How to protect yourself from fraud
Looking for a specific topic?
I want to know more about:
Understanding fraud
Fraud is any activity where a person knowingly misrepresents or deceives someone in order to get them to take an action which can result in the person giving up information, money or property.
What fraudsters want
When fraudsters engage someone, they are looking for one of a few things:
- Personal information: information that should only be known to the individual. If it falls in the wrong hands, the fraudster can use it to impersonate the person. An example of this might be passwords, a date of birth, social insurance numbers, etc.
- Access to accounts: information such as credit card numbers, bank accounts, balances, passwords. By getting a credit card number and the security code, criminals can begin racking up fraudulent charges on the cards.
- To pay for something: by applying undue pressure, a criminal may get someone to pay for a product or service that is not what they expected or ordered.
Common types
Here are some of the most costly frauds reported in Canada.
- Investment fraud: individuals are convinced to invest in cryptocurrencies and deceived into thinking that their investments are growing but when the victim tries to get a return on their investment, they are unable to.
- Romance fraud: with the growth in the number of online relationships, scammers are building a relationship with the victim, and using that trust to trick the victim into sending money to them.
- Merchandise fraud: online sellers use fake ads and reviews for great deals, then either don’t deliver or send counterfeit products.
- Extortion fraud: scammers use threats or pressure tactics to have people pay a sum of money (e.g., grandparent scam, ransomware).
Bell’s commitment to fraud prevention
Bell is committed to fraud prevention and has developed an extensive program to support fraud prevention. This program includes:
- A dedicated team of fraud specialists that focuses on prevention, detection and remediation to rapidly address fraudulent activity.
- Access and login controls with multiple protection layers to validate customers and ensure access is only given to the account owner.
- Proactive measures to examine transactions, identify suspicious account activities and engage customers to inform them and work towards a solution.
- Reporting methods that allow customers to easily report potentially fraudulent activity, allowing Bell to quickly investigate.
- Development and implementation of anti-fraud solutions to help customers with fraud challenges.
- Active collaboration with governments, law enforcement, businesses, the public and relevant interest groups to share the latest fraud information and evolving anti-fraud strategies and programs.
Bell’s communications to its customers will never:
- Request personal information, such as passwords, PINs, banking or credit card information unless we are responding to an inquiry made by the customer.
- Include links to virus removal tools. Instead, we will direct customers to support.bell.ca/Internet.
- Include attachments like executable (.exe) files, password-protected zip files or ISO files.
Learn more about how to identify fraud.
Recognizing fraud
Scamming methods
With our movement to a digital world, fraudsters can reach people anywhere, and the effort and cost to reach large numbers of potential victims is small. The digital world has been very economically beneficial for fraudsters. Since fraudsters are so innovative, there are many different types of scams that exist and the list is always growing. With all the different scams in today’s digital world, there are four main methods used that we need to be aware of:
- Email (e.g., phishing): this involves a person receiving a deceptive email which asks to click a link or view a document. The next steps then involve more deception to acquire personal information like banking or credit card account numbers.
- Mobile phone (e.g., smishing): these are similar to email scams but the deception is delivered is by a text message. A major challenge for people is that they get many text messages from numbers they do not recognize such as automatic notifications.
- Landline phone (e.g., vishing): this has been around longer. It involves cold calling individuals to get them to disclose personal information. Victims are now dealing with a real person and the scammer can be very intimidating and persuasive.
- Internet (e.g., viruses, malware): this involves deceiving a person into downloading software to their computer or phone. This software can be very harmful and is often looking to either steal personal information or to lock devices or data until a ransom is paid.
Common traits of fraud
In every type of fraud, the key attribute is deception. Fraudsters need to trick people for them to either feel comfortable disclosing information or take some sort of action. Human emotions are very powerful and are something that fraudsters rely on for their scam. Fraudsters are very adept at using social engineering – a concept that uses psychological manipulation to get people to do things or give out confidential information.
How can fraudsters play on our emotions to trick us? They use specific tactics to trigger emotional responses rather than logical ones. These can include:
- Make it seem very important: convincing a person that what they are talking about is highly important, very sensitive or confidential, it raises the stakes for the victim.
- Use a sense of urgency: requiring a very quick or immediate action increases concern and the need to take decisive action without thinking too much.
- Issue threats: combining importance and urgency with threats of a dire consequence further raises the stakes and adds stress to the decision.
- Make it too good to be true: the opposite of applying pressure is offering something so good that it is hard to believe, like a great offer or lavish prize. This can cloud someone's judgment because it’s so good.
- Ask to keep it private: by telling a person not to tell anyone, this puts added pressure on the victim and it also helps the fraudster because the victim will not ask someone else for their opinion.
- Appeal to a sense of duty: by saying “I can rely on you” or falsely stating how this will help others or the community puts added pressure on the individual to comply, not just for themselves but for others.
Learn more about what fraud looks like.
To learn more about how emotions play a role in fraud please read the article Emotions – the cornerstone of fraud.
Understanding vishing
Vishing (short for voice phishing) is a cyber crime that occurs over the phone. It involves a call being made to a potential victim in an attempt to retrieve confidential information, or in some cases, access to computers at your home or business.
Vishing relies on convincing people that the call is legitimate and that they are doing the right thing by following instructions. The caller will use threats or persuasive language to instill a sense of urgency and fear to make them feel like they have no other choice.
Common examples of vishing involve criminals who are calling and posing to be from the government, the tax department, credit card companies or even the police. They try to convince people that they need to follow the instructions in order to avoid significant penalties, to prevent accounts from being closed or even to avoid arrest. Another example is a call from a security company telling the person that there is a problem with their computer and that they need to log on to a website as soon as possible to avoid serious impacts. Similar scenarios are encountered by businesses wherein employees will receive a call from someone posing as an IT support employee saying they need to urgently log in remotely to your computer to fix an issue. If given access, malicious actors take control of the computer.
What to look for
The clues for vishing are:
- There is a high sense of urgency.
- Specific instructions need to be followed immediately.
- There is a threat of significant damage, penalties or even arrest.
- Payment is required over the phone, not in person.
- Payment is requested using unusual methods like gift cards or cryptocurrency.
How to protect yourself
If you receive a vishing call:
- Trust your instincts – if you answered a call you feel is suspicious, hang up.
- Never call a number back.
- Ask for proof of identity and the purpose of the call. If the caller is legitimate, they will have no problem providing information that you can verify by contacting the organization using publicly available contact numbers.
- Never share sensitive information over the phone. Be suspicious if you’re asked for information like account numbers, PINs and login credentials, or to change passwords.
- Be highly suspicious if the caller demands immediate payment and if the payment type is unusual in nature (e.g., gift cards, cryptocurrency).
- If you feel threatened, hang up, use the call trace function and call the police.
Bell’s communications to its customers will never request personal information, such as passwords, PINs, or banking or credit card numbers unless we are responding to an inquiry made by the customer.
Identity theft
Identity theft occurs when someone steals your personal information. To obtain your information, a criminal might pose as a legitimate business and contact you by phone (vishing), SMS (smishing) or email (phishing). A criminal might even search your trash for mail containing personal information and credit card receipts. In many cases, a pre-approved credit card application gives the criminal enough information to set up a credit card in your name.
What to look for
Here are some signs that you may be the victim of identity fraud:
- Charges on your accounts that you cannot explain
- Unable to access your account
- Your service may not work any more
- Being denied when applying for new services or loans
- Stop receiving bills
- New credit cards, loans or services in your name
- Collection notices or calls for unknown debt
How to protect yourself
- Don’t give out your personal information. Legitimate companies will never call or email you to request information such as passwords, or bank account or credit card numbers unless they’re responding directly to an inquiry that you know you've made.
- To make sure you’re dealing with Bell, you can always contact us directly. Be cautious about posting personal information on public websites, such as social networking sites. Fraudsters might use those personal details to convince you that they represent Bell or other companies.
- Use a shredder to destroy documents that contain personal information.
- Keep your passwords, bank account information and social insurance number confidential at all times.
How to report it
If you’ve been a victim of identity theft, you can visit the Canadian Anti-Fraud Centre or call them at 1 888 495-8501.
Common scams
Fraudsters are very innovative and over time have come up with a large number of different frauds and scams. Here are some notable ones that have been seen recently in Canada.
- Account takeover: fraudsters use techniques like phishing or smishing to gather login and password details to sign in and take over a victim’s account. They can then make changes to the account (e.g., passwords, addresses), and order products without the victim’s knowledge.
- Identity theft: using techniques like phishing or smishing or using information from a data breach, fraudsters collect and use personal information such as your name, date of birth, address, social insurance number (SIN) and other personal details to impersonate you for criminal purposes.
- Emergency scam: scammers claim to be someone you know and tell you that they need money immediately. A variation is the grandparent scam in which scammers impersonate a grandchild that is in trouble and needs urgent help. In these cases, there is a sense of urgency and often a request not to tell anyone. To learn more please read the article Understanding the “grandparents scam”.
- Cell phone service provider scam: the fraudsters call a customer offering them a deal on a new phone and plan. While on the phone, the fraudsters gather personal information then use it to contact the service provider and get new phones and services for themselves without the knowledge of the victim. Learn more about the Cell phone service provider scam.
- Investment scam: individuals are promised a quick return on investment, but when they try to recover their money, they will only get part of it, if any. This very often involves cryptocurrencies.
- Romance scam: scammers are active on social media and fake dating sites. They connect with the victim, and convince them to enter into a virtual relationship. Once they have gained trust, they will ask their victims to send them money.
There are many other examples of fraud. For more examples, please refer to the Canadian Anti-Fraud Centre.
Learn more about 12 scams of the holiday season.
Dealing with fraud
Top tips to protect yourself
For any type of fraud, there are some common tips to follow to protect yourself.
- Be careful when sharing personal information. Be wary of imposters who might contact you in various ways (phone, email, etc.) to collect personal information, credit card numbers, PINs and other details.
- Never share your PINs and passwords. Use complex passwords that are hard to guess, and change them frequently. Follow the guidelines on good password practices to protect yourself.
- Be wary of unsolicited offers, contests and investment opportunities. Always read the fine print. And remember – if it’s too good to be true it probably is.
- Do not open unsolicited email messages and do not click on links in emails or text messages unless you trust the source.
- Keep your computer’s operating system and firewall up to date. Be wary when downloading software, apps and files onto your computer or mobile phone.
- Immediately report lost devices or suspicious activity. For lost/stolen devices, log in to MyBell to report the loss and temporarily suspend your service. Alternatively, you can call us at 1 800 667-0123.
- Monitor your accounts and watch for unusual transactions.
- Avoid financial transactions on public Wi-Fi.
- Regularly check your credit report.
Bell will never contact you to ask for personal information unless we are responding to an initial inquiry made by you. To make sure you’re dealing with Bell, you can always contact us directly.
What to do if you suspect a fraud attempt
If you feel that you may be the target of a fraud attempt or scam, there are some important steps that you can take.
- If you receive a suspicious email that appears to be from Bell, forward it to phish@bell.ca then delete the email.
- If you receive a suspicious text or multimedia message, forward it to 7726 (SPAM) then delete the message.
- If you’re a victim of a ransom threat, never pay the ransom and immediately contact your local police.
To learn more, read the article Do you suspect fraud? What to do next.
What to do if you suspect fraud on your Bell account
If you don’t recognize transactions on your Bell account (e.g., phone upgrades, new lines) or if you suspect your device or SIM card has been compromised, take these steps:
- Contact the Bell Loss Prevention team at 1 800 509-9904 immediately.
- Change your MyBell password following good password practices.
- Monitor your account and report any suspicious activity or changes.
What to do if you’re a victim of fraud or identity theft
If you feel you may be the victim of fraud, there are some important steps that you can take.
- Contact your financial institution and protect your account by adding flags or changing passwords.
- Contact the credit bureaus (TransUnion and Equifax) to report the fraud.
- Document the sequence of events and gather proof (email, messages, receipts, etc.).
- Report the fraud to the police.
- If you've been a victim of identity theft, or telemarketing, email or Internet fraud, report it online at the Canadian Anti-Fraud Centre or call them at 1 888 495-8501.
- When possible, contact the company that is being imitated for the fraud scheme.
- Educate your friends and family on your experience – it may help them be more aware.
Stop telemarketing calls
Canada has clear rules around telemarketing.
The information below is a summary of what you can do about unwanted calls. For more detail on telemarketing and other privacy issues, see our overview of Bell's privacy practices.
Telemarketing calls (phone or fax)
Telephone or fax telemarketers must:
- Upon request, remove your name and phone number from their calling or fax lists.
- Upon request, provide a representative’s name, toll-free phone number and address for both the telemarketing organization and, if applicable, its client to whom you can call or write to ask questions, make comments, or to make or verify a Do Not Call request.
Reducing unwanted telemarketing calls or filing a complaint
If you want to limit the telemarketing calls you receive or complain, you can register your phone, mobile and fax numbers on the National Do Not Call List in any one of these ways:
- Online at http://www.LNNTE-DNCL.gc.ca
- By phone at 1 866-580-DNCL (3625)
- Via TTY device at 1 888-362-5889
- By faxing your fax number to 1 888-362-5329
Note: To register on the National DNCL by phone, TTY device, or by fax, you must call from the number you are registering.
There is no charge to register your number(s) on the National Do Not Call List. Your number(s) will remain on the National Do Not Call List for three years.
All telephone or fax telemarketing calls that are not subject to one of the exemptions listed below should cease 31 days after you register your number on the National Do Not Call list, except when you have provided an organization with express consent to call you.
To file a complaint, have the following information on hand:
- Your phone number
- Name and/or phone number of the telemarketer
- Date and time of the telemarketing call
The following types of calls are exempt from the National Do Not Call list rules:
- Calls from organizations that you have done business with in the past 18 months, or to whom you have made an enquiry in the past 6 months (unless you have registered on their individual do not call lists)
- Calls on behalf of registered charities
- Calls on behalf of political parties, nomination or leadership contestants, or candidates of a political party
- Calls from opinion polling or market research firms conducting surveys, when the call does not involve the sale of a product or service
- Calls from general circulation newspapers for the purpose of selling a subscription
- Calls to business consumers
Automatic dialling-announcing devices
Automatic dialling-announcing devices (ADADs) can store or produce telephone numbers to be called and deliver a pre-recorded or synthesized voice message.
The use of ADADs to make telemarketing calls is against the law, except where you have provided express consent to receive a telemarketing call via an ADAD from a specific telemarketer.
This does not apply to ADAD calls made for public-service reasons, including calls for emergency and administrative purposes by police and fire departments, schools, hospitals, or similar organizations.