Fraud Awareness Guide

We have compiled a list of useful tips and things to be aware of to help our members avoid falling victim for scams and frauds.

In today’s digital world, scams are becoming increasingly sophisticated, targeting individuals through emails, texts, phone calls, and more. Protecting yourself from fraud begins with awareness. This section is designed to help you recognise common scams, understand how they operate, and learn practical tips to safeguard your personal and financial information.

Whether it’s phishing emails, smishing texts, or vishing calls, staying informed about these tactics can prevent you from falling victim. At CANA Credit Union, your security is our priority. Explore this section to equip yourself with the knowledge and tools you need to stay one step ahead of fraudsters.

Fraudsters use a variety of methods to trick people into revealing sensitive information. Below are common scams to watch out for:

Common Types Of Scams To Be Aware Of

Phishing Emails:

Phishing involves fraudulent emails that appear to come from legitimate organisations, such as banks or service providers, with the aim of stealing personal information like passwords, card details, or login credentials. These emails often appear to be from legitimate sources, such as your bank, utility provider, or even government agencies

Example:

You receive an email claiming to be from your bank stating there’s an issue with your account. The email asks you to click a link to verify your details.

Smishing

Smishing texts

Smishing (SMS phishing) uses text messages to lure you into clicking a malicious link or providing sensitive information. These texts often appear to come from your bank, delivery company or another trusted organisation.

Example:
A text claims to be from a delivery service, stating you owe a small fee to release a package or that your parcel could not be delivered due to insufficient information provided. It can include a link to a fake website asking for payment details.

Vishing

Vishing Calls

Vishing (voice phishing) involves scammers calling you pretending to be from a trusted organisation to extract personal information or payment details. They often use fear tactics to coerce you into providing sensitive information.

Example:
A caller claims to be from your bank, warning of suspicious transactions on your account. They ask for your PIN or online banking codes to “secure your account.”

How Phishing, Smishing, and Vishing Works

Fraudsters rely on deceptive tactics to trick individuals into disclosing sensitive information. Here’s how these scams typically operate:

 

Impersonating Trusted Organisations

Scammers often pose as reputable entities like banks, government agencies, or popular companies to appear legitimate. They mimic official branding, such as logos, language, and tone, in emails, texts, or calls. This imitation is designed to build trust and make you believe the communication is authentic.

 

Creating Urgency and Fear

One of their primary strategies is to instil panic or a sense of urgency. Messages might warn of account suspensions, unauthorised transactions, or unpaid debts, pressuring you to act quickly. This emotional manipulation is intended to cloud your judgment and compel you to respond without verifying the request.

 

Malicious Links and Attachments

Phishing emails and smishing texts frequently include links directing you to fake websites that resemble legitimate ones. These sites are crafted to harvest your personal or financial information. Similarly, attachments in phishing emails may contain malware designed to compromise your device and steal sensitive data.

 

Exploiting Your Data

Once fraudsters obtain your information—such as login credentials, banking details, or personal identification—they can commit identity theft, perform unauthorised transactions, or access other linked accounts. Many victims only discover the breach after significant harm has been done.

 

How to Protect Yourself

  • Stay Alert: Avoid clicking links or opening attachments from unknown or unverified sources. Hover over links to check if the URL matches the sender’s organisation.
  • Verify Requests: Always contact organisations directly through their official channels to confirm requests.
  • Keep Personal Info Private: Never share sensitive details like passwords or financial information via email, text, or phone.
  • Spot the Warning Signs: Watch for misspellings, generic greetings, or requests demanding urgent action—common red flags.
  • Strengthen Your Security: Regularly update your software and use reputable security tools to guard against threats.
  • Report Suspicious Activity: Immediately notify your bank or the relevant organisation if you suspect a scam.

 

Staying cautious and informed is your best defence against phishing, smishing, and vishing attempts. If you are ever in doubt, do not engage and verify the request with the organisation through their official channels. Always think twice before sharing sensitive information.

More Useful Guides

Shopping online offers convenience, but it’s important to stay cautious to protect your personal and financial information. Here’s how you can shop safely online:

Tips for Secure Online Shopping

  1. Shop from Reputable Websites: Only purchase from trusted retailers. Look for “https://” in the URL and a padlock symbol in the address bar, which indicate a secure connection.
  2. Avoid Public Wi-Fi for Purchases: Shopping on public Wi-Fi can expose your data to hackers. Use a secure, private network or a virtual private network (VPN).
  3. Verify the Website’s Authenticity: Be cautious of sites offering prices that seem too good to be true or have poor design and spelling errors.
  4. Use Secure Payment Methods: Opt for credit cards or trusted payment services like PayPal instead of debit cards for added fraud protection. Avoid direct transfers or payments through unfamiliar platforms.
  5. Monitor Your Statements: Regularly check your bank and credit card statements for unauthorised charges, especially after making online purchases.

Stay Alert for Red Flags

  • Deals that seem unrealistic
  • Websites with inconsistent branding or poor grammar
  • Payment options that do not offer protection

Your debit card PIN is a key to your finances, and safeguarding it is essential to prevent unauthorised access to your account. Here are practical tips to keep your PIN secure:

Tips to Protect Your PIN

  1. Choose a Strong, Unique PIN: Avoid obvious choices like birthdays, sequences (e.g., 1234), or repeated numbers (e.g., 1111). Opt for a random combination that is hard to guess.
  2. Keep It Confidential: Never share your PIN with anyone, including family or friends. Legitimate financial institutions will never ask for your PIN.
  3. Cover the Keypad: When entering your PIN at ATMs or payment terminals, shield the keypad with your hand to prevent others from seeing it.
  4. Be Cautious of Skimming Devices: Inspect ATMs and card readers for any unusual devices or attachments that could steal your information.
  5. Do Not Write It Down: Memorise your PIN instead of writing it down or storing it in easily accessible places.
  6. Use Secure ATMs: Opt for ATMs located in well-lit, secure areas, such as inside banks, and avoid using standalone or isolated machines at night.

Red Flags to Watch For

  • People standing too close when you enter your PIN
  • Tampered card slots or keypads on ATMs
  • Requests for your PIN via email, phone, or text

Social media is a great way to stay connected, but it can also expose you to potential risks if you are not careful. Protect your privacy and personal information with these essential tips for safe social media use:

Tips for Staying Safe on Social Media

  1. Adjust Privacy Settings: Review and customise the privacy settings on your social media accounts to control who can see your posts and personal information.
  2. Think Before You Share: Avoid sharing sensitive details like your address, phone number, or financial information. Be cautious about posting real-time updates about your location.
  3. Use Strong, Unique Passwords: Protect your accounts with strong passwords and enable two-factor authentication (2FA) for added security.
  4. Beware of Phishing Scams: Be cautious of direct messages or links that seem suspicious, even if they appear to come from friends. Scammers often impersonate real accounts.
  5. Watch Out for Fake Contests or Giveaways: Be sceptical of offers that seem too good to be true or require you to provide personal details to enter.

Red Flags on Social Media

  • Messages claiming you have won a prize but require upfront payment or personal details.
  • Posts encouraging you to click on unfamiliar links.
  • Accounts that mimic someone you know but seem slightly off.

Investment scams are fraudulent schemes designed to trick individuals into investing money in fake or high-risk ventures. Scammers often promise high returns with little to no risk, targeting both new and experienced investors. Here are tips of how to recognise, avoid, and protect yourself from these scams:

Warning Signs of Investment Scams

  • Unrealistic Returns: Promises of guaranteed high returns with little to no risk.
  • Pressure to Act Quickly: Scammers use urgency to push you into making hasty decisions.
  • Lack of Documentation: No legitimate prospectus or details about the investment.
  • Unregistered Investments: Offers that are not registered with regulatory bodies.
  • Suspicious Platforms: Unlicensed brokers or online platforms with little information.

What to Do If You Suspect a Scam

  • Stop Communicating: Cease all contact with the scammer.
  • Report It: Notify your financial institution and local regulatory authorities immediately.
  • Warn Others: Share your experience to help others avoid falling victim.

What It Is:
Business Email Compromise (BEC) is a scam where fraudsters impersonate company executives, vendors, or employees to deceive businesses into transferring money or providing sensitive information. Scammers often use email to initiate these scams, creating fake invoices or requesting urgent payments to mislead employees into acting without verifying the legitimacy of the request.

How It Works:
BEC scams typically involve the fraudster impersonating a trusted contact within the business, such as a senior executive or a supplier. They may send an email with a request for a payment transfer or for sensitive data, often claiming urgency or confidentiality. These scams are convincing because they appear to come from a legitimate, familiar source, making it easier for the fraudster to manipulate the employee into taking action without hesitation.

Tips for Protecting Your Business:

  • Verify Requests: Always confirm payment or sensitive information requests by contacting the person directly via phone or in person before taking any action.
  • Check Email Addresses: Look out for subtle differences in email addresses or domain names. Fraudsters often change a single character in the email address to appear legitimate.
  • Be Cautious of Urgency: Scammers often pressure employees by creating a sense of urgency. Always take the time to verify before making any transfers or changes.
Stay Safe From Fraud

Useful Links

At CANA, we are committed to helping our members stay safe from fraud. If you ever have any doubts or need assistance, don't hesitate to get in touch with us. Remember: when it comes to fraud, prevention is always better than cure. For more info:

FraudSmart Citizens Information

If you have any questions or worried about fraud, contact us in CANA Credit Union.

Contact Us
Top