Fraud Prevention

Stop fraud before it happens

Phishing Scams

Canadians are encountering an increase in various phishing phone scams where fraudsters falsely claim to be from a legitimate organization (such as a financial institution, business or government agency) to trick Canadians into revealing personal information, like their bank account numbers, passwords, credits card numbers or even their social insurance numbers.

Check out the infographic for ways to spot phishing scams that may target you through a phone call, email, text message, webpage or social media. Take these steps to keep your data safe.

Learn more about phishing scams

How to keep your eCommerce website secure

Major shifts in customer behavior have occurred around the globe, including a focus on eCommerce in response to the overarching need for a convenient and touch-less experience. While the ease of digital transactions has made our lives simpler, it has also had implications on cybercrime as attackers take advantage of the increase in digital payments activity. Cybercriminals are finding it easier to discover personal information and breach data on company websites that customers have come to rely on and trust.

As more and more shoppers make their purchases online, keeping eCommerce fraud in check, while minimizing interruptions to good customers, is key. Whether you’re ready to take your business online, or are already running an eCommerce website, it’s important that you are aware of the risks and the right steps to secure your website. Here are some tips and best practices to guide you in doing so:

1. Keep all of your software updated

Attack target security flaws in popular web software, so it is crucial to keep all platforms, applications or scripts updated.

2. Protect your login pages with encryption

Use SSL encryption on your login pages to enable sensitive information such as payment card numbers and login credentials to be transmitted securely.

3. Backup your data

Back up your site regularly. You should maintain backups of all of your websites files in case your site becomes inaccessible from system failure or ransomware.

4. Conduct regular website security scans

Perform regular web security scans to check for website and server vulnerabilities on a quarterly basis at a minimum and after changes to your websites.

5. Choose a trusted hosting provider

Your hosting provider should back up your data to a remote server and make it easy to restore in case your site is hacked. They should also provide you with a Web Application Firewall and anti-virus protection, which guards against unauthorized intrusions to your website.

6. Use strong and complex passwords

To help project your website, passwords should be complex, containing uppercase letters, lowercase letters, numerals, special characters and should be changed regularly.

7. Keep your website clean

Delete any files, databases, or application from your website that are no longer in use and keep the file structure organized in order to track changes and make it easier to delete old files.

8. Monitor your Network assets

It is important to detect any unauthorized and unusual activity within your network infrastructure at all times. Deploying solutions like FIM (File Integrity Monitoring) and Website logging are key.