Fraud, Schemes & Scams

Cyber Attacks

WHAT ARE THEY AND HOW CAN YOU PROTECT YOURSELF? CLICK HERE TO LEARN MORE.

Cyber attacks are becoming increasingly sophisticated and thieves often try to manipulate people into providing their information through a number of different ways, such as:

  • Phishing, where fake e-mails and texts are sent to members with a link that lures you to a fake version of a real website. This site will ask for your security information, such as passwords, account numbers or credit card details,
  • "Brute Force" attacks, where fraudsters use a computer program to try to guess account passwords, and
  • Phone calls to members, where scammers are impersonating trusted sources, such as your credit union, and are asking for your personal information.

It’s a scary thought that cyber attacks are happening, but the good news is that your credit union continues to stay vigilant in working to prevent such fraud. We have put several security measures in place, many of which are not visible to our members, to safeguard you.  A great example of this is the Strong Passwords required for your Online and Mobile Banking, which were developed to help strengthen security for members.

You can protect yourself from being exploited by using caution when receiving requests for personal information, and by following some good practices:

  • Don't disclose private information when contacted unexpectedly – we won’t send you an email or text asking you to provide us with your private banking details.
  • Don't open email attachments unless you know the sender and are expecting to receive an attachment from them.
  • Don't click on links in emails or texts unless you are confident that it will take you to a real website. A good trick is to “hover” your mouse over any links to see the web address before clicking.
  • Keep an eye on your accounts through Online Banking and Mobile Banking or by reviewing monthly statements. Let us know immediately if you find any unexpected activity or discrepancies in your balances.
  • Sign up for Alerts through Online Banking - it’s a free, safe notification service available to all members that can help monitor your accounts.

Get in touch with us right away if you receive a suspicious phone call or email that claims to be from us. You can visit any of your local branches or call us at 1.844.648.6466.



STAY SAFE ONLINE

Life is just a little easier when you use your computer and mobiel devices to get things done online. But there are a few simple and sensible things you should do to protect yourself against security risks:

  • Change your passwords regularily.
  • Don't use the same password for everything.
  • Install anti-virus software to protect your data from viruses and malware. Apply security updates as soon as you receive them.
  • Install anti-spyware software to keep others from gathering information about your online habits or making unauthorized changes to your computer.
  • Implement a firewall to prevent unauthorized access
  • If an email looks suspicious, stop before you click. Look carefully at what it claims and think about whether it makes sense.
  • Check the logo, language and spelling to judge whether it seems legitimate.
  • Call the company and make sure the email came from them. Consider reporting phishing to the Government of Canada Spam Reporting Centre at spam@fightspam.gc.ca. Report additional specifics such as resulting malware infection online at fightspam.gc.ca/src.
  • Never click on a banner ad or pop-up window that says Agree, OK or I accept.

WATCH OUT FOR PHISHING

Cybercriminals have become experts at luring people via email, often impersonating well-known companies, banks and even government agencies. They may ask you to confirm your account information or log into your account. If you take the bait, they've stolen your personal information.

WHAT TO DO IF IT HAPPENS TO YOU

Acting quickly can minimize the damage and help prevent further fraud or theft.

    1. Notify us immediately if you suspect fraud or identity theft. We can provide advice on how to limit access to your credit card or financial accounts and investments.
    2. Call the police and file a report. Keep a copy of the reports for your records.
    3. Change your PIN and passwords immediately.

Keep a list of the people you speak to when reporting a fraud, recording all the dates, names, phone numbers and what was said.



KEEPING YOUR DEVICE SAFE

Picture the scene, you purchase a brand-new laptop only to find it starts to slow down a year later.  This can be incredibly frustrating and you might start to think that you have to break your budget for the latest technology to fix your issues.  Let us stop you in your tracks with that thought - there are a few simple things you can do right now to PROTECT your device and get it running as good as new.

In our new CyberSafe video series, we recommend some key ways to protect your device!




3 TIPS TO PROTECT YOUR DEVICE


1. ALWAYS INSTALL THE LATEST SOFTWARE UPDATES

  • Good software helps stop the bad guys.  Companies like Apple, Microsoft and Google are forever updating their systems and releasing security patches to proactively protect your device from the newest cyber-crime advancements. Always check for the latest updates and take the time to install them when prompted. Installing updates may mean you miss the last 10 minutes of Game of Thrones, but at least you’ll be able to load your device faster and watch the next episode buffer-free. A win-win! 
2. SCAN FOR VIRUSES, MALWARE AND RANSOMWARE
  • As much as the latest software updates are great, you should regularly scan for viruses and malware. By definition, a "virus" is specifically designed to replicate and spread between devices, whereas malware is a form of malicious code in all shapes and sizes that are unwillingly stored on your device to access, spy or steal personal data. Luckily, you can automate regular scans of your entire system to stop or remove the spread of viruses and malware that might be hindering the performance of your device. A quick online search and a glance at a few articles will point you in the right direction for the most popular anti-virus and anti-malware software available, most of which are free to use.
3. ALWAYS BACK UP YOUR FILES
  • As much as the latest software updates are great, you should regularly scan for viruses and malware. By definition, a "virus" is specifically designed to replicate and spread between devices, whereas malware is a form of malicious code in all shapes and sizes that are unwillingly stored on your device to access, spy or steal personal data. Luckily, you can automate regular scans of your entire system to stop or remove the spread of viruses and malware that might be hindering the performance of your device. A quick online search and a glance at a few articles will point you in the right direction for the most popular anti-virus and anti-malware software available, most of which are free to use.

 



THE 4 CORNERSTONES OF INTERNET SECURITY

The internet is a wonderful resource, but lurking beyond the wealth of information and entertainment are dangers that can have a real impact on our personal lives. Every time you browse online, use social media or read an email; cyber-criminals see an opportunity and it’s vital that you take SAFE measures to keep your information secure.

In the latest video of our CyberSafe Series, we look at 4 best practices to keep your personal information under lock and key.




CORNERSTONE 1 - SECURE PASSWORDS
  • Always use secure passwords and never re-use them. As a rule of thumb, a secure password is one that is updated every 12 weeks, is not a word and includes a complex mix of uppercase and lowercase letters, numbers and symbols. It’s good to make sure you have different passwords for different accounts too. If someone manages to guess your password, you can bet they’ll try using it on other sites too. Increasingly, browsers, websites and devices are making it easy to remember complex passwords, or online banking details by offering ‘remember me’, ‘password manager’ or ‘Touch ID’ login features. Always exercise extreme caution if you choose to utilize these options, particularly if you use a public device, share your device with someone else or have not implemented these 3 tips to actively protect your device.
CORNERSTONE 2 - ALWAYS TYPE LOGIN ADDRESSES MANUALLY
  • Never follow an email link to a login page, it may be a phishing email trying to trick you to go to a spoofed login page where cyber-criminals can steal your details. Always type the login addresses manually or navigate to the website from a saved bookmark. To be extra vigilant, always check the spelling of a website’s URL to ensure it is correct, check that the URL starts with https:// or access sensitive sites such as your online banking portal via your anti-virus software’s safe environment.
CORNERSTONE 3 - FINANCIAL INFORMATION ON SECURE NETWORKS
  • You’re forgiven for jumping on the mall's free WiFi, it saves you on costly phone plan data overages and means you can ensure you don’t miss a beat when it comes to staying up to date on the latest celebrity gossip. However, many free Wi-Fi spots or unsecured and with a few simple clicks the person sat next to you in Starbucks can be browsing through your files or recording your actions without you even knowing. Never do any financial site logins or transactions on a public, unsecured connection. If you absolutely have to, turn off WiFi and use your phone’s data instead, or look to access this information using a secure Virtual Private Network (VPN).
CORNERSTONE 4 - ENABLE UPDATES & PATCHES
  • Always install the latest updates to apps and your device. Updates remove vulnerabilities and keep your information and identities safe. To be extra safe, every once in a while you should uninstall unused apps on your device, head into the settings of your phone to delete an app’s data and clear your internet browser of third-party cookies and cached files.

 



HOW TO REPEL PHISHING ATTACKS

Phishing isn't something that happens on a boat or in a river.

It’s when a fraudster sends an email or electronic communication pretending to be a reputable company such as the Canada Revenue Agency or your financial institution. It can also be when a fraudster has hacked your friend's or clients' email account. In these emails, fraudsters induce, pressure and panic individuals into clicking on links or attachments or directly ask you to update personal information such as usernames, passwords or disclose credit card numbers.

This is a shady approach, however by following the SHADY acronym you can repel phishing attacks and send these fraudsters back to the bottom of the ocean. Our latest CyberSafe series covers how to be shady, in a good way!




4 WAYS TO PREVENT PHISHING


BE SAFE, SECURE AND SECRET

  • Always keep personal information secure. Chinook Financial will never ask you to click a link in an email about your account or ask you to provide personal information directly from an email we send you. If you have doubts about the authenticity of the request, or ever need to exchange such information or communicate about your account, always speak to us verbally either in branch or through our contact centre.

HOVER OVER LINKS

  • A quickfire way to prevent your information from being phished is to hover over any link included in an email or document. When you hover over a link in an email, check the link carefully to assess whether it seems legitimate – if you’re unsure, don’t click! The same applies when you hover over any link in an internet browser, except this time the link is previewed in the bottom left of your browser window.

AVOID ODD ATTACHMENTS

  • Whether you exchange electronic documents in an office environment or are receiving a link to download your holiday pictures from a friend – never click on an attachment you weren’t expecting. If you were not expecting the attachment or email, chances are it’s a phishing attempt. Verify that the ask in the email is real by verbally contacting the sender and never ask via email as the sender's account could be compromised. Attachments you were not expecting can be an easy gateway for viruses to enter your system and for fraudsters to access your personal information.

CREATE DIFFICULT PASSWORDS

  • Always use a difficult password and never store them publicly or disclose them when asked – remember, Chinook Financial will never ask you to disclose your PAN number and PAC code over email or telephone. As a rule of thumb, a difficult password is one that is updated every 12 weeks, is not a word and includes a complex mix of uppercase and lowercase letters, numbers and symbols. A good way to generate memorable difficult passwords is by using acronyms. Take the first letters of the phrase “I can’t go 5 minutes without getting an Email!” and you have yourself a difficult password - Icg5mwgae!