Cyber Security
It couldn't happen to me
Thousands of Canadians fall victim to scams every year. In 2022, the Better Business Bureau Institute for Marketplace Trust reported that 48.5% of Canadians aged 55-64 were impacted by scams, with 42% of Canadians aged 65+ being caught out. In the first quarter of 2023 alone, almost $135,000,000 was lost to scams in Canada, with just under 19,000 incidents being reported – this is only expected to rise year-on-year.
At FiftyUp, we work hard to make sure your personal information is secure. But no matter what processes and technology we have in place to help keep you safe, knowing how scammers operate will always be the best way to protect yourself against the rising threat of scams.
Wait, what exactly is a scam?
Have you been contacted by someone out of the blue? Have they promised you something, or asked you to do something for them? Or is what they’re offering seem too good to be true? Be careful, it could be a scam.
An online scam could be disguised as an offer of easy money, a great bargain, exclusive knowledge or even a new relationship, all designed to trick you out of your hard-earned money or steal your personal information.
Scams can find their way to you in an email, SMS or instant message, on a dating website or social media platform like Facebook or Instagram, video calls such as Skype or FaceTime, online surveys, or even a USB drive posted to your address.
Most scams fall into the following categories:
Subscription scams offer a free or low-cost trial of products or services then, once the scammers have your payment information, lock you into a monthly subscription that proves difficult, if not almost impossible, to stop.
Phishing and smishing scams often arrive as an unsolicited text or email that claims to be from a legitimate organization such as a financial institution or government agency, asking you to provide or verify personal information, either via email or by clicking on a link.
Identity theft uses spyware, viruses or phishing to collect personal information such as credit card or bank account details, social insurance number, online usernames and passwords, date of birth, driver's licence or passport number, which scammers then use to commit crime.
Romance scams lure people who are looking for a romantic partner with fake profiles, then use emotional triggers to trick or guilt them into providing money, gifts, or their personal details.
Health and medical scams often appear as sponsored posts on social media or website pop-ups, offering products and services that seem to be legitimate but are either different to what’s advertised, or don’t turn up at all.
Business scams could take the form of a fake listing or advertisement in a magazine, journal or business directory, or an invoice for items you didn't order, with scammers pressuring you into paying the amount they claim you owe and even threatening to involve the police.
CEO scams typically target employees in management positions, with scammers impersonating a senior executive either by gaining access to their email address or by imitating it, and sending authentic-looking emails to trick you into wiring money to a third party.
Tax scams can take the form of a fake SMS or email from the Canada Revenue Agency (CRA), either letting you know that you're entitled to an extra refund that requires confirmation of your personal details or informing you that you owe money and the authorities will be notified if you don’t pay right away.
Door-to-door scams involve salespeople using high-pressure tactics to convince you to buy a product or sign up for a service that you don't need. In many cases, you'll never receive the promised product or service, or the quality is poor or otherwise not as promised.
Emergency scams often start with a phone call from someone claiming to be a family member, telling you that they’re in trouble and need money immediately.
Unexpected money scams involve promises of a large sum of money, such as an inheritance from a distant relative or a lottery win that needs to be moved to avoid tax, but require you to hand over your personal information or pay a fee to release the funds.
Buying or selling scams are designed to trick you into handing over your hard-earned cash for different products or services, usually through fake websites that look like the real thing or by sending you authentic-looking bills or invoices for things you’ve never ordered.
Cyber Security FAQsFrequently Asked Questions
-
Even when you have the best information, you can still fall victim to a scam. To help minimize further damage, follow these simple steps:
- Hang up - As soon as you realize you’ve been scammed, hang up the phone or shut down your browser window.
- No payments - Don’t send any more money, even if someone promises they can retrieve your lost money for a fee.
- Let your financial institution know - Ask your bank or credit union to put your accounts and credit cards on hold or cancel them if necessary.
- Security - Change the passwords on all your accounts and devices, creating a unique password for each. Update your anti-virus software.
- Log it - Log an incident report with The Cyber Centre to help them crack down on any illegal activity.
- Tell others - Scammers rely on Canadians being secretive, so telling your friends and family about a scam helps make sure everyone will be better prepared to avoid scams in the future.
For more detailed information on what to do if you fall victim to a scam, the Canadian Anti-Fraud Centre has a host of invaluable resources and a complete list of organizations that you can speak to if you need more help.
If you’re concerned that you’ve been scammed by someone impersonating FiftyUp, please contact us immediately. The sooner we know about your situation, the sooner we can take steps to minimize any further damage.
-
When it comes to your online safety, make sure you follow these hints and tips:
- Never share your PIN, security codes or passwords with anyone.
- Never write your password down and leave it where someone else might find it, such as your computer or on the fridge.
- Never click on any links in unsolicited emails or text messages. Known as phishing, clicking on these links can give scammers access to your electronic device, allowing them to steal personal information such as your passwords, bank details and credit card numbers. These links often look legitimate, but take you to a fraudulent website.
- At any time, be aware that the accounts of your friends or other contacts could be compromised and controlled by a third party. Before clicking on any link, no matter who it’s from, always move your mouse over the link to see where the link will take you to. If anything looks suspicious, confirm with the sender by contacting them through a different channel of communication.
- Never reply to an email or text message that asks for your personal information. Verify any request with the sender by contacting them directly through a different communication channel.
- Never give anyone access to your computer remotely, especially if you have been contacted out of the blue by someone you don’t know.
- Ensure your electronic devices are secured using biometric features such as Two-Factor Authentication (thumbprint or facial recognition), and always make sure your anti-virus software is up to date.
- Never use an obvious password, such as your birthday or your pet or child’s name, as a scammer can easily work these out by searching your social media accounts. Consider using a password generator to create unique, complex passwords for your devices and accounts. Change your passwords regularly and don’t reuse the same password on more than one account or device.
- Never store your passwords on a browser. Use a password manager to store them securely instead.
- Avoid connecting to a public Wi-Fi network. If you must use public Wi-Fi, never conduct any banking or login to websites that require your personal details.
- Never use a USB drive unless you know where it came from.
- Don’t answer calls from any phone numbers that you don’t recognize.
- Be wary of any business that requests an unusual payment method, such as direct fund transfer, money order, pre-loaded card, wire transfer, gift cards, or cryptocurrency. Confirm the request with the sender by contacting them directly through a different communication channel.
- Be wary of any new friend requests or potential romantic partners who ask for money or gifts soon after meeting them.
- Avoid any offer that pressures you into making an urgent decision.
- If you’ve received an offer that seems too good to be true, it probably is — this could include things like high-end fashion or popular electronic devices at bargain-basement prices, or a once-in-a-lifetime return on investment.
- If we send you an SMS or email, it will clearly identify us and provide a contact number. If you are ever in doubt about any message you receive from us, always go directly to our website by typing fiftyup.ca into a new browser window rather than clicking on any links in an email or SMS. It’s always better to safe, rather than sorry.
-
Data breaches occur when information being held by a bank, medical facility, educational institution, government department or commercial business has their online security breached, exposing confidential records and databases to hackers and other criminals.
Hearing that your personal information has been involved in a data breach can be stressful, but you can minimize any damage by taking the following steps:
- Confirm - When hearing about a breach, either directly or on the news, contact the affected party directly to make sure you aren’t being targeted by a scam. One easy way to learn if your phone number or email address has been involved in a data breach is to use a tool like Have I Been Pwned?
- Scan - Once you’ve confirmed that your information has been exposed, scan for malware on your phone, computer and other devices to make sure they aren’t infected with a virus.
- Assess - Next, you need to determine what sensitive information has been exposed. Depending on the type of breach, this can be confirmed by contacting the breached party for more information or reading related news stories. For example, if the breach occurred at your bank, it would be safe to assume that your financial information (account details, identifying information, etc.) is at risk, and you should take steps to secure it.
- Reset - You will also need to change the passwords for all your online accounts, even those that haven’t been involved in the breach. If any account uses your email address, name or other sensitive information to identify you, you should change the password.
- Observe - After your passwords have been changed and you’ve performed a virus scan on all of your devices, keep monitoring your accounts at least every few days for suspicious activity.
Stronger together
While it can feel like an impossible task to protect yourself from being caught out by a scam, you can greatly reduce your risk of becoming a victim by learning how scammers work – knowledge is your power!
To help educate yourself, Public Safety Canada, the Canadian Centre for Cyber Security and the Canadian Anti-Fraud Centre provide up-to-date information on how you can identify and avoid scams, including resources such as getcybersafe.ca and The Little Black Book of Scams.