the organization you’ve been contacted by, is legitimate before taking any action. Search the Government of Canada’s online resource, the Canadian Anti-Fraud Centre for information on current scams. Or you can conduct a quick online search with the organization or individual’s name – often times people will already have reported the suspicious activity and a record of previous reports can easily be found.

4. Get a second opinion 

If you’re asked to do something (wiring someone money, for example) and you feel uneasy about it, bounce the idea off of a trusted friend, a colleague, or someone at the credit union and run the proposal past them. Do they think it’s a promising idea, too?

5. There’s no such thing as a free lunch 

Many scams play on the appeal of quick, easy money. It’s easy to get blinded by the dollar signs. Don’t let that distract you from making a reasonable, informed, and cautious decision. Listen to your gut. If something sounds too good to be true, it probably is. 

New name, same game

Throughout history, they've gone by many names — shill, grifter, con-artist, scammer, hustler, swindler and more, but whatever the title, the name of the game is the same — separating good people from their money. You can protect yourself and learn how to avoid being the next victim of fraud by sticking to these safe practices when in the digital world.

Browsing the internet safely
Look for a "lock" icon at the bottom of your browser and make sure "https" appears in front of the Web address before submitting any personal or financial information through a web site. These visual clues tell you the information you are sending is secure.

Verify links before clicking on them by hovering your mouse over the link and carefully checking that it's the website that you expect. The difference may be as simple as a .net address versus a .com address, or a slight difference in spelling, so pay close attention.

When possible, go to the source directly, and type in the company website yourself to verify and use the information from the website.
Watching out for online ads
Google Ads show the destination website address near the ad headline. Confirm this link is what you expect before clicking, and if unsure, don't click the link. 

Don’t open suspicious attachments or click unusual links in messages. They can appear in email, tweets, posts, online ads, messages, or attachments, and sometimes disguise themselves as known and trusted sources.
Staying away from pirated material
Avoid streaming or downloading movies, music, books, or applications that do not come from trusted sources. They may contain malware.
Creating safer passwords
In today’s digital world, we use passwords for almost everything, from online banking and shopping, to apps, medical services, and more. This makes the use of strong passwords an essential piece of the puzzle in protecting yourself from fraud. Here are some reminders on how to create better passwords:
  • Unique passwords matter. Create a unique, secure password for every site that needs one. That way if one site password is compromised, your other logins will remain secure. It may take more thought, but the extra security is worth it.
  • Don’t use the auto-save function on your browser or device for usernames and passwords. Saving your credentials may seem easier, but if your phone or computer should get into the wrong hands, entry to your account is automatic. 
  • Use a password generator and keep passwords in a safe place such as a lock box, or safe. 
SCU_Icon_Lightbulb.pngLock your phone and computer and use a PIN for your computer or biometric authentication to access your phone as an added layer of security.
Keeping your digital banking safe
Online banking security is the responsibility of everyone who uses the system. We invest considerable time and money in fraud detection systems, but online banking requires vigilance on everyone’s part in order to be effective. It’s better to prevent theft than to try to recover losses later.

It’s easy to protect your digital banking account by following these simple rules:
  • Do not log in to online banking over public Wi-Fi. This is like letting hackers “look over your shoulder” as you do your banking.
  • Do not provide personal information over the phone. Financial institutions do not ask for this information. 
  • If you receive an email or text with an attachment or a link from your “financial institution”  do not follow the link or open the attachment. SCU will never provide an unsolicited email requesting you log in from a link. This is a common method for hackers to gain access to your confidential information.
  • If you receive an Interac e-Transfer® that you weren’t expecting, do not click the link. Make sure you verify the suspicious Interac e-Transfer with the sender personally before clicking.
  • Never provide your password or PIN to anyone. SCU will never ask you to provide us with your passwords or PINs.
Protecting yourself from email fraud
  • Be skeptical of emails, messages, or websites containing misspelled familiar words; grammatical errors that make it difficult to understand or misuse a common expression.
  • Don't reply to emails asking for personal information to stop the sudden closure of an account. Do not click on links within the email. 
  • Instead, type the website address directly into your browser so you can confirm that it is safe, or call the company directly instead
  • Don't open attachments, follow links, or reply to spam messages — even to unsubscribe. Hover your mouse over the link and carefully check that it's the website that you expect. The difference may be as simple as a .net address versus a .com address, or a slight difference in spelling, so pay close attention.
  • Do not provide account or personal details through an unsecured email program. If you need to send sensitive documents through email, ensure the company has a secure email portal.  If you’re sending personal documents to SCU, speak with an SCU representative and they’ll help you get set up with our secure email portal.
  • Only access your online banking from our website or mobile app. Do not use links in an email.
  • Check for secure, legitimate links by hovering over them and make sure you understand where the link is going, versus where the email says it’s going. If you’re unsure, do not click the link. 
  • Don’t click links within emails or provide information in exchange for a “gift,” as these often link to unsecured or spoofed sites that look real but are not.
  • Don’t allow the sender to rush you into a decision when you receive an “urgent” email. Fraudsters will create a sense of urgency to make you act before you think. Be suspicious of anything (an email or phone call) that attempts to panic you into making a hasty decision.
  • Call the sender directly to confirm the authenticity of the information.
Protecting your mobile device
As you use your smartphone or tablet to bank and shop online, it’s important to keep your personal information secure. 

Here are tips to help you protect your mobile devices:

  • Enable password protection: A reasonably complex six-digit password will protect your phone from the average criminal if it’s lost or stolen. For convenience, most devices also offer biometric identification such as fingerprint or face ID. Remember to set your phone to lock automatically when you aren’t using it.
  • Don’t connect to public Wi-Fi hotspots and turn off Bluetooth in public places. Never accept files from an unknown device. Someone else could access your private login details  while you’re connected through Wi-Fi. Instead, use your mobile data network, which has built-in security.
  • Be aware of smishing  attacks, which are misleading text messages designed to trick you into clicking on a malicious link or downloading an attachment from a number you don’t know.
  • Make sure you have remote access: Most smartphones allow users to remotely track a device location, lock the device, erase the data, and retrieve a backup if it’s lost or stolen.
  • Use discretion when downloading apps: Only download apps from the App Store or Google Play. Even apps that seem innocent can have software designed to steal personal data, make fraudulent charges, or even hijack your phone. Be sure to also manage the apps your children can download on your device.
  • Keep your device and apps up to date: Update your apps regularly and set your devices to automatically update so they can receive security patches to keep them protected. Consider replacing devices once they no longer receive software updates.
  • Set up a PIN for account changes: If you haven’t already, call your service provider and set up a PIN that must be entered before making any changes to your phone plan. This adds an extra layer of security and helps make sure only you have access to your account.
Watching out for online shopping scams
Shopping online is convenient and easy but can also be dangerous if you provide personal banking or credit card information to an online e-commerce site. Take your time, confirm the website is legitimate and secure, and as always, if the deal is too good to believe, it probably is. 
  • Avoid making purchases and banking transactions — or any communication that conveys a password, account number, or credit card number — unless you are certain that you are on a secure site and connection (i.e., https://).
  • When shopping online, check out the website before entering your credit card number or other personal information. 
  • Read the privacy policy and look for opportunities to opt out of information sharing. (If there is no privacy policy posted, beware! Shop elsewhere.)
  • Learn how to tell when a website is secure. Look for "https" in the address bar or an unbroken padlock icon at the bottom of the browser window. These are signs that the information you transmit is encrypted (or scrambled), protecting it from hackers as it moves across the internet.
Protecting your computer
Make sure to download recommended updates from your device manufacturer or operating system provider, especially for important software such as your internet browser. Antivirus software, antispyware software, and firewalls are also important tools to thwart attacks on your device. Take advantage of automatic updating when it's available. Antivirus software protects your device from viruses that can destroy your data, slow down or crash your device, or allow spammers to send email through your account.
  • Update your browser with the latest version. Updated browsers have built-in protection against fake sites and viruses. These updates can eliminate software flaws that allow hackers to view your activity or steal information.
  • Get the latest anti-virus or security system software (firewalls) to protect you against online hazards. There are some operating systems that have built-in firewalls that may be shipped in the "off" mode. Confirm that your firewalls are switched “on” and keep all software updated.
  • Don't use USBs or other external devices unless you own them.
  • To avoid infection by malware and viruses, ensure that all external devices either belong to you or come from a reliable source.

Information centre

Phone icon

Report fraud

You’re not alone. Whether you’ve fallen victim to fraud or have received a suspicious email or text, your first step is to report it.
Learn how to report fraud
Lightbulb icon

Fraud resources

Stay up to date with fraud resources including a glossary of terms, helpful links, and the latest from the CAFC.
Get the latest updates
Shield icon

Your privacy

We invest considerable resources to protect your privacy, secure your information, and safeguard you from fraud.
Learn how we protect your privacy

®Apple, iPhone, and Apple Watch are trademarks of Apple Inc., registered in the U.S. and other countries.
Interac e-Transfer® is a registered trademark and the Interac logo is a trademark of Interac Corp. Used under licence.
©2022 Google LLC All rights reserved. 

Cookie Consent

We use cookies on our site to improve your experience.