Phishing
Security
Phishing
Learn to recognize how fraudsters use phishing scams to steal your personal and confidential data.
What is phishing?
Phishing is a type of fraud scheme or ploy. It occurs when someone posing as a legitimate financial institution or established company sends fraudulent mass emails or text messages.
Cybercriminals use these types of messages to try and get you to click links, images or files that redirect you to a phony website. Then they can get their hands on your information or install malware on your device with you none the wiser.
Fraudsters also vary these tactics on social media or over the phone to achieve their goals.
How to spot phishing scams
Phishing messages and phone calls are unsolicited. Fraudsters create a sense of urgency, promise monetary gain or claim there's a problem to get you to act without thinking and share your information.
Telltale signs of phishing
Urgency
You're pressed to update your bank account details, pay a tax agency or donate money after a tragic event.
Gain
Someone tells you that you've won a trip or prize, or received some money in your account.
Problem
You're told there's an urgent problem with your bank account, your operating system or a package delivery.
Recognizing a fake website
Fraudsters try and trick you into visiting "spoofed" or fake sites by using real names and logos. Some clues can help you spot a fake and avoid falling for it.
- Poor website design, unprofessional image
- Broken links and sloppy spelling
- Hard-to-locate company policies and contact information
- Questionable timing of prompts for information
How to react if you suspect a phishing attempt
Stop and take a calm look at the message received. Avoid clicking any links or opening any images or attachments. Don't reply to the sender. It only confirms that your email is valid.
3 things to check
Email address
Do you recognize the sender's email address? Does it look legitimate? Take a close look at the part after the at sign (@) symbol. Is it a personal or company address?
Link
Inspect the link to determine if it really leads to a legitimate business website. Pay close attention as fraudsters often change just one letter in the hopes of slipping under your radar.
- To inspect a link from your computer, hover your cursor over it without clicking.
- On a mobile device, press the link for a few seconds until a pop-up window showing you the full link opens.
Text
Ask yourself if there's good reason or logic behind the request to act quickly. Was it something you expected?
If you have any suspicions, use an official number to contact your financial institution or the organization in question. Never call a number included in a suspicious message.
Reporting a fraudulent email or text message
-
Forward the email or text message to protection@desjardins.com so we can inspect it. We'll send you an automated response. There will be no further follow-up.
In addition, follow your mobile service provider's reporting procedure for fraudulent texts.
- Delete the fraudulent email or text message.
What to do if you've clicked a link or opened an attachment
If you did not provide any personal or confidential information, report the phishing message. Make sure your device is virus-free, change all your passwords and keep tabs on your banking activities.
If you did provide personal or confidential information, report the phishing message and contact our security team and the authorities right away.
Who to contact if you've fallen victim to a phishing attack
Our security team
Montreal area:
514-397-8649
Elsewhere in Canada and the US:
1-866-335-0338
Other countries:
514-397-4610 (collect call)
Government
Report phishing attempts to the Canadian Anti-Fraud Centre and follow the recommendations for what to do if you're a victim of fraud.
Credit agencies
If you think your identity has been stolen, contact credit agencies to have a fraud alert added to your file.
Equifax: 1-800-465-7166
TransUnionTM: 1-877-713-3393
How to better protect against phishing scams
Be extra careful online to protect your information from phishing attempts.
3 good habits
Think twice before you click
Take a close look at any messages you get, especially unsolicited ones.
Stay informed
Make sure you know about the latest online scams.
Protect your devices
Install antivirus software and a firewall to protect against threats. And be sure to update them regularly.
Enhance your account security on AccèsD
Turn on 2-step verification to add an extra layer of security when you log in and keep cybercriminals out.
Further reading
FAQ – Phishing
The TransUnion TM in Canada is registered to Trans Union LLC.