7/19/2006E-mail and Telephone Fraud WarningConsumers should be aware of a new scam known as “vishing”, short
for “voice phishing”. Vishing is a variation on the
“phishing” e-mail
scams that have been used by fraudsters in recent years.
The original phishing e-mails are crafted to look like messages from major
banks
or other financial service providers (sample provided below). These messages
generally
instruct recipients to click a link in the e-mail to confirm their personal
information.
The link then connects them to a bogus site that mimics the service
provider’s
site, where consumers are prompted to provide or verify private information,
such
as credit card numbers or an on-line banking password, which is then used by
thieves
to tap into accounts.
Vishing hooks consumers using two different approaches. The e-mail based
version
of the scam, like the original phishing, uses e-mails that mimic messages from
an online payment service provider, such as PayPal or eBay. The messages may
say
that there is some problem with the recipient’s account. Instead of
providing
a link to a fake website, vishing e-mails provide a false customer-support
telephone
number. When consumers call, an automated service prompts them to “log
in” by
providing account numbers and passwords, using the telephone keypad.
Consumers may also receive direct calls at home, or messages left on their
answering
machine warning that their account may be at risk and suggesting they call
customer
support immediately. Fraud artists may even try to gain consumers’
trust
by “confirming” personal information they have on file, such as the
clients full name, address or credit card number.
If you receive one of these messages:
|
DO NOT respond to an e-
mail asking you
to disclose personal information, such as an online
password, your debit
or credit card numbers or your personal identification
number
(PIN). |
|
Do NOT use the phone
number provided in
the e-mail or in the telephone message without first
verifying that it is
valid.
To confirm that the phone number provided is legitimate,
contact your
financial
institution using the phone number provided on the back of
your debit or
credit
card, your monthly statement or a published number you have
looked up
yourself. |
|
In some cases,
financial institutions
may contact you by phone or leave you a voicemail message
if they suspect
fraudulent activity on your debit or credit card or
account. As part
of a legitimate conversation with your financial
institution, you may be asked
questions to ensure they are speaking to their client. You
will NOT,
however, be asked to verbally provide your PIN or
password. Use the
procedures
above to make sure that the financial institution you are
speaking with is
legitimate. |
|
As a general rule, always be
cautious
about how and with whom you share personal and financial
information. |
Many financial institutions have publicly committed to protecting their
customers
in the event of fraud. FCAC oversees public commitments made by federally
regulated
financial institutions. If you are the victim of fraud as the result of a
phishing
or vishing scam and are being held liable by a federally regulated financial
insitution,
or for more information on your rights and responsibilities, please contact
FCAC
toll-free at: 1-866-461-3222.
Tip: Always verify that any
e-mail you receive
from a financial institution is legitimate by calling the number on your
statement
or bankcard and speaking to a customer
representative.
|
Sample fraudulent e-mail:
Related Links
Warning Circulars
Office of the Superintendent of Financial Insitutions: As
part of its contribution to the soundness of the Canadian financial
system, OSFI publishes the names of entities that it believes may
be of concern to the business community and the public.
Latest Scams/Fraud
Royal Canadian Mounted Police
PhoneBusters
Established in January of 1993, PhoneBusters is a national anti-fraud call centre
jointly operated by the Ontario Provincial Police and the Royal Canadian
Mounted Police. PhoneBusters plays a key role in educating the public
about specific fraudulent telemarketing pitches.
Public Safety Portal
The Public Safety Portal is your one-window access to government information, services and
programs related to public safety and security in Canada.
|