Fraud Awareness

We are constantly hearing about scams and frauds and why it is important to keep our accounts and financial information safe and secure, but do you know how to protect yourself? Let us walk you through some common scams to help you become more aware and learn how to protect yourself from financial fraud.  This is a sample of just a few methods fraudsters use to get your money or information.  Please use the resources at the bottom of the page to learn more.

KCCU ®MemberDirect Online Banking Alerts provide you with an additional layer of security by notifying you via text message or email when there have been certain changes to your online account. Learn more and sign up today!    

Phishing and Spoofing

Phishing is a fraudulent attempt to capture your personal or financial information, such as usernames, PIN, passwords, credit/debit card numbers and other sensitive data that can be used to conduct financial crimes.

Spoofing is a type of scam where criminals disguise an email address, phone number, text message, or website URL to convince you that you are interacting with a known, trusted source. Often, the message is even personalized specifically for you.  Spoofing often involves changing just one letter, number, or symbol of the communication so that, at a quick glance it looks valid but at times it may also be done through a highjacked URL on a legitimate website.  For example, you may receive an e-mail which appears to be sent by a reputable company, bank, internet service provider (or so it appears) asking you to input financial information. Requests such as this are likely attempting to capture the information you give and defraud you.

Please note that KCCU will never send you a text message or e-mail asking you to validate or restore your access by requesting your password, PIN, or account number.

How do I protect myself? 

  • Never assume that phone numbers, emails or texts on your display are true.
  • Be cautious when sharing personal or sensitive information; use independent verification prior to sharing.  Call the company directly using contact information from another source; not from the message you just received.
  • Never trust alarming or urgent messages requesting access or information.
  • Always verify the URL and domain when visiting a website to make sure you are actually on the official and true site.
  • Avoid clicking links and attachments received via text message or email.  Think before you click.
  • Keep your software, browser, and operating system up to date.
  • Maintain anti-virus and anti-malware software.
  • Sign up for alerts and auto-deposit for online banking.

Identity Theft or Cybercrime

Identity theft refers to criminals stealing your personal information without your knowledge or consent and using it for criminal purposes.  Cybercrime is criminal activity that either targets or uses a computer, a computer network, or a networked device to obtain your personal information or data. The source of your information could be easily found in your recycle box, garbage, mail or electronically stolen through phishing, database breaches, spyware, malware, or viruses. It is important to protect your identity and personal data and never to share personal information.

  • Malware – Malware is software which invades your computer system when you open e-mail attachments, visit websites, open instant messaging sessions or during file-sharing sessions.  It can cause viruses, Trojans, spyware, and ransomware without you even knowing they have been installed until the damage has been done.
  • Spyware – Spyware is a program which installs itself on your computer/device to spy on your computer and online activities.  It works by running a program behind the scenes and it is unlikely to know that you are being monitored.  Some spywares will cause nuisance by launching pop-ups or changing browser homepage while others spyware could bury itself deep into the memory and track other data.
  • Spam – Spam is any kind of unwanted, unsolicited digital communication that gets sent out in bulk e-mail or instant messaging.  The perpetrator obtains a list of valid e-mail addresses and then fires out thousands of e-mails with minimal cost.  Spam can be an entry point for spyware or malware.
  • Keystroke Logging – Keystroke logging is the action of recording the keys struck on a keyboard by a hacker installing software or a physical device on your computer. Your keyboard strokes are tracked including passwords, e-mail, websites visited, credit card numbers – anything you type.

How do I protect myself?

  • Employ common sense before handing over sensitive information.
  • Do not over-share on social networking websites.
  • Maintain trusted anti-virus, anti-malware, anti-spyware, and anti-spam protection.
  • Keep your software and operating system up to date.
  • Configure regular scans and monitor settings.
  • Use only secure networks (Encrypted).
  • Employ browser common sense.
  • Maintain a secure firewall.
  • Keep a tight grip on your personal information.
  • Stay current on the latest attacks.
  • Handle financial information with care.
  • Create strong passwords; change regularly.
  • Be careful with unsecured Wi-Fi.
  • Monitor credit and bank accounts closely.
  • Sign up for alerts for online banking.
  • Learn how to protect your computer and keep your information and data safe.

Telephone/Text /Mail Fraud

Imposters call, text or e-mail and identify themselves as representatives of well-known companies or agencies. The criminals provide you with great news of special time limited offers, lottery winnings or inheritances which require immediate commitment and actions to occur to qualify.  Other method of the same may involve a call or letter stating that they are from a government or police agency and you are being investigated and must follow their instructions exactly to avoid prosecution or fines.  There always seems to be a sense of urgency and often intimidation in these types of frauds which leads the victim to act quickly. They may often spoof local area codes on a call as it makes them appear to be local and therefore more trustworthy. 

How do I protect myself?

  • The key to not becoming a victim is to just hang up, delete or shred.
  • Be suspicious of any unsolicited calls where someone claims you have a computer security problem.
  • Don’t invest or purchase a product or service without carefully checking out the investment, product, service, and the company.
  • Request further documentation from the caller so you can verify the validity of the company.
  • Don’t be fooled by the promise of a valuable prize in return for a low-cost purchase.
  • Don’t be pressured to send money to take advantage of a “special offer or deal.”
  • Don’t be hurried into sending money to claim a prize that is available for only a “few hours”.
  • Never disclose information about your finances, accounts, or credit cards (not even the credit card expiry date).
  • Contact the Canadian Anti-fraud Centre to report fraud incidents.

Romance Scams

Unscrupulous individuals will use dating or social networking sites to seek out potential victims and gain your trust over time. Once the perpetrator has gained your confidence, they will ask for assistance in paying travel costs to meet them or for money to cover an emergency.

How do I protect myself?

  • If you do set up a meeting – tell family and friends when and where you are going and meet in a local, public place.
  • Do not share personal (birthdate, address) or financial information with anyone you have only just met online or in person.
  • Never send intimate photos or video of yourself. The scammer may try to use these to blackmail you into sending money.
  • Be cautious when conversing with an individual that claims to live close to you but is working overseas.
  • Never under any circumstance send money for any reason. The scammer will make it seem like an emergency, they may even express distress or anger to make you feel guilty but DO NOT send money. END THE CONVERSATION!
  • Should you be asked to accept money (e-transfer, cheque) or goods (usually electronics) for you to then transfer/send elsewhere, do not accept to do so. This is usually a form of money laundering which is a criminal offence.
  • If you suspect a loved one may be a victim of a romance scam – based on any of the above points – explain the concerns and risks to them and help them get out of the situation.
  • Do an image search of the admirer to see if their photo has been taken from a stock photo site or someone else’s online profile.
  • Look for inconsistencies in their online profile vs. what they tell you.
  • Watch for poorly written, vague messages, sometimes even addressing you by the wrong name – often scammers are working several victims at once.
  • If you have transferred money, stop the transaction if possible.

A third party is an individual or entity, other than the account holder or those authorized to give instructions about the account, who directs what happens with the account. For example, if an account were opened in one individual’s name for deposits that are directed by someone else, the other person or entity would be a third party.

  • A secondary piece of identification from the primary list above
  • Canadian Birth Certificate
  • Credit Card bearing the name and signature of the individual which has issued by a well-known and reputable Canadian financial institution
  • A CNIB (Canadian Institute for the Blind) client card bearing the individual’s photo and signature
  • Provincial Outdoors Card
  • Canadian University or College Student Card with photo (for student identification only)
  • An employee identification card (with photo) issued by an employer that is well known in the community (i.e. KGH, DND, Queens University, Corrections Canada, etc.)
  • Foreign passport
  • Canadian Passport
  • Permanent resident card
  • Citizenship card (issued prior to 2012)
  • Secure Certificate of Indian Status issued by the Government of Canada
  • Driver’s licenses issued by province or territory
  • The DND (Department of National Defense) 404 driver’s license
  • Nexus Card issued by Canada Border Services Agency
  • Provincial Service Cards
  • Provincial or territorial identity cards (i.e. Ontario Photo Identification Card)
  • Foreign Passport (only if it is equivalent to a Canadian issued photo identification document)