Committed to providing solutions for your future needs.

Book a meeting
(877) 422-6346 x 732
CANFIN
Grant Matossian, CPA, CFP
Grant Matossian, CPA, CFP
CERTIFIED FINANCIAL PLANNER® Professional

Show all articles

Posts

Personal Wealth and Finance


2023 FRAUD REVIEW: Be vigilant about fraud.

February 1, 2023

While a determined hacker targeting an individual will eventually be able to overcome any security precaution, most of us will never be so specifically targeted. Maintaining basic security hygiene and awareness would be enough for us to protect ourselves against almost all general online hazards. And yet, we continually find that loss of security, compromised accounts or stolen credentials can be traced back to a failure on the user’s part…if users allow their passwords to be broken or stolen, it allows hackers free access to any data stored on that site. 1

Visit the Canadian Government’s Fraud website

Keep your personal information private and safe. Never give out personal information by email, text message or on a website that appears to be fraudulent.

Update frequently. Regularly updating your operating systems, software and mobile applications, and passwords, adds an extra level of protection against fraud.

Report fraudulent messages. Some fraudsters imitate bank emails and text messages to steal your personal information. If in doubt, report the message by sending an email to your fraud prevention department at the bank.

Verify links and senders of links. Links to websites can accompany emails, texts, social media posts, and emails derived via forms. These can be placed by text manually or automatically by internet bots set up by fraudsters. Always move your mouse over the links in an email and verify the sender’s address. If in doubt, do not click on the links as this is certainly an attempt at fraud.

Keep your passwords secret. Companies, banks, or credit cards providers like Visa or Mastercard never ask you for your password, whether by text message, email or telephone. If someone asks you for your password, it may be a fraud attempt. Never share your passwords with anyone.

Use only very strong passwords. A strong password is quite long (the closer it gets to 21 characters, the stronger it is). In addition, you should use a different password for each of your online services (email, bank account, social network, etc.)

What should we know about password risk?

SplashData estimated that about 10% of users used at least one of the weakest 25 passwords. Microsoft revealed that 44 million users of various Microsoft service accounts were using vulnerable passwords that matched with a list of already-breached credentials. A survey from LastPass revealed widespread password re-use, with nearly 60% of users using the same password on multiple sites, even though 90% of respondents understood the security risks of password re-use. The same survey revealed that over 50% of users had gone longer than a year without updating their password. Anyone with access to these has access to the user’s account and all information stored on it with no checks or barriers.

We already have the technology to replace passwords, but new systems and products continue to employ passwords for authentication, and frequently allow for relatively weak password security. 3 It is important to change your password if a new system manager gives you access to software with an initial easy password. 4

Be vigilant about credit card fraud. Stolen credit card information or stolen credit cards or debit cards can allow anyone to charge by use a card’s tap function, or card number, name, dates and information. Thus it is important to not give out your credit card over the phone. It is not uncommon to observe an abnormal transaction in your credit card account. You can block your card to prevent further fraud attempts by calling the financial institution. Afterwards, make the necessary verifications or file a dispute. It is important to go over your statements every month as soon as they are available. Always call and cancel your card if lost. Previous charges and credits for returns you’ve made, will still apply to to new card.

The most preventable attack is Phishing.

The goal of the phishing scam is to trick you into clicking on a malicious link, downloading a malicious file, or giving away sensitive information. It does this through impersonation – pretending to be a legitimate person or entity. It uses social engineering to instil a sense of urgency or fear, hoping you’ll click without investigating its phoney claims too closely. Fraudulent websites are created to look like the real thing. Email addresses are crafted to appear authentic. Logos and verbiage are copied to seem genuine. It has become a critical online survival tool to be able to detect and thwart any phishing attempts…Even though the success rate for phishing attacks continues to go down each year, enough users still fall victim to make them worthwhile, with phishing accounting for 22% of all data breaches in 2019. 

Malware is becoming an increasing threat.

Malware can inadvertently be downloaded into your computer by simply clicking and downloading a file which contains a malware virus. 6

Currently there has been click-less malware introduced. Read up about it here on Wired.

As users, we also allow malware to be more of a problem than it needs to be. Phishing campaigns extensively employ emotional manipulation and psychological techniques, so falling for one can be excused as a human lapse. In 2017, it was found that less than half of Windows users had any form of antivirus installed. The situation is even worse among smartphone users, with only 39% having any form of mobile antivirus installed…Even as the built-in security for our devices improves, we continue to leave ourselves at risk by failing to keep our software updated.

Security by design is an important feature.

When software is being developed in beta as we advance, increasing security by design is a constant mantra of developers and firms offering services. It is important to continually keep ahead of potential threats as far as possible in the vast realm of risk with the Internet of Things. 8, 9

Password Managers 

Make sure that you use very strong passwords, with a different one per website, changing them periodically. Some people use a password manager such as LastPass which gives you a vault to keep all your passwords in. You can try the free version and it may be wise to upgrade for a small monthly fee. One of the bonuses of using a password manager is that it makes opening and reopening logins a breeze, saving you many hours over time. Your security may depend on you taking some time to read up on their website or a competing website to compare plans.

Many users are insufficiently protected against malware and don’t use an antivirus despite knowing the risks.

It should not be our first concern that we correctly distribute blame between industry and users; that will not help us solve the security issues that we all face. The way forward is to minimize the opportunities for human error to cause harm and work with user needs to make good security the natural behaviour, rather than the exception. 10

Beware of ​the following scams:

  • ​Telephone calls claiming to be from the Government of Canada.
  • ​Text messages and instant messaging that looks like it’s from the Government of Canada
  • Home title fraud is occurring. The fraudster impersonates the homeowner, borrowing money against the house referred to as HELO debt. Once approved, they steal the money.  You can purchase title insurance to protect property owners and their lenders against loss in relation to the title of the property or its owner. Mortgage free property is a target of this fraud as money is easier to borrow against a debt-free home.
  • Prepaid cards, bitcoin, e-transfer payment scams​.
  • ​Suspicious requests demanding immediate payment.
  • ​Watch out for emails claiming to be from the Government of Canada.
  • Beware of mail that looks like it’s from the Government of Canada.
  • Scams aimed at newcomers to Canada

1, 2, 3, 7, 9, 10  Michael Townshend, Avast

4, 6, 8 AdviceOnMedia®

5 Avast Software

 

Publisher's Copyright & Legal Use Disclaimer

All articles are a legal copyright of Adviceon®Media.

The particulars contained herein were obtained from sources which we believe are reliable, but are not guaranteed by us and may be incomplete. This website is not deemed to be used as a solicitation in a jurisdiction where this representative is not registered. This content is not intended to provide specific personalized advice, including, without limitation, investment, insurance, financial, legal, accounting or tax advice; and any reference to facts and data provided are from various sources believed to be reliable, but we cannot guarantee they are complete or accurate; and it is intended primarily for Canadian residents only, and the information contained herein is subject to change without notice. References in this Web site to third party goods or services should not be regarded as an endorsement, offer or solicitation of these or any goods or services. Always consult an appropriate professional regarding your particular circumstances before making any financial decision.

Mutual Funds and/or Segregated Funds Disclaimer

Commissions, trailing commissions, management fees and expenses all may be associated with mutual fund investment funds, including segregated fund investments. Please read the fund summary information folder prospectus before investing. Mutual Funds and/or Segregated Funds may not be guaranteed, their market value changes daily and past performance is not indicative of future results. The publisher does not guarantee the accuracy and will not be held liable in any way for any error, or omission, or any financial decision. Talk to your advisor before making any financial decision. A description of the key features of the applicable individual variable annuity contract or segregated fund is contained in the Information Folder. Any amount that is allocated to a segregated fund is invested at the risk of the contract holder and may increase or decrease in value. Product features are subject to change.