Online Security
Online banking makes managing your finances easy and convenient. However, you should follow best practices to ensure total security whenever you go online to access your accounts. Because your online security is our priority, we have compiled suggestions and tips for safe browsing to help you avoid falling victim to Internet threats.
Tips for Safer Browsing
When visiting a branch, you can feel confident that your money is safe and secure, with the premises adorned by vaults, locked doors, security, and surveillance. Of course, we are keeping you just as safe when you bank online, but once your information reaches your computer, you have a responsibility to protect it.Personal Access Codes (PAC)
Online credentials may be numerous, needed for email accounts, social networking sites, online newspapers, and shopping websites. That's a lot of usernames and passwords – and it can be tempting to use the same combination for everything. But this makes it far too easy for hackers because they can access all your sites once they have one password. Login credentials are the keys to your accounts, so don't leave those keys around for anyone to find. For online banking, the key is your Personal Access Code (PAC).We recommend you:
- Choose a PAC that is easy for you to remember but difficult for others to guess. Avoid using current phone numbers, dates of birth, or social insurance numbers.
- Be smart, and don't save a list of your credentials on your PC. If you have to write them down, keep these details locked away somewhere only you can access or consider using password-management software, which secures and encrypts usernames and passwords and allows you to use a single master password.
- Do not share your PAC with anyone, especially online. Employees of our financial institution will never call, email, write or ask you to provide your online banking credentials. Ever.
- Don't authorize browsers to memorize your credentials. Saving these on your computer allows anyone using your PC to gain access to your login-protected sites.
- Consider changing your PAC every 90 days for optimum security.
Personal Details
When you move, it is essential to notify us of your change of address. If your mailing information isn't up-to-date, we will continue sending statements or letters containing personal information to your former address.e-Documents
Our e-Documents allow you quick and convenient online access to your financial documents: anytime, anywhere. Open the documents as PDFs and print your T5s, mortgage receipts, or transaction receipts only as needed while creating a safe and secure digital archive.Clearing Cookies and Cache
When you spend time on the Internet, your browser stores information, such as the websites you visit, the images and files, and your personal information, including passwords and login details. This data is held on your computer's hard drive and is known as a 'cache.' Even though you may have logged out and closed your browser, this information may remain accessible. You can protect your data by clearing your browsing history regularly.Private Browsing
Some web browsers have a feature that allows you to browse the Internet without the browser storing information, such as the sites you visit, the images you see, and videos you watch. People who share the same computer sometimes use this feature. Private browsing is a temporary option and must be selected for it to be activated. Private browsing, however, does not give you immunity to spyware or make you anonymous. It is still possible for your Internet service provider, employer, or the websites you visit to track your online activity.Monitoring Your Accounts
Frequently reviewing your paper and electronic account statements or registering for our transaction alert system ensures that you spot any incorrect or fraudulent transactions as soon as they occur. For example, suppose your card is skimmed (when embedded devices fraudulently copy the card's magnetic stripe and PIN at ATMs or point-of-sale devices), or unauthorized transactions have occurred. In that case, you will want to catch this as soon as possible. Therefore, every time you receive an account statement, verify you made all the transactions or let us notify you whenever there has been movement in your accounts (with the transaction alert system).Transaction Alert System
With this feature, you select to get notifications about specific account activity types, and we'll alert you through text message or email. These alerts allow you to monitor your accounts effortlessly and detect suspicious activity immediately.While our alert messages provide balances and account activity, they will never ask for or contain your details, account numbers, login credentials, or any other type of confidential information. Also, our notifications will never include any links or instructions to click or download anything.
Online Scams
While pickpockets can only target a few people each day, Internet fraudsters cast their nets more expansively, using the anonymity and reach of mass emails and fake websites. You can protect yourself from these situations by knowing how to identify and avoid these scams.Phishing
Phishing works by sending communications, which appear to be from your financial institution, but are not. You are asked, supposedly by your financial institution, to log into your online banking to verify account information. Often some security concern is cited as the issue. The fake email instructs you to click on a link that takes you to a non-legitimate version of your online banking site – one that is essentially indistinguishable from the legitimate site – where you're asked to enter your credentials.Once you click on the link, which directs you to a phishing website, you'll be prompted to enter personal or banking information. Phishing scams seek personal details, such as your address, social insurance number, or mother's maiden name. The details obtained will then be used for identity theft.
Scam emails purporting to be from your credit card company or financial institution often have some telling signs, including:
- Poor spelling or grammar
- Alarmist content, warning that your account will be closed if you don't provide your banking or personal details immediately.
- Notices that you've won a prize and are required to pay a fee to claim it
Pharming
Pharming occurs when hackers use malicious code on your PC, compromising your computer's host file and redirecting you to fake websites. The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser. With pharming, the dishonest redirection of URLs happens even when you type correct URLs directly into your browser, making you think that you're on the right website when you are not. Once there, you are asked to enter your online banking credentials or account information, which hackers take and use for criminal activity.How to Avoid Phishing and Pharming Scams
We will never send you emails or communications asking you to verify or provide your online banking details. The best way to protect yourself is never to use a link provided in an email to access your online banking (because we don't send those; scammers do). Do not open emails or email attachments from unknown sources. Scan email through your anti-virus software.Always type your financial institution's website address directly into your browser and remember to look for confirmation that you are browsing securely. The letter "s" in 'https' indicates you are navigating in a secure site compared to the open and unprotected 'http' URLs. Look for the 'https' when online shopping, too.
Anti-Virus Software
Install anti-virus software on your computer to protect your information, money, and privacy. Such software detects viruses and cleans your computer so that harmful viruses do not spread. Set up your anti-virus to run frequent scans and update the software as soon as it is required. Ensure you have real-time scanning of every email and every file you download.Malware
Malicious software (malware), spyware, worms, and Trojans are the same class of destructive viruses, just with different names. Nobody wants a computer virus; they can steal your personal information, take over your PC and use your computer to attack other people's computers. Your PC can become infected through email attachments, downloading infected content, or visiting harmful websites.Spyware
Spyware is what it sounds like – tracking software downloaded to your computer (without your knowledge) when you visit specific internet sites. Secretly, it gathers information about you and your browsing habits. This information can be trivial or include passwords and personal data that you wouldn't want criminals to get their hands on. It can also interfere with user controls and disable legitimate anti-virus programs.The best way to protect your computer against spyware is smart browsing. Stay away from sites that look unsafe and avoid streaming or downloading content from untrustworthy sources. In addition, many anti-virus products offer targeted spyware solutions that inspect your operating system, install programs, downloads and files.
Scareware
These scams pop up on your screen and display alarmist warnings, telling you a virus has invaded your computer. Scareware prompts you to download (and often pay for) fake anti-virus software to remove the non-existent viruses. Scareware is a scam that tries to trick you into paying money in exchange for nothing.You can protect against scareware by keeping your anti-virus software up-to-date and by being judicious about what you choose to download to your computer. You should also familiarize yourself with the interface of your legitimate anti-virus program, so you won't be fooled if one of these pop-ups appears.
Online Shopping
Public Wi-Fi
Protect yourself from threats with these tips:
- Use only a trusted computer to access your online banking. Don't use shared computers.
- Manage your online banking only from secure networks. We recommend that you don't use unsecured public networks for anything sensitive.
- Connect only to password-protected networks. If there are several networks available, ask employees of the organization which network they operate.
- Never leave your computer unattended, especially when you are banking online.
- Use different PACs and security questions as login credentials. If someone obtains your credentials for one site, such as a social networking site, you don't want them to be able to access your other ones.
- Ensuring you log out before you close your browsers.
Shopping Online
Consider the following tips when using your credit cards online to ensure your information stays secure:
- Make sure that you are shopping at a trusted retailer when you enter your credit card details online.
- Provide retailers with only the necessary details to complete the transaction. These include your credit card number, expiry date, the security code on the back of the credit card, and the card's billing address. Never provide your social insurance number, account details, or your mother's maiden name. We recommend you not use your online banking PAC for shopping sites that require you to register with a username and password.
- Use your credit cards only on e-commerce websites that use secure browsing technology on the screens where you enter your card information. Ensure the web address begins with 'https' (instead of 'http') and has a closed padlock icon on the screen.
- Ensure that smaller retailers requesting credit card details have reputable contact details and a physical address, and you feel comfortable providing them with your card information.
- Never give your account or credit card details to anyone on eBay, Kijiji, or Craigslist.
Securing your device
We have created a secure channel to communicate with our customers, but you need to do your part by maintaining your computer, ensuring it stays up to date and virus-free.Operating Systems
Keeping your software up-to-date is one of the most important ways of staying safe online because it is much harder for viruses to infect an updated operating system and software. Hackers are targeting operating systems with new viruses all the time, and software companies combat these efforts with security patches. You should always download the latest security patch as soon as it becomes available.You should also remember to back up your data. Eliminating a virus that has infected your machine may require the re-installation of your operating system. Protect yourself against the permanent loss of important data by frequently backing up your files on an external hard drive so you'll have the data should you ever have a problem with your operating system.
Browsers
Whether you use Internet Explorer, Firefox, Safari, Chrome, or something else, stay safe online by using the latest version available. The latest web browsers have security features to identify and block harmful and fake websites and pop-ups and warn you if a site is unsafe. Some browsers also have a 'Private Browsing' feature, which conceals your browsing history from others.Firewalls
Most computers now come with a firewall as part of the standard operating system. However, you can get the maximum protection for your computer by installing additional firewalls and ensuring they are up to date.Protecting Your Smartphone
Make sure your information stays secure while you're on the move by following these smartphone-safe browsing tips:
- Activate your phone's password feature, which locks the screen and prevents anyone but you from accessing your phone. Set up the password feature on your phone with a code that only you know.
- Don't connect to unknown networks through Wi-Fi hotspots to make financial transactions.
- Never download media or images, or click on text-message links from unrecognizable people or phone numbers.
- Never provide personal details or any account details using any form of electronic messaging because this is not a secure form of communication. If you are unsure, don't hesitate to get in touch with us.
- Download apps exclusively from the official source for your smartphone's platform, such as the Android or Apple stores.
- Install anti-virus software for your smartphone when available and update it frequently.
- Install location finding applications, which work with your phone's built-in GPS. These applications allow you to locate or remotely erase (or "wipe") data in your phone if lost or stolen.
- Update your smartphone's operating system as soon as newer versions are available.
Security Guarantee
Our online banking system is safeguarded with the best security available in a commercial environment, ensuring that your information is protected while data is transmitted between your computer and our banking server.Encryption
Internet encryption protects your information while it is in transit between your computer and our systems. Encryption ensures that data cannot be read or altered because the information is scrambled. Our online banking website uses a 128-bit SSL, encrypting both request and response transactions, through a secure connection. To establish a secure connection, verify that the prefix of our website address in your browser reads 'https' (and not simply 'http').Controlled Access to Your Accounts
Your accounts can only be accessed by providing the correct login credentials and Personal Access Code (PAC), which only you know. Our employees never know these details and will never ask you to provide them with this information.Enhanced Security Login Process
The first time you log into your online banking account, you will be asked to choose from a list of security questions and answers. Be sure to pick questions with answers that are not easy to guess. Use ones that only you know.For security reasons, we track the number of login attempts used to access your online banking. After a number of incorrect attempts to provide the correct PAC or answers to security questions, your online access will be immediately disabled. To regain access, please call our customer service representatives.
