Important Notice: Beware of Unsolicited "Phoney" E-mails
Be cautious of e-mail and Web sites pretending to represent a legitimate company that ask you to provide confidential and financial information.
RBC Financial Group will never ask you to provide confidential information through regular e-mail. If you receive an e-mail that asks you to provide confidential information such as your account numbers, PIN or password, do not respond and contact us immediately. We take any unauthorized or fraudulent activity very seriously and will engage in a full investigation if we feel a client has been victimized.
In addition, we want you to be aware of the more common techniques that are being used to steal personal and financial information.
What is Phishing?
Phishing is a type of fraud that is designed to trick individuals into disclosing confidential and financial information for the purpose of identity theft.
How it Works
- You receive an unsolicited e-mail appearing to be from a legitimate and reputable company, like RBC Financial Group.
- The e-mail may raise concerns that your account information is out of date or that you have received money. There is usually a sense of urgency and there may be a consequence associated with the request. For example, you are asked to validate your account information in order to prevent it from being suspended or terminated.
- You are asked to take action by following instructions that usually involve having you click on a link that takes you to a fake Web site. The fake Web site appears valid, often complete with a legitimate company's brand name and logo. Often the link and the URL address of the fake Web site look very similar to the URL address used by the real Company that is being spoofed.
- You are asked to provide or update your personal and financial information by completing an online form or by responding to the e-mail directly. You may be asked to provide a variety of information such as credit card numbers, account numbers, passwords, date of birth, drivers licence number, and social insurance or social security numbers.
- Once the information is provided, it is captured by the fraudster who may use it to gain access to accounts or to steal your identity.
Tips to Help You Spot and Avoid a Phishing Scheme
As a general rule you should not provide your confidential and financial information over the Internet in response to unsolicited requests you receive. At RBC, we will never ask you to provide us with sensitive information such as your account numbers, PINs, passwords, Social Insurance number or Social Security number through regular e-mail. We will also never send you an e-mail requesting that you visit a Web site to provide us with that information. If you receive such a request, do not respond and contact us immediately.
Here are some additional tips to help you spot and avoid a potential phishing scheme:
- If you don't know the source of an e-mail or if it looks suspicious in any way, do not open it and delete it immediately. This is the best preventative measure to avoid falling victim to a phishing scheme.
- Just because an e-mail or Web site appears to be from a legitimate company doesn't mean it is. Phishing schemes are designed to look real and fraudsters will often use logos, trademarks, or even the entire look and feel of a valid Web page to trick users into believing that it is genuine. Inspect any trademarks or logos that are used in the e-mail or Web site. If the image appears to be different or distorted, the e-mail or Web site is likely a fake.
- Phishing schemes sometimes contain misspelled words. Look for these either in the message or in the hyperlink if one is provided.
- Avoid responding to an unexpected Web page or pop-up window appearing to be from a legitimate company that requests that you provide confidential information for a purpose that seems legitimate, e.g. to prevent a security threat or to validate an account, as it is likely a fake.
- Never click on a link contained in an e-mail that you suspect may be fraudulent. The link could take you to a fake Web site or initiate the installation of unwanted software onto your computer.
- If you have a relationship with the company mentioned in a suspect e-mail and you wish to call them to verify the request, do not use any telephone numbers provided in the e-mail message, as they may be fake as well.
- Always be suspicious of Web pages containing forms that collect confidential information, and do not use standard security features such as SSL encryption. Whenever you submit confidential or financial information online, always ensure that the Web site you are communicating with is secure. You can check the security of a Web page by looking for a security symbol such as a closed padlock in your browser screen. You can also check the URL in the browser address bar. It should start with "https:" rather than just "http" as this signifies that the session is encrypted.
- Always follow safe computing practices.
How to Report a Suspicious E-mail or Web Site
If you receive a suspicious-looking e-mail that appears to have been sent by any of the RBC Financial Group companies, please contact us immediately.
To help us with our investigation, please include a description of the incident and attach any e-mails you received in their entirety, that you suspect may be fraudulent. Avoid changing or retyping any part of the original message as this may interfere with our investigation. Once you have forwarded it to us, please delete the e-mail from your inbox.
From North America, call us toll free at 1-800-769-2555.
TDD/TTY users, please call 1-800-661-1275.
From overseas, please try our toll free access from 21 countries by dialling your country code + 8000 769-2555. Global Private Banking clients, contact your relationship manager directly. Alternatively, you may email firstname.lastname@example.org.
If You Believe You have been Victim of a Phishing Scheme
If you believe you have been a victim of a "phishing" fraud scheme, please contact Phone Busters at 1-888-495-8501 or email@example.com. Phone Busters is a division of the Ontario Provincial Police (OPP).
If you live in the U.S. please contact your local authorities as well as the FTC (Federal Trade Commission) at 1-877-438-4338 in addition to contacting Phone Busters.
You may also visit the "Protecting Your Identity" section of the RBC Security Web site for further information on what to do if you suspect you have been a target of fraud.