Alerts
What is an Intercepted e-Transfer you wonder?
This occurs when a customer sends an e-Transfer to someone they know. Criminals seize the opportunity to deposit the funds to a mule account before the intended recipient has the chance. The interception is not caused by a vulnerability in MemberDirect or the Interac e-Transfer product, but rather because the recipient’s email account was accessed by a criminal. Once in that account, criminals can “see” the notification from Interac and use the deposit link to redirect funds into a different account by answering the security question.
Here are some tips to help protect yourself:
- Do not communicate the answer to the security question via email. Call and/or text the recipient with the password.
- Select a question and answer that is not easy for a third party to guess. If the notification is intercepted, it will be harder for a criminal to answer and steal the funds.
- Be cautious not to click on any phishing links and ensure you are only transacting with trusted websites, vendors and people.
- Immediately notify your financial institution if you sense anything suspicious about your transaction.
- Register for Autodeposit (if enabled for your institution). This will make sending money on the e-Transfer service more secure.
- Interac has announced they will begin scoring, alerting, and reporting on suspicious e-Transfers sent to potentially compromised email accounts to proactively prevent being intercepted by an unintended recipient.
Summary
Newfoundland and Labrador cell phone users are being targeted by a phishing scam. Potential victims receive a text from the "709" area code containing a malicious link that appears to be an electronic fund transfer. Information given through this link provides scammers with direct access to your account.
WHAT TO LOOK FOR:
- Some illegitimate dating websites make you pay for each email or message. Scammers will send vague-sounding emails filled with love and desire to keep you writing back.
- Scammers will try to build a relationship with you and exploit your compassionate side. They ask for money to help a sick family member, deal with a personal emergency, or to pay for travel expenses to visit you - and then they disappear.
- Check website addresses carefully. Scammers often set-up fake websites with similar addresses to legitimate sites.
- Never send money, or give credit card or online account details to anyone you don’t know and trust.
- Ask yourself, “Would someone I have never met really declare their love for me after only a few letters or emails?”
- Always talk to a trusted loved one before you send money to people you have met online.
- By Brandon Allison
Summary
With the holiday season just around the corner, it is increasingly important to be vigilant and ensure proper measures are in place to mitigate fraud. As members begin their holiday shopping they increasingly become susceptible to fraud schemes that may compromise their card and/or identity.
It is important to note that senior citizens as a demographic are especially susceptible to fraud schemes. The Competition Bureau Canada has recently released its 2nd edition of the “The Little Black Book of Scams.” This pamphlet outlines the most popular scams and fraud schemes currently in practice as well as ways to spot them and methods of safeguarding yourself from being victimized by them.
A pdf copy of this book can be found here. The Competition Bureau has also made copies of these books to individuals and businesses free.
Purpose
This bulletin was prepared to provide information and preventative measures when it comes to selling merchandise online.
Overview
Consumers who sell merchandise online are susceptible to victimization which can lead to loss of merchandise, funds or both. Fraudsters contact potential victims through email or text with a generic message inquiring about the availability of an item for sale. Fraudsters claim to be located out of town and offer to purchase the item unseen. The seller will receive a spoofed Paypal email message or email money transfer notification claiming their payment is pending. The message indicates that the funds enclosed are to cover the cost of the item plus shipping and in order for the funds to be released a tracking number must be provided by the seller. Therefore the seller ships the product, obtains a tracking number and provides the tracking number to the fraudster. The seller then learns that the payment notification is spoofed and no funds are collected.
In another variation, the fraudsters will send a follow-up email advising the seller that they cannot send the payment due to a problem with the sellers Paypal or bank account. Sellers are told they are required to pay $500 to obtain a business account with the selected payment provider to complete the transaction. The fraudster will offer to pay the business account fee if the seller reimburses them for the cost. The seller is then directed to send the reimbursement using a money service business such as MoneyGram or Western Union. The seller once again learns that the payment notification is spoofed and no funds are available.
Warning Signs – How to Protect Yourself:
- Always meet in a local, public and safe location to complete the exchange.
- Beware of generic emails with bad grammar.
- Beware of overseas buyers who want to buy sight unseen.
- Review all emails to ensure they are not spoofed.
- Never send money to get money.
- Do an open source search to see if anyone has reported the fraudulent seller.
If you think you or someone you know has been a victim of fraud, please contact the Canadian Anti-Fraud Centre at 1-888-495-8501 or report online at antifraudcentre.ca
Purpose
This bulletin was prepared to provide information on the recovery pitch, which targets Canadians who have previously been victimized by other scams.
Overview
If a consumer has been victimized by a scam, they are likely to be targeted again in the future with the recovery pitch. Scammers will target previous victims on the premise of increased vulnerability and likelihood of obtaining additional funds. The recovery pitch involves scammers deceiving victims to believe there is an opportunity to recover funds lost in a previous scam (full or portion). Scammers may portray themselves as members of law enforcement, investigating agencies, bank employees, or lawyers to establish a sense of credibility.
One form of the recovery pitch involves victims of the Anti-Virus Scam who previously paid scammers a fee to remove online threats, such as viruses from their computer. Victims are later called and advised the company has filed for bankruptcy and are offered a refund. Victims are asked to provide scammers access to their computer to process a refund via online banking. Furthermore, consumers are asked to log into their online banking. The consumer is told the screen will go black for a brief minute to process the refund, however the scammer utilizes the opportunity to forward money from the victim’s line of credit or credit card to their bank account, making it appear as if a refund was deposited. Moreover, the victim is told an error occurred and the refund was overpaid (example: refunded $2900 Cdn instead of $290 Cdn). Scammers demand the victim refund the difference to correct the error. Victims will try to resolve the issue and send the monies only to later realize the original “refund” was actually a transfer from their line of credit or credit card. The victim is now responsible for the funds lost.
Another form of the recovery pitch involves the Bank Investigator Scam. Consumers receive calls from scammers purporting to be from their bank or a major credit card provider. Victims are led to believe that a bank investigator is investigating unauthorized charges on their account to identify a suspect and refund the stolen funds. Victims provide remote access to their computer and online banking to allow the investigator to review any discrepancies or possibilities of fraud. The investigator will deposit money into the victims account with instructions to wire/send the money internationally to see if anyone from the bank steals or intercepts the money. Requests of payment can vary, however include money service business transfers or wire transfers. Unbeknownst to the victim, the scammer will complete a transfer of funds from the victim’s line of credit or credit card to their bank account to create a false pretense that the victim is using the banks money. Once the victim sends money to recover the original unauthorized charges, they realize they have been scammed and are responsible for the funds lost.
The recovery pitch can take form using any scam. Whether it be a romance scam, prize scam, or one of the scams mentioned above, scammers may contact the victim to impersonate a lawyer and claim they can obtain lost funds for the price of legal fees. Victims will pay advance fees to assist in recovering lost finances.
Warning Signs – How to Protect Yourself:
- Never pay an advance fee to obtain a refund.
- Record all information – confirm who you are dealing with.
- Conduct open source searches to cross reference information.
If you think you or someone you know has been a victim of fraud, please contact the Canadian Anti-Fraud Centre at 1-888-495-8501 or report online at antifraudcentre.ca
Purpose
This bulletin was created to provide Canadians with information about how to recognize and reject continuity scams.
Overview
As E-Commerce continues to grow, so do the opportunities to be victimized through online purchases– specifically with a credit card. Continuity scams largely take place when someone who is online observes a pop-up or advertisement offering a free trial or free gift upon completion of a survey. Consumers who participate are often asked to provide a credit card to pay for shipping and handling. Unless victims review the terms and conditions, it’s unlikely they will see the hidden fees associated to the offer, which includes overpriced monthly charges that are nearly impossible to cancel.
As 2017 begins, many Canadians are creating New Year resolutions, which can include healthier choices and weight loss. Continuity scams take advantage of these opportunities and offer free weight loss pills or free subscription to health products such as Acai Berries – assuming you sign up and provide a credit card for shipping. Victims will receive their product and witness a charge to their credit card. The prices can vary from $1.99 to $1000.00 and victims will continue be charged until the company is contacted and services cancelled. Additionally, it is not uncommon for victims to be charged more than once per month by multiple different merchants.
In order to stop the fraud victims should contact the suspected company requesting a stop payment and keep records of all correspondence. Victims can also refuse delivery of goods and should contact their respective financial institution or credit card provider to request a charge back due to fraud.
Warning Signs – How to Protect Yourself:
- Review all fine print and terms and conditions before making a purchase
- Conduct open source searches to see if anybody has suggested the offer is a scam
- Beware of paid advertisements online. Paid banner ads are not always affiliated to the website you are viewing
- Review credit card statements regularly for unauthorized charges
If you think you or someone you know has been a victim of fraud, please contact the Canadian Anti-Fraud Centre at 1-888-495-8501 or report online at antifraudcentre.ca
Public Service Credit Union has been alerted to a phishing scam in the form of an automated call saying it is the credit union calling and not a telemarketing call. The caller tells the recipient to contact the credit union at 1-877-288-5599 to verify vital information. The member was asked for their debit card number. Members should not respond to this type of scam. If in doubt about the origin of a call please contact the credit union via any of the ways outlined on our web page.
Central 1 has become aware of a recently detected new vulnerability in the SSL v3 encryption protocol which when exploited allows information to be stolen from a web banking session using this encryption method. This vulnerability is being called 'Poodle’. Internet Explorer 6.0 (IE 6.0) exclusively leverages this encryption protocol. However, newer versions of IE (as well as Chrome, Firefox and Safari) could also be manipulated to exclusively use the SSL v3 encryption opposed to the newer TLS level that is used as the default setting in newer web browsers. Google Chrome and Firefox have already announced their deprecation of SSL v3, and will be blocking SSL v3 in their next releases to resolve this vulnerability. To exploit the vulnerability, the encryption protocol needs to be supported on both the browser as well as the server hosting the web session.
On March 1st, 2014, Central 1 communicated their current browser support for MemberDirect services:, which for convenience is outlined here. While Central 1 has not supported IE 6.0 for quite some time, we had not yet taken steps to block members from using this specific browser. Central 1 believes ‘Poodle' poses a significant risk, and unlikely to be patched in the future. As a result, with this information, combined with the knowledge that IE 6.0 comprises less than 0.10% of web traffic for all MemberDirect services, we have taken proactive steps to remove the support for the SSL v3 encryption protocol last evening from the MemberDirect servers to mitigate risk to your organization and your members. This action will prevent anyone from accessing MemberDirect using IE 6.0, or any browser version that is leveraging the SSL v3 encryption protocol.
Although volume is low, Central 1 is not aware if this is traffic originating from consumers, corporate clients, or even staff from within your organization. Once Central 1 implement the changes, these members will now receive a browser error when attempting to access MemberDirect, and may believe the site is unavailable. In these cases when reported, please direct the member to use any of the officially supported browsers listed here to continue online as usual.
Public Service Credit Union has been alerted to the presence of an SMS text messaging phishing scam that is contacting people across Canada. People receive an alert (sample below), requesting that they call a toll free number because their account has been locked due to exceeding online attempts. The text messages reference a financial institution name, however the person receiving the text does not always have a relationship with the financial Institution referenced, which indicates that the text messages are being randomly sent.
Customers that call into the number will be prompted for their card number, expiry date, and their personal access code. Your customers should not provide this information at any time, as this may lead to their account being compromised.
Public Service does provide MemberDirect Alerts, which advise customers their accounts have been locked out due to failing a password 3 times, or failing the Increased Authentication challenge question 3 times. In both of these cases, the Alert would populate with the following message format : “Login failed and account is locked. Contact Pubic Service Credit Union at pscu.ca.
If you have any questions, or concerns on this issue, please feel free to contact the MemberDirect Support team for assistance.
Securities regulators in the United States have been investigating an international entity, Profitable Sunrise et al, which is currently involved in soliciting for “high-yield investments” through wire transfers.
The Alberta Securities Commission (ASC) has been alerted by First Calgary Financial, Calgary, concerning several of their clients who have attempted to withdraw significant funds from credit union accounts to be wired to the Czech Republic. First Calgary Financial employees identified the suspicious transactions and management notified enforcement personnel with ACS.
The entity operates a website, profitablesunrise.com, which is registered under the name Inter Reef, Ltd., 590A Kingsbury Road, Birmingham, U.K. B24 9ND, through a domain server located in California. The website solicits investments by affiliation with religious and charitable organizations, further touts a “Referral Program” where individuals can refer other investors and receive a commission of 5% of the amount invested, along with a higher yield on their investments.
Names associated to this investigation include: Roman Novak, Radoslav Novak and Inter Reef Ltd d/b/a Profitable Sunrise.
Any of your members who attempt to wire funds to this entity need to be warned and advised of the potential loss in this type of fraud.
A phishing email claiming to be coming from cucardsonline.com asks members to click on a link that would appear to lead them to the MasterCard Choice Rewards website to enter personal information. This site is fraudulent. Please continue to educate your members that If they should receive this email, do not click on the link.
The fraudulent email may suggest that you have not logged in for a certain number of days, and need to update your information by logging in to the site. Do not do this. Although the link appears to go to the MasterCard site, it is really a copycat site created by thieves to steal personal and password information and possibly install a trojan horse virus on your computer.
If you receive such an email, immediately delete the email without clicking on the link.
IMPORTANT: A fraudulent email is being sent to some CUETS Financial customers. The email subject is "Your Attention is needed" and the senders' email is CUETS Financial messageid2217@cuets.ca. The email asks that you update your account information for your Credit Union Mastercard. If you have received this email, DO NOT follow the link or provide any personal information. Delete the email. This is a kind of fraud called phishing. Read more about phishing scams here. Reputable financial institutions will NEVER use email to request personal account information.
If you feel your card information has been compromised, contact the 1-800 number on the back of your credit card for immediate assistance, Card Services at 1-800-561-7849 or .
We would like to make members aware of a scam in which people have received an email claiming to be from "Credit Union Canada" looking to verify and update their online information. This is a scam and members are advised not to click on the link in the email and to contact the office immediately and let us know. Remember, when you receive unsolicited emails requesting information to be cautious. Before doing anything contact the sender by a means you are familiar with and ask them to verify.