Phishing is a ploy that scam artists use when they send mass emails or text messages that look like they’re from a financial institution or legitimate company.

The emails and text messages are used by ill-intentioned people to steal your personal information or install malicious software on your computer, prompting you to click links or open attachments.

This kind of attack can cause serious damage: you could lose your data and the thieves could steal your personal information to commit further fraud.

Protect yourself by being vigilant and recognizing phishing attempts. A phishing email can take many forms but one common feature is that it’s always unsolicited.

1 simple thing you can do to avoid getting scammed

Before clicking anything, check the information:

  1. Were you expecting the email or text message?
  2. Pay attention to the type of situation that would try to incite a reaction from you:
    • Urgency
      The goal is to try to get you to do something quickly, without thinking about it first by stressing some kind of urgency.
    • Profit
      The goal is to get you to believe you received some unsolicited benefit or financial gain. Scam artists use profit to try to get you to reveal personal information.
    • Problem
      The goal is to alert you to a problem in your account, prompting you to reveal personal information in order to solve the issue.
  3. Check that the sender’s email address is familiar and legitimate, particularly the part after the @. Is it a personal or company address?
  4. Move your cursor over the link (but don’t click) to check that the address is legitimate and belongs to the company that sent it (watch for similar addresses).
  5. Assess the email’s relevance and plausibility. Be aware! Ask yourself if you’ve really entered that contest. Are you expecting a parcel? Is the procedure normal? Is it too good to be true?
  6. Never provide confidential information that can be used to authenticate your identity by email (e.g., social insurance number, credit card number, birthdate, password, etc.).
  7. Curb your curiosity and be wary of recognized logos and visual identities that are easily copied and can look like a real email or website.

Be aware

To learn more about how to identify fraudulent emails, visit the Prevention section of the Desjardins website.

Received or replied to a fraudulent email?

Visit the Security section of the Desjardins website for more information on how to report fraud.