Click on a question to show or hide the answer.
Q. What do I do if I've answered a fraudulent e-mail?
A. If you believe you may have responded to a fraudulent e-mail, change your AccèsD password immediately.
To do this, log on to AccèsD and click on User file in the upper right-hand corner of the AccèsD header, and then on Change password in the left-hand menu. If you notice any unfamiliar transactions in your account, contact your caisse or call one of the following numbers immediately:
- Montreal area: 514-522-2373
- Elsewhere in Canada and the U.S.: 1-800-CAISSES (1-800-224-7737)
If it concerns your VISA account, contact VISA Desjardins customer service:
- Montreal area: 514-397-4415
- Elsewhere in Canada and the U.S.: 1-800-363-3380
- Other countries: Call collect 514-397-4610
Also contact credit agencies such as Equifax (1-800-465-7166 or 514-493-2314) and TransUnion (1-877-713-3393 or 514-335-0374), so they may add a note in your file alerting credit grantors that you may have been the victim of fraudulent activity.
To find out more, see Online security.
Q. What is phishing?
A. Phishing is the practice of sending fraudulent e-mail asking the persons who receive them, under various pretexts, to update their banking or personal information by clicking a link directing them to a phony Web site. Pirates then collect the information provided and use it to make fraudulent transactions. The phony Web sites, just like the e-mails, appear to be authentic, often because they are exact copies of financial institutions' or companies' Web sites.
For example, after clicking on a link or attachment in the e-mail, users are taken to a dummy AccèsD logon page where fields were added to collect their personal information under false pretences (debit card number, AccèsD password, social insurance number, date of birth, etc.).
The term "phishing" is a variation on "fishing", in the sense it is done at large with the hopes that someone takes the bait and supplies the personal information requested. The term was inspired by the bad spelling of the first phishing attempts.
To find out more, see Online security.
Q. What is Desjardins doing to prevent phishing?
A. Desjardins has implemented 24-hour active surveillance to ensure a quick reaction if fraudulent e-mail is detected.
In addition, Desjardins scrutinizes each e-mail you submit because you believe it may be fraudulent.
To find out more, see Online security.
Q. Why am I constantly receiving fraudulent e-mails?
A. Scam artists may have obtained your e-mail address from a variety of sources.
- They may have used a spam mailing list on which your address is listed with or without your consent. (These lists are sometimes created from online contest entries. Always be sure to check out the legitimacy of a company before you enter their online contest.)
- They may have obtained your address via spyware installed without your knowledge on your PC. (Make sure your computer is protected against spyware.)
- They may have created hundreds of thousands of e-mail addresses randomly by combining first and last names and known domain names, one of which happens to be your personal e-mail address
Once scam artists find an e-mail address that works, they may be tempted to send e-mails to that address over and over again.
Though phishing is generally associated with e-mail, some computer criminals use the phone as well. In this case, pirates call victims on the phone and pose as a financial institution employee, an investigator or a police officer.
To find out more, see Online security.
Q. How can I tell that an e-mail is fraudulent?
A. You must be extremely careful, because the scam artists use the colours and logos of legitimate sites to make the e-mails look real.
Don't assume that you'd be able to recognize a fraudulent e-mail right away. Earlier phishing attempts involved badly-written e-mails and amateur page layouts, but today's phony e-mails are much sleeker and professional-looking.
To differentiate a phishing e-mail from a legitimate one, pay specific attention to the content of the message, instead of to the attached security features. Most of the time, these logos, signatures, security elements and backgrounds are counterfeits that are identical to the originals.
Here are some characteristics of fraudulent e-mails:
- The e-mails urge you to you act quickly under the pretext that:
- You are a finalist or winner of an official Desjardins contest (e.g.: "Desjardins pays your taxes!" contest).
- Your account may have been subject to unauthorized access (e.g.: a time and IP address may even be provided).
- You must update your personal information or your account will be frozen or deleted.
- Your account was used for fraud and you will be held accountable.
- You must sign up for a Desjardins online security feature (e.g.: AccèsD Safe).
- A simple accounting error has been made and corrected (in this case, you are not asked to do anything except click on a link to a phony Web site).
- The e-mails contain a hyperlink leading to a phony AccèsD site.
- The e-mails are often signed with the name or the logo of a security division.
- Some of the e-mails contain attached files.
Desjardins will never contact you by e-mail for any of these reasons or with any of these elements. Desjardins does not solicit members for personal and confidential information by e-mail. If you receive an e-mail like this, do not answer.
To send us information about an e-mail you’ve received and believe to be fraudulent, forward the e-mail and site address to us at phishing@desjardins.com. Please note that you will receive an automated response only to e-mail sent to this address. Caution: do not include confidential information such as an account number or PIN. For assistance, contact an AccèsD Services advisor at one of the following numbers: 514-253-7350 or 1-877-253-7350, Monday to Friday, 8:00 a.m. to 9:00 p.m. and Saturday and Sunday, 8:00 a.m. to 8:00 p.m.
To find out more, see Online security.
Q. Could I have visited a fraudulent site without first receiving an e-mail?
A. In order for attempted phishing to be successful, fraud artists have to create a phony Web site on the Web.
If you use a recognized search engine (e.g.: Yahoo, Google, MSN, etc.), you may come across phony AccèsD Web sites in your search results.
Desjardins always takes immediate action to shut down these fraudulent sites but sometimes, a few minutes or a few hours may go by before the appropriate authorities and ISP providers can act.
Never go to AccèsD via a search engine. Always type www.desjardins.com in your address bar and click on the AccèsD link.
To find out more, see Online security.
Q. The e-mail states that my AccèsD account is about to expire. Is this possible?
A. No, your account and the AccèsD service on which you make online transactions does not have an end date and cannot expire. Only you can decide to close your account or stop using the service.
To find out more, see Online security.
Q. What should I do if I receive an e-mail I believe to be fraudulent?
A. If you receive an e-mail asking you to update your personal information (debit card number, AccèsD password, social insurance numbers or date of birth) under the pretext that your AccèsD account is about to expire or for any other reason,
do not respond to the e-mail, click on the link displayed or open any attachment.
Send us the e-mail and site address to: phishing@desjardins.com. Please note that you will receive an automated response only to e-mail sent to this address. Caution: do not include confidential information such as an account number or PIN. For assistance, contact an AccèsD Services advisor at one of the following numbers: 514-253-7350 or 1-877-253-7350, Monday to Friday, 8:00 a.m. to 9:00 p.m. and Saturday and Sunday, 8:00 a.m. to 8:00 p.m.
To find out more, see Online security.
Q. Should I be concerned about the security of the personal information I've provided to my caisse or VISA Desjardins?
A. No. There are security measures in place to prevent scam artists from being able to access Desjardins computer systems. That's why they are attempting to obtain your access code, password, social insurance number, and birth date through phishing rather than through our systems. The Desjardins.com Web site is secure and your personal information will remain confidential.
To find out more, see Online security.
Q. Can I protect myself against phishing attempts?
A. Unfortunately, it is likely that you may occasionally receive fraudulent e-mail appearing to have been sent by Desjardins or other financial institutions.
Your best protection is to stay vigilant:
- Never respond to an e-mail requesting personal information, regardless of who the sender is.
- Never click on a link inside an e-mail to log on to AccèsD or any other transactional site requiring an access code or password.
- Never open e-mail attachments if you don't know the sender.
- Always access the AccèsD or AccèsD Affaires log on page from your browser using the www.desjardins.com address.
- Look for a closed padlock in your browser's status bar, ensuring you are in a secured online environment. Also make sure the address displayed has an "s" in "https". You should also be able to view the site's digital certificates by double-clicking on the little closed padlock in your browser's status bar.
Also ensure your personal computer is adequately protected.
To find out more, see How to protect yourself.
Q. What do I do if I've answered a fraudulent e-mail?
A. If you believe you may have responded to a fraudulent e-mail, change your AccèsD password immediately.
To do this, log on to AccèsD and click on User file in the upper right-hand corner of the AccèsD header, and then on Change password in the left-hand menu. If you notice any unfamiliar transactions in your account, contact your caisse or call one of the following numbers immediately:
- Montreal area: 514-522-2373
- Elsewhere in Canada and the U.S.: 1-800-CAISSES (1-800-224-7737)
If it concerns your VISA account, contact VISA Desjardins customer service:
- Montreal area: 514-397-4415
- Elsewhere in Canada and the U.S.: 1-800-363-3380
- Other countries: Call collect 514-397-4610
Also contact credit agencies such as Equifax (1-800-465-7166 or 514-493-2314) and TransUnion (1-877-713-3393 or 514-335-0374), so they may add a note in your file alerting credit grantors that you may have been the victim of fraudulent activity.
To find out more, see Online security.
Q. What is phishing?
A. Phishing is the practice of sending fraudulent e-mail asking the persons who receive them, under various pretexts, to update their banking or personal information by clicking a link directing them to a phony Web site. Pirates then collect the information provided and use it to make fraudulent transactions. The phony Web sites, just like the e-mails, appear to be authentic, often because they are exact copies of financial institutions' or companies' Web sites.
For example, after clicking on a link or attachment in the e-mail, users are taken to a dummy AccèsD logon page where fields were added to collect their personal information under false pretences (debit card number, AccèsD password, social insurance number, date of birth, etc.).
The term "phishing" is a variation on "fishing", in the sense it is done at large with the hopes that someone takes the bait and supplies the personal information requested. The term was inspired by the bad spelling of the first phishing attempts.
To find out more, see Online security.
Q. What is Desjardins doing to prevent phishing?
A. Desjardins has implemented 24-hour active surveillance to ensure a quick reaction if fraudulent e-mail is detected.
In addition, Desjardins scrutinizes each e-mail you submit because you believe it may be fraudulent.
To find out more, see Online security.
Q. Why am I constantly receiving fraudulent e-mails?
A. Scam artists may have obtained your e-mail address from a variety of sources.
- They may have used a spam mailing list on which your address is listed with or without your consent. (These lists are sometimes created from online contest entries. Always be sure to check out the legitimacy of a company before you enter their online contest.)
- They may have obtained your address via spyware installed without your knowledge on your PC. (Make sure your computer is protected against spyware.)
- They may have created hundreds of thousands of e-mail addresses randomly by combining first and last names and known domain names, one of which happens to be your personal e-mail address
Once scam artists find an e-mail address that works, they may be tempted to send e-mails to that address over and over again.
Though phishing is generally associated with e-mail, some computer criminals use the phone as well. In this case, pirates call victims on the phone and pose as a financial institution employee, an investigator or a police officer.
To find out more, see Online security.
Q. How can I tell that an e-mail is fraudulent?
A. You must be extremely careful, because the scam artists use the colours and logos of legitimate sites to make the e-mails look real.
Don't assume that you'd be able to recognize a fraudulent e-mail right away. Earlier phishing attempts involved badly-written e-mails and amateur page layouts, but today's phony e-mails are much sleeker and professional-looking.
To differentiate a phishing e-mail from a legitimate one, pay specific attention to the content of the message, instead of to the attached security features. Most of the time, these logos, signatures, security elements and backgrounds are counterfeits that are identical to the originals.
Here are some characteristics of fraudulent e-mails:
- The e-mails urge you to you act quickly under the pretext that:
- You are a finalist or winner of an official Desjardins contest (e.g.: "Desjardins pays your taxes!" contest).
- Your account may have been subject to unauthorized access (e.g.: a time and IP address may even be provided).
- You must update your personal information or your account will be frozen or deleted.
- Your account was used for fraud and you will be held accountable.
- You must sign up for a Desjardins online security feature (e.g.: AccèsD Safe).
- A simple accounting error has been made and corrected (in this case, you are not asked to do anything except click on a link to a phony Web site).
- The e-mails contain a hyperlink leading to a phony AccèsD site.
- The e-mails are often signed with the name or the logo of a security division.
- Some of the e-mails contain attached files.
Desjardins will never contact you by e-mail for any of these reasons or with any of these elements. Desjardins does not solicit members for personal and confidential information by e-mail. If you receive an e-mail like this, do not answer.
To send us information about an e-mail you’ve received and believe to be fraudulent, forward the e-mail and site address to us at phishing@desjardins.com. Please note that you will receive an automated response only to e-mail sent to this address. Caution: do not include confidential information such as an account number or PIN. For assistance, contact an AccèsD Services advisor at one of the following numbers: 514-253-7350 or 1-877-253-7350, Monday to Friday, 8:00 a.m. to 9:00 p.m. and Saturday and Sunday, 8:00 a.m. to 8:00 p.m.
To find out more, see Online security.
Q. Could I have visited a fraudulent site without first receiving an e-mail?
A. In order for attempted phishing to be successful, fraud artists have to create a phony Web site on the Web.
If you use a recognized search engine (e.g.: Yahoo, Google, MSN, etc.), you may come across phony AccèsD Web sites in your search results.
Desjardins always takes immediate action to shut down these fraudulent sites but sometimes, a few minutes or a few hours may go by before the appropriate authorities and ISP providers can act.
Never go to AccèsD via a search engine. Always type www.desjardins.com in your address bar and click on the AccèsD link.
To find out more, see Online security.
Q. The e-mail states that my AccèsD account is about to expire. Is this possible?
A. No, your account and the AccèsD service on which you make online transactions does not have an end date and cannot expire. Only you can decide to close your account or stop using the service.
To find out more, see Online security.
Q. What should I do if I receive an e-mail I believe to be fraudulent?
A. If you receive an e-mail asking you to update your personal information (debit card number, AccèsD password, social insurance numbers or date of birth) under the pretext that your AccèsD account is about to expire or for any other reason,
do not respond to the e-mail, click on the link displayed or open any attachment.
Send us the e-mail and site address to: phishing@desjardins.com. Please note that you will receive an automated response only to e-mail sent to this address. Caution: do not include confidential information such as an account number or PIN. For assistance, contact an AccèsD Services advisor at one of the following numbers: 514-253-7350 or 1-877-253-7350, Monday to Friday, 8:00 a.m. to 9:00 p.m. and Saturday and Sunday, 8:00 a.m. to 8:00 p.m.
To find out more, see Online security.
Q. Should I be concerned about the security of the personal information I've provided to my caisse or VISA Desjardins?
A. No. There are security measures in place to prevent scam artists from being able to access Desjardins computer systems. That's why they are attempting to obtain your access code, password, social insurance number, and birth date through phishing rather than through our systems. The Desjardins.com Web site is secure and your personal information will remain confidential.
To find out more, see Online security.
Q. Can I protect myself against phishing attempts?
A. Unfortunately, it is likely that you may occasionally receive fraudulent e-mail appearing to have been sent by Desjardins or other financial institutions.
Your best protection is to stay vigilant:
- Never respond to an e-mail requesting personal information, regardless of who the sender is.
- Never click on a link inside an e-mail to log on to AccèsD or any other transactional site requiring an access code or password.
- Never open e-mail attachments if you don't know the sender.
- Always access the AccèsD or AccèsD Affaires log on page from your browser using the www.desjardins.com address.
- Look for a closed padlock in your browser's status bar, ensuring you are in a secured online environment. Also make sure the address displayed has an "s" in "https". You should also be able to view the site's digital certificates by double-clicking on the little closed padlock in your browser's status bar.
Also ensure your personal computer is adequately protected.
To find out more, see How to protect yourself.
By e-mail
By phone
