SECURITY IS EVERYONE'S RESPONSIBILITY

YOUR SECURITY COMES FIRST

Fraud is a reality in today's world and so we're committed to helping our members learn how to protect themselves and their information. From offering a secure online banking system, to training and educating our employees on fraud scams and detection practices—we offer our members a secure banking experience.

HOW WE PROTECT YOU

One of our most important objectives is ensuring that your online and mobile banking experience is as safe and secure as possible. To provide secure online and mobile banking, Envision Financial implements the following measures:

  • Automatic session timeouts—To prevent certain forms of session hijackings, online and mobile banking sessions automatically end if inactive for 15 minutes.
  • Temporarily disabling online account —To prevent against brute force password guessing attempts, online accounts are temporarily disabled if too many failed attempts to login are recorded.
  • Data encryption—Our online and mobile banking service ensures that any information in transit between your desktop or mobile device and our banking environment cannot be read or altered.
  • Communication standards—We will never ask you to provide your passwords/PINs in email or any other communication method. ​


HOW YOU CAN PROTECT YOURSELF

Security is a team effort and you play a leading role in the ongoing fight against fraudsters. If your personal information is compromised by criminals, you might receive letters seeking repayment of debts you haven't incurred or find unexplained withdrawals in your bank account. It can take a lot of time and effort to resolve such issues and your credit rating may be affected as a result.

By following some simple steps, you can safeguard your money and your information:

Protect Your Passwords

It is important that you protect the confidentiality of your passwords, namely your Personal Identification Number (PIN) and/or your Personal Access Code (PAC). Think of your PIN and your PAC as "keys". Instead of unlocking the door to your house or car, they serve to unlock the gateway to your financial and personal information.Here are some helpful tips to keep these two "keys" safe:

  • Keep your debit card in a safe place and don't lend it to anyone, including friends and family.
  • Memorize your PIN and/or your PAC — it's your electronic signature. If you disclose your PIN and/or your PAC to someone else, you could be held liable for losses.
  • If your MEMBER CARD® debit card is lost, stolen or retained by an ATM, notify your financial institution immediately upon becoming aware of the problem.
  • When selecting your PIN and/or your PAC, don't pick the obvious. Your name, your children's names, address, telephone number, social insurance number or date of birth are all easy to find out. Choose something more complicated. If you don't, you could be held liable for losses.
  • Don't let your debit card out of sight when you're conducting a transaction and don't let it be "swiped" twice. As soon as the transaction is complete, remember to take your card and the transaction record with you.
  • Don't use ATM or Point-of-Sale machines where you don't feel secure. If anyone tries to distract you, retrieve your card and leave.
  • If you have signed in to Internet banking, don't leave your computer unattended. Instead, Sign Out and then Sign In again when you are ready to stay at your computer until your banking transactions are complete.
  • When you're making a transaction, or if you are using a publicly viewed computer terminal to access Internet banking, use your hand or your body to prevent people from looking over your shoulder while you type in your PIN or PAC.
  • Regularly check your statements and balances to verify all transactions have been properly documented. If entries do not match your records, contact us right away.
  • Change your PAC and your PIN regularly.

Set Up Online Account Alerts

Stay on top of your account activity with free mobile/email alerts. Currently, there are two alerts available that can help guard you against potential fraud on your account

  1. Personal Access Code (PAC) changed
    f your PAC (online banking password) is changed, you’ll get an alert. If the PAC change wasn't authorized by you, you'll be able to report it to us immediately.
  2. New bill payee added
    We’ll alert you if a new bill payee has been added to your account options in online banking. Unauthorized new bill payees are often indicators of fraudulent activity commonly involving the transfer of funds out of an account to a phony vendor.

To set up alerts, just follow these simple steps:

  1. Log in to Online Banking (This functionality is not yet available on our new online banking experience)
  2. Click on Manage Alerts from the Messages & Alerts menu, then click on Register for Alerts.
  3. Add the mobile phone or email address where you would like to receive your alerts (if you’ve already added a phone for text banking you can use the same phone).
  4. Select the alerts you would like to receive.If you don't have access to Online Banking, just contact us and we'll be happy to set that up for you

Protect Your Dekstop/Mobile devices

Protect Your Desktop Device

  • Install and use a quality antivirus program and update the program regularly
  • Install and use a quality antispyware program and ensure it is updated regularly
  • Install and use a quality firewall program and ensure it is updated regularly
  • Never leave your computer unattended while using online banking – you should log off and close the browser prior to leaving your station
  • Install patches and updates to your operating system and applications as they become available from the manufacturers
  • Avoid use a public computer to conduct financial transactions as this substantially increases your risk of account compromise
  • Always log out of an online transaction session and close the browser
  • Clear the cache of your browser (this will help ensure that no one else can view any confidential information you may have entered)
  • Change your password for any secure site, including your online banking password, on a regular basis
  • Disable automatic password save features in your internet browser and software which is used to access your internet service provider
  • Make sure that you regularly check your Envision Financial account and report any suspicious transactions to your branch immediately

Protect Your Mobile Device

  • When purchasing a Smartphone, know the features of the device, including the default settings. Turn off features you aren't using to minimize risk.
  • Depending on the type of phone, the operating system may have encryption available. This can be used to protect your personal data in the case of loss or theft.
  • With the growth of the application market for mobile devices, you should look at the reviews of the developer/company who published the application.
  • Review and understand the permissions you are giving when you download applications.
  • Passcode protect your mobile device. This is the first layer of physical security to protect the contents of the device. It's also a good idea to enable the screen lock feature after a few minutes of inactivity.
  • Obtain malware protection for your mobile device. Look for applications that specialize in antivirus or file integrity that helps protect your device from rogue applications and malware.
  • Be aware of applications that enable Geo-location. The application will track your location anywhere. This application can be used for marketing, but can also be used by malicious actors raising concerns of assisting a possible stalker and/or burglaries.
  • It's not a good idea to "jailbreak" your phone to remove certain restrictions imposed by the device manufacturer or cell phone carrier. Doing this can increase your risk of exposing personal information to fraudsters.
  • Avoid allowing your device to connect to unknown wireless networks. These networks could be rogue access points that capture information passed between your device and a legitimate server.
  • If you decide to sell your device or trade it in, make sure you wipe the device (reset it to factory default) to avoid leaving personal data on the device.
  • Smartphones require updates to run applications and firmware. If you neglect running these updates, you increase your risk of having your device hacked or compromised.
  • Avoid clicking on or otherwise downloading software or links from unknown sources.
  • Use the same precautions on your mobile phone as you would on your computer when using the Internet.


Safeguard Your Cheques

  • Lock and secure your cheques; never leave them in a vehicle or area where they can be easily obtained.
  • Frequently check the number order of your cheque book; thieves may steal cheques from the middle or back of your cheque book in an attempt to conceal the theft.
  • When writing cheques use non-erasable ink and don’t leave blank spaces.
  • Don’t leave the payee blank and avoid making a cheque payable to “cash.”
  • Frequently check your account and report any discrepancies immediately.
  • If you suspect your cheques may be lost or stolen contact us immediately.

IDENTIFY AND PREVENT FRAUD

Fraud can happen to anyone, anywhere and anytime. Keep ahead of the scammers by doing everything you can to protect yourself. Read the below to learn how to spot the traps and avoid becoming a fraud victim.


Interac e-Transfer® Fraud

When sending an Interac e-Transfer, you have a role in protecting yourself against fraud by ensuring the recipient’s contact details are correct and up-to-date, and that you’ve chosen a security question that’s hard to guess. 

What is an intercepted Interac e-Transfer?

Interac e-Transfer is a popular method for sending money given its convenience and efficiency. All you need is access to online or mobile banking and the email address or mobile phone number of the recipient, and you can send money instantly to anyone in Canada.

While Interac e-Transfer uses a number of security measures, including encryption technology and secure login processes, money can still fall into the wrong hands in one of two ways:

  • If the recipient’s contact details are incorrect, the Interac e-Transfer can be mistakenly directed towards another person.
  • If the recipient’s email has been compromised, criminals can monitor the account for notifications from Interac. When they see one come through, they can use the deposit link to redirect the funds into a different account, if they can correctly answer the security question.

When sending an Interac e-Transfer, you have a role in protecting yourself against fraud by ensuring the recipient’s contact details are correct and up-to-date, and that you’ve chosen a security question that’s hard to guess.

If you are a member of First West Credit Union and you suspect you’ve been a victim of Interac e-Transfer fraud, please contact us right away. 

How to protect yourself from Interac e-Transfer interception

Protect yourself when sending an Interac e-Transfer by following these best practices:

  • Ensure the recipient’s contact details are correct and up-to-date.
  • Use a security question with a hard-to-guess answer. Don’t overestimate the security of the internet and email. The security question is there as a safeguard against the wrong person getting their hands on the Interac e-Transfer.
  • Never send the answer to the security question via the same means as the Interac e-Transfer itself. For example, if the transfer is sent via email, do not email the answer. Instead, provide it to the recipient via a telephone call or text message.
  • Consider setting up Autodeposit, which eliminates the need to manually deposit the funds and eliminates the opportunity for fraudsters to scoop the Interac e-Transfer. Encourage your frequent Interac e-Transfer recipients to also set-up the service.


Protect your email from being compromised with these tips:

  • Change your email passwords frequently. Ensure they are unique, complex and use a combination of uppercase and lowercase letters, numbers and special characters.
  • Maximize the security of your email accounts with strong challenge questions and two-factor authentication (when available). If these features are not available seek out a service provider that offers them.
  • Be careful when clicking links that are not familiar or trusted. Phishing links are a popular way for email accounts to be compromised.


Identity Theft

Do not give out personal information or account numbers to anyone until you have confirmed the identity of the person asking for it.  It is also a good idea to shred all documents containing your personal information.

What You Need to Know

Some examples of personal information which can be used by an identity thief to impersonate you are:

  • Social Insurance Number
  • Driver’s License Number
  • Health Care Card Number
  • Debit Card
  • Credit Card Numbers
  • PIN (personal identification number)
  • Address
  • Birth Certificates


Identity thieves gain your personal information by:

  • Stealing wallets and purses containing your identification, credit cards and debit cards
  • Stealing your mail, including you debit and credit card statements, preapproved credit offers, telephone calling cards and tax information
  • Completing a change of address form to divert your mail
  • Rummaging through your garbage or the garbage of business for personal information
  • “Shoulder surfing” at ATMs to obtain PIN numbers
  • Breaking and entering into your home
  • Looking at personal information from personnel or customer files in the workplace


Identity thieves use your personal information to:

  • Call your credit card issuer and, pretending to be you, ask to increase your card limit and change the mailing address on your credit card account.  The thief then runs up charges on your account.  As the bills are being sent to another address, it may take some time before you know there’s a problem.
  • Open a new credit card account using your name, date of birth and SIN number.  When they use the credit card and don’t pay the bills, the delinquent account is reported on your credit report.
  • Establish phone or internet service in your name.
  • Open a bank account in your name and write off bad cheques on that account.
  • Use counterfeit cheques or debit cards to drain your account.
  • Obtain credit in your name (e.g. car loans, credit cards, mortgage).


How You Can Protect Yourself

  • Place passwords on your credit card, bank and phone accounts. Further protect yourself, by not using easily available information like your mother’s maiden name, your birth date, the last four digits of your SIN or your phone number or a series of consecutive numbers.
  • Secure personal information in your home, especially if you have roommates, employ outside help or are having service work done in your home.
  • Never attach or write your PIN number or SIN on anything you are going to discard, such as transaction records or scraps of paper, or on the card itself.
  • Ask about information security procedures in your workplace.  Find out who has access to your personal information and certify records are kept in a secure location.  Ask about disposal procedures for those records as well.
  • Deposit outgoing mail in post office collection boxes or at your local post office rather than in an unsecured mailbox.  Promptly remove mail from your mailbox.  If you’re planning to be away from home and can’t pick up your mail, the postal service will hold your mail from your mailbox until you can pick it up or at home to receive it.
  • Shred any important personal and financial paperwork when it is no longer required. Unless properly shredded, criminals could learn your name, address and other details by going through your household recycling and garbage and use this information to apply for credit, goods or services in your name.
  • Check your statements—Most financial crime goes undetected for long periods, because victims are simply unaware that it has occurred. By carefully checking your banking, credit card and any other financial statements on a regular basis (at least monthly) you improve the chances of having the fraudulent transactions resolved more quickly.
  • Find out how your information will be used and secured and whether it will be shared with others.  Ask if you have a choice about the use of your information. Can you choose to keep it confidential? Envision Financial will not ask you for your PIN number or other passwords during an authentication process.
  • Don’t carry your SIN card; leave it in a secure place.
  • Give your SIN only when absolutely necessary.  Ask to use other types of identifiers when possible.
  • Carry only the identification information and credit and debit cards that you’ll actually need. Cancel cards you don’t use.
  • Protect your computer with a good firewall and anti-virus software.   Take advantage of technologies that enhance security and privacy when using the internet, such as digital signatures, data encryption, and different ways of making the information anonymous.
  • Avoid posting personal information on publicly accessible websites and online bulletin boards.
  • Use strong passwords and avoid words that are easy to guess.  Don’t use the same password for different sites and don’t store your password on your computer.
  • Shop on secure websites.  Do not enter any financial information, including your credit card number, if you see a broken key or open padlock on your website browser.
  • Pay attention to your billing cycles.  Follow up with creditors if your bills don’t arrive on time.  A missing credit card bill could mean an identity thief has taken over your account and changed your billing address to cover his tracks.
  • Be wary of promotional scams. Identity thieves may use phony offers to get you to give them your personal information.
  • Keep your purse of wallet in a safe place at work.

How to Report Identity Fraud


​If you suspect that you are a victim of identity theft, you should:

  • Contact us immediately.
  • Call the police and file a report.  Ask for a copy of the police report and the police file number.
  • Obtain a copy of your Credit Bureau report.  If you see credit inquiries on your report that you didn’t authorize, have a fraud alert placed on your credit bureau report. You can do this by contacting Equifax Canada at 1-800-465-7166,