Protect Against Fraud

Fraud  -  What you need to know

Fraud is defined as ‘an intentional deception made for personal gain or to damage another individual’.  Fraud can take on many different forms and doesn’t limit its victims to any specific age, race, geographic location or income level.

Affinity continually works hard to ensure that you enjoy a safe and secure banking experience with us.

Whether you choose to deal with Affinity Credit Union online, over the telephone or in person, we follow rigorous security procedures to protect your information and transactions against unauthorized access, disclosure, alteration and misuse.

Awareness is the first step in fraud prevention.  By learning about the different types of fraud and how to recognize them, along with using tools available to us in today’s market, you can minimize the chances that you will become a criminal's next victim.


Internet Banking

What Affinity is Doing:

Affinity Credit Union is committed to keeping our members’ accounts and financial information safe and secure.  Technology continues to be an area of rapid change and Affinity is continually reviewing our practices to ensure the protection of our members.

  • Secure firewalls help prevent unauthorized access to our systems.
  • 128-bit encryption, converting data into code to make it unreadable while in transit.
  • After 3 unsuccessful login attempts, your Internet Banking account is locked out.
  • Your Internet Banking session is automatically terminated if left unattended.

What You Should Do:

  • Make sure to use browsers with 128-bit encryption only.
  • Install firewall software from a reputable vendor.
  • Install an anti-virus program from a reputable vendor and keep it up-to-date.  Select software that scans files and email messages for viruses, worms, Trojan horses and other malware.  Run system scans and updates on a regular basis.  Many programs will update new virus definitions automatically.
  • Install anti-spyware software from a reputable vendor and keep it up-to-date.  Spyware collects information about you and your internet habits and relays the information to advertisers and others.  This technology has evolved into programs that can record your keystrokes and capture screen shots that are then used for malicious purposes.
  • Apply all recommended security updates in a timely manner to affected software components on every computer that you use for online banking.  In a Windows environment, this would include, but not be limited to, Microsoft (Windows, Office and others).  Apple (QuickTime, etc.)  Sun (Java), and Adobe (Acrobat, Flash).
  • Do not use software components (especially operating systems) for which the vendor has ceased to provide security updates.  An example would be Windows 95.
  • Consider subscribing to typically free security e-newsletters from software vendors like Microsoft which will keep you informed about updates and issues.
  • With respect to the points about anti-virus and anti-spyware software above, as an example, Microsoft offers no-cost anti-virus and anti-spyware software called Microsoft Security Essentials that can be downloaded from their official product web site.
  • Never download software or accept files or attachments unless you are confident in the authenticity of the source.
  • Disable file sharing on your personal computer.
  • Always access internet banking by typing www.affinitycu.ca or using a bookmark to access Affinity Credit Union’s home page.  Never use a link that has been provided to you in an email.
  • Never send personal information through an email.  For banking inquiries, always use Affinity Credit Union’s Secure Messaging feature.  The Secure Messaging link is located at the top of the Main Menu when you login to your Internet Banking session.
  • Do not leave your computer unattended while logged in to Internet Banking.
  • Always use the Logout button to end your Internet Banking session.
  • Clear your browser’s cache after each Internet Banking session.
  • Publicly accessible computers should not be used to conduct financial transactions as keystroke logging software may be installed.
  • All links that are sent in an unsolicited email message should be considered suspect and not clicked on.
  • Password Security
    • Choose an alpha-numeric password that is 7 digits in length and that is difficult to guess.
    • Change your password frequently.
    • Keep your password confidential.
    • Don’t write down your password or record it in a file on your computer.
    • Disable the web browser’s ‘auto complete’ feature that enters your password for you.
    • Use a unique password for each login ID.

back to top


Identity Theft

What Affinity is Doing:

  • Affinity Credit Union is committed to developing policies, procedures and service offerings that address privacy concerns.
  • Affinity MemberCards and Global Payment debit cards only contain the minimum amount of information required to complete transactions.

What You Should Do:

  • Carry only the credit and debit cards that you use frequently.  Store others in a safe place.
  • Cancel credit cards that you do not use.
  • Sign new cards immediately.
  • Never borrow or loan your cards to anyone.
  • Keep your card in sight when making a purchase.  Always retrieve your card and ask for your receipt or transaction record, even if the purchase was cancelled or declined.
  • Immediately report lost or stolen credit cards or discrepancies in your monthly statements.
  • When entering your PIN at a merchant or an ATM terminal, always place your hand over the keypad and position yourself so that you block others from seeing what you are keying.  Malicious cameras are often located in unsuspected areas to observe you as you key in your PIN.
  • Store your Birth Certificate and Social Insurance Number card in a safe place.  Never carry these cards with you.
  • Keep your wallet or purse close to you especially in public places.
  • Fine shred any documents that contain personal information such as credit card statements, bills, payroll stubs, and transaction records.
  • Promptly remove mail from your mailbox and ask Canada Post to hold your mail if you are going on a holiday.  Keep track of your billing cycles and inquire if credit card bills are not arriving on time as an unauthorized address change may have taken place.
  • Never provide personal information over the phone unless you initiate the call.  If you are asked to return a call regarding your finances or personal information, never use the phone number the caller provides.  Always use a phone number from a trusted source to return the call.
  • Look for the “lock” icon on a website before entering your personal information.  A closed lock or padlock indicates that the website you are on is secure.
  • Do not send personal information by email.  It is not a secure method of transmission.
  • Frequently check your credit report for changes or discrepancies.

back to top


Common Scams

Phishing

A fraudulent email or instant message that appears to be authentic because they often contain trusted logos.  The email usually contains a link to an unauthorized website in an attempt to gain your personal information.

  • Do not use the contact information in the email.
  • Contact the company using a phone number from a trusted source to verify that they initiated the email.
  • If it seems too good to be true, it probably is.  Most trusted companies will not notify you of prize winnings with an email and they will not ask for personal financial information in order to process your winnings or prize.
  • Phishing scams often try to appeal to you emotionally with exciting or upsetting information.  They hope that you will react immediately.
  • The web address that you are asked to reply to often appears unrelated to the email address that the email was sent from.

 

Tabnapping (“kidnapping” a browser tab is basically what this refers to)

Modern web browsers typically allow the user to open several tabs at once, each of which can contain a different web page. However, at any given point in time, only one browser tab can be active while the rest are inactive even though they contain a web page.  Tabnapping is a variation of a phishing attack that replaces the content of a Web page that is open in an inactive browser tab.  While a user is looking at an active internet tab, the malicious software is replacing the content on an inactive tab that may be open.  When the user clicks on the inactive tab, they are presented with a fraudulent login page.  The user will simply think that they left the site or had their login timeout.  For better protection against such an exploit:

  • Remember to verify the web address URL in the browser before logging into or entering any confidential information into online banking
  • Visit only trustworthy web sites on the machine from which you do online banking

 

Advance-fee Scam

Posing as a reputable financial institution, you are told you pre-qualify for a low interest rate credit card or loan.  It is often to help you repair bad credit.  Personal information and a monetary fee are requested up front to secure the offer.

  • A legitimate financial institution will never guarantee a card or loan before you apply.
  • Contact the company using a phone number from a trusted source to verify that they initiated the call.

International Scam

You receive a phone call, letter or email stating that someone has money stuck in a foreign country and they are looking for assistance to retrieve their money.  You are offered a large portion of the money and asked for your account information so that the funds can be deposited automatically.

  • Often this scam will request that you send a cheque to help cover the costs of getting the money through the red tape.  If a cheque is sent, the requests continue, possibly increasing each time.
  • Unauthorized transfers could possibly deplete your account.
  • They may send you a cheque asking you to cash it and wire a portion back to them.  The cheque will eventually be returned as counterfeit or NSF, leaving you with a loss.
  • These emails will often contain poor grammar or incorrect spelling.

Telemarketing Scams

  • A company phones offering insurance coverage for all of your credit cards for one fee.  They ask for your credit card numbers for their registry.
  • A caller claims that you have won a prize and then proceeds to ask you to send money before you can collect.   A legitimate prize winning will not cost you anything.
  • Often the caller will seem overly excited or pressure you for an instant response.  Be aware.

Card Skimming

Debit card fraud is steadily increasing.  Unauthorized card readers record the information contained in the magnetic strip found on the back of your card.  Your PIN is required to access funds, so hidden cameras are often set up to record you keying your PIN when you make a purchase.  By following the recommendations below, you can keep your money safe.

  • Make sure you see your card being swiped.
  • Be aware if your card is swiped more than once.
  • Always take your card and transaction record with you.
  • Always place your hand over the keypad and position yourself so that you block others from seeing what you are keying.
  • Never borrow your cards or disclose your PIN to anyone.
  • Never write your PIN on your card or keep it in your wallet or purse.
  • Stay focused.  Criminals may attempt to distract you during your transaction.
  • Choose a PIN that doesn’t contain obvious information such as a telephone number or date of birth.
  • Keep a record of your transactions and compare them to your statement regularly, especially on accounts that are not used often.
  • Report lost or stolen cards immediately.
  • Card reading devices can be added to the face of ATMs and read your card as it is inserted to the machine.  Be aware of any hardware that seems unusual or out of the ordinary.

back to top

Call us today at: 1.866.8MEMBER (863.6237) or email: questions@affinitycu.ca

© Copyright 2008 Affinity Credit Union. All rights reserved.

Last Updated: May 16th, 2012