Alerts

Bulletin: Continuity Scam:

PDF

Canadian Anti-Fraud Centre

Purpose

This bulletin was created to provide Canadians with information about how to recognize and reject continuity scams.

Overview

As E-Commerce continues to grow, so do the opportunities to be victimized through online purchases– specifically with a credit card. Continuity scams largely take place when someone who is online observes a pop-up or advertisement offering a free trial or free gift upon completion of a survey. Consumers who participate are often asked to provide a credit card to pay for shipping and handling. Unless victims review the terms and conditions, it’s unlikely they will see the hidden fees associated to the offer, which includes overpriced monthly charges that are nearly impossible to cancel.

As 2017 begins, many Canadians are creating New Year resolutions, which can include healthier choices and weight loss. Continuity scams take advantage of these opportunities and offer free weight loss pills or free subscription to health products such as Acai Berries – assuming you sign up and provide a credit card for shipping. Victims will receive their product and witness a charge to their credit card. The prices can vary from $1.99 to $1000.00 and victims will continue be charged until the company is contacted and services cancelled. Additionally, it is not uncommon for victims to be charged more than once per month by multiple different merchants.

In order to stop the fraud victims should contact the suspected company requesting a stop payment and keep records of all correspondence. Victims can also refuse delivery of goods and should contact their respective financial institution or credit card provider to request a charge back due to fraud.

Warning Signs – How to Protect Yourself:

  • Review all fine print and terms and conditions before making a purchase
  • Conduct open source searches to see if anybody has suggested the offer is a scam
  • Beware of paid advertisements online. Paid banner ads are not always affiliated to the website you are viewing
  • Review credit card statements regularly for unauthorized charges

If you think you or someone you know has been a victim of fraud, please contact the Canadian Anti-Fraud Centre at 1-888-495-8501 or report online at antifraudcentre.ca




PHISHING SCAM: Automated Call:

Public Service Credit Union has been alerted to a phishing scam in the form of an automated call saying it is the credit union calling and not a telemarketing call. The caller tells the recipient to contact the credit union at 1-877-288-5599 to verify vital information. The member was asked for their debit card number. Members should not respond to this type of scam. If in doubt about the origin of a call please contact the credit union via any of the ways outlined on our web page.




VULNERABILITY: MemberDirect® Banking Clients: “Poodle” SSL v3 vulnerability detected:

Central 1 has become aware of a recently detected new vulnerability in the SSL v3 encryption protocol which when exploited allows information to be stolen from a web banking session using this encryption method. This vulnerability is being called 'Poodle’. Internet Explorer 6.0 (IE 6.0) exclusively leverages this encryption protocol. However, newer versions of IE (as well as Chrome, Firefox and Safari) could also be manipulated to exclusively use the SSL v3 encryption opposed to the newer TLS level that is used as the default setting in newer web browsers. Google Chrome and Firefox have already announced their deprecation of SSL v3, and will be blocking SSL v3 in their next releases to resolve this vulnerability. To exploit the vulnerability, the encryption protocol needs to be supported on both the browser as well as the server hosting the web session.

On March 1st, 2014, Central 1 communicated their current browser support for MemberDirect services:, which for convenience is outlined here. While Central 1 has not supported IE 6.0 for quite some time, we had not yet taken steps to block members from using this specific browser. Central 1 believes ‘Poodle' poses a significant risk, and unlikely to be patched in the future. As a result, with this information, combined with the knowledge that IE 6.0 comprises less than 0.10% of web traffic for all MemberDirect services, we have taken proactive steps to remove the support for the SSL v3 encryption protocol last evening from the MemberDirect servers to mitigate risk to your organization and your members. This action will prevent anyone from accessing MemberDirect using IE 6.0, or any browser version that is leveraging the SSL v3 encryption protocol.

Although volume is low, Central 1 is not aware if this is traffic originating from consumers, corporate clients, or even staff from within your organization. Once Central 1 implement the changes, these members will now receive a browser error when attempting to access MemberDirect, and may believe the site is unavailable. In these cases when reported, please direct the member to use any of the officially supported browsers listed here to continue online as usual.




PHISHING SCAM: MemberDirect® Clients:

Public Service Credit Union has been alerted to the presence of an SMS text messaging phishing scam that is contacting people across Canada. People receive an alert (sample below), requesting that they call a toll free number because their account has been locked due to exceeding online attempts. The text messages reference a financial institution name, however the person receiving the text does not always have a relationship with the financial Institution referenced, which indicates that the text messages are being randomly sent.

Customers that call into the number will be prompted for their card number, expiry date, and their personal access code. Your customers should not provide this information at any time, as this may lead to their account being compromised.

Public Service does provide MemberDirect Alerts, which advise customers their accounts have been locked out due to failing a password 3 times, or failing the Increased Authentication challenge question 3 times. In both of these cases, the Alert would populate with the following message format : “Login failed and account is locked. Contact Pubic Service Credit Union at pscu.ca.

If you have any questions, or concerns on this issue, please feel free to contact the MemberDirect Support team for assistance.




WIRE TRANSFER FRAUD:

Securities regulators in the United States have been investigating an international entity, Profitable Sunrise et al, which is currently involved in soliciting for “high-yield investments” through wire transfers.

The Alberta Securities Commission (ASC) has been alerted by First Calgary Financial, Calgary, concerning several of their clients who have attempted to withdraw significant funds from credit union accounts to be wired to the Czech Republic. First Calgary Financial employees identified the suspicious transactions and management notified enforcement personnel with ACS.

The entity operates a website, profitablesunrise.com, which is registered under the name Inter Reef, Ltd., 590A Kingsbury Road, Birmingham, U.K. B24 9ND, through a domain server located in California. The website solicits investments by affiliation with religious and charitable organizations, further touts a “Referral Program” where individuals can refer other investors and receive a commission of 5% of the amount invested, along with a higher yield on their investments.

Names associated to this investigation include: Roman Novak, Radoslav Novak and Inter Reef Ltd d/b/a Profitable Sunrise.

Any of your members who attempt to wire funds to this entity need to be warned and advised of the potential loss in this type of fraud.




PHISHING SCAM:

A phishing email claiming to be coming from cucardsonline.com asks members to click on a link that would appear to lead them to the MasterCard Choice Rewards website to enter personal information. This site is fraudulent. Please continue to educate your members that If they should receive this email, do not click on the link.

The fraudulent email may suggest that you have not logged in for a certain number of days, and need to update your information by logging in to the site. Do not do this. Although the link appears to go to the MasterCard site, it is really a copycat site created by thieves to steal personal and password information and possibly install a trojan horse virus on your computer.

If you receive such an email, immediately delete the email without clicking on the link.




FRADULENT EMAIL NOTICE:

IMPORTANT: A fraudulent email is being sent to some CUETS Financial customers. The email subject is "Your Attention is needed" and the senders' email is CUETS Financial messageid2217@cuets.ca. The email asks that you update your account information for your Credit Union Mastercard. If you have received this email, DO NOT follow the link or provide any personal information. Delete the email. This is a kind of fraud called phishing. Read more about phishing scams here. Reputable financial institutions will NEVER use email to request personal account information.

If you feel your card information has been compromised, contact the 1-800 number on the back of your credit card for immediate assistance, Card Services at 1-800-561-7849 or .




PHISHING SCAM:

We would like to make members aware of a scam in which people have received an email claiming to be from "Credit Union Canada" looking to verify and update their online information. This is a scam and members are advised not to click on the link in the email and to contact the office immediately and let us know. Remember, when you receive unsolicited emails requesting information to be cautious. Before doing anything contact the sender by a means you are familiar with and ask them to verify.

 

Find Branch/ATM

Enter address, postal code or branch name