Skip to main content

Follow ISN on

The Best
Just Got Better.

New Name. Same Standards. Exceptional Results.
Learn more about how joining ISN has enhanced our services here.

Fraud prevention month: Everything you need to know from smartphone security, to safe banking

March marks fraud prevention month – a time where credit card providers, banking institutions and security experts take to the campaign trail to remind people about the dangers of fraud and security risks online.  As more and more stories of security breaches and online scams make the news, many would agree that there’s no time like the present to brush up on your fraud prevention skills.  Here are some tips to keep you safe when playing on your smartphone, making everyday purchases, or just checking your email:

Practice good smartphone security

Smartphones may be one of the most commonly used tool in our arsenal, but many still may not know all of the risks associated with the features of their devices.  “Most Canadians are not aware of some of the risks involved in managing their own devices,” Michael Sangster, vice-president of federal government relations at Telus, told Global News.  Sangster pointed out that some smartphone users may not be aware of the amount of personal data some third party apps have access to. For example, data like your private photos, location data and even contacts can be accessed without knowledge.  If that data were to fall into the wrong hands, it could put you at risk.

To prevent this Sangster suggests that users only download apps from trusted sources – like the Google Play store or Apple’s App Store – and check the permissions and privacy settings for all of the apps they download.  Users may also want to consider cracking down on what apps they allow to track their geo-location.  Telus also allows customers to book one-on-one sessions at its learning centres where an expert can walk them through smartphone safety basics and teach them about their device.

Experts warn hackers are also increasingly hiding malware in mobile apps, or sending it through malicious text messages. According to security firm Symantec, only about 50 per cent of mobile users have some sort of malware protection on their mobile devices.  To protect against malware, make sure your device’s operating system is up to date – ensuring you have the latest security patches from the manufacture. You can also download malware protection for some platforms, like Android.

Be smart when making purchases with your bank card

According to the Interac Association, Interac debit card fraud losses, thanks to skimming scams, are at a record low in Canada – decreasing 45 per cent to $16.2 million in 2014 from a previous low of $29.5 million in 2013.  Experts say most of this is thanks to Canada’s use of chip card technology – which is proven to be more secure – but it’s also causing criminals to become more creative when it comes to defrauding people.  “[Chip cards] are acting as a great deterrent, but criminals have had to be creative and try to trick the customer into using mag stripe [which is less secure],” said Cpl. Tim Laurence, investigator with the RCMP’s integrated counterfeit enforcement team.  Lawrence said one of the most common tricks nowadays is to trick people into using the magnetic stripe for the transaction.  “Right away that brings you down to a lower level of security for your transaction,” he said.

If a merchant asks you to revert back to using the magnetic stripe instead of your chip, proceed with caution – especially if the machine appears to have a chip reader. Laurence also suggested that people try as often as possible to insert their chip card themselves, as one trick criminals use is to insert the card wrong in order to start a magnetic stripe transaction.  He added one of the trends the RCMP is seeing is that Canadians are being defrauded more in the U.S. because they use magnetic stripe transactions.   “People should be alert and cognisant, but if they continue to practice safe handling of their pin and never let their card out of their site, generally speaking [fraudulent] transactions should be kept to a minimum,” said Laurence.

If you suspect that your card has been defrauded, make sure to contact your local authorities immediately. While most people will contact their card provider, Laurence said many don’t think it’s important enough to contact police about.  “For us as police officers to combat this we have to hear about it,” he said.  According to a poll conducted by Interac, 45 per cent of Canadians have concerns about retail data breaches, such as last year’s Home Depot breach. However, it’s important to note the Interac network is not susceptible to fraud from retail security breaches.  “Interac rules do not allow the number on the front of the payment card to be used as an account number; it is only an identifier for Interac transactions. This means that any data captured or stolen through skimming or a breach is entirely useless to a criminal because it cannot be used to conduct transactions, online or in person. No personal financial information is ever shared or stored with retailers,” reads a release from Interac.

Know how to spot a phishing scam from a mile away

“Attackers will always find someone that will fall for their tricks,” said Alexander Rau, national information security strategist at Symantec Canada. “As long as they work they will keep using them.  For the most part, common sense and a careful eye will help you spot a phishing scam. One of the most common ways that fraudsters will try to fool you is by using official company logos or insignias. In some cases, the email address or web address may look close to the company’s name, but is slightly altered or off by a letter.  This tip is especially important: Never click on a link included in a suspicious email. Often attackers will use a legitimate web address in the hyperlinked text of the email, but once you click on the link it takes you to a malicious website.  To check a link, hover your mouse over it – without clicking on it – and a small yellow box will appear, showing the actual web address the link will take you to. If the link doesn’t match the hyperlinked text, it’s likely malicious.

Global News