this post was submitted on 15 Apr 2024
63 points (98.5% liked)

Canada

7203 readers
263 users here now

What's going on Canada?



Communities


🍁 Meta


πŸ—ΊοΈ Provinces / Territories


πŸ™οΈ Cities / Local Communities


πŸ’ SportsHockey

Football (NFL)

  • List of All Teams: unknown

Football (CFL)

  • List of All Teams: unknown

Baseball

Basketball

Soccer


πŸ’» Universities


πŸ’΅ Finance / Shopping


πŸ—£οΈ Politics


🍁 Social and Culture


Rules

Reminder that the rules for lemmy.ca also apply here. See the sidebar on the homepage:

https://lemmy.ca/


founded 3 years ago
MODERATORS
 

Manitoba RCMP is warning the public about interac e-transfer scams that are becoming more prevalent. In these instances, the victim receives an email which appears to be from someone trying to send them an interac e-transfer. At first glance it appears legitimate and when the victim clicks on the link and enters in their banking credentials, the scammers are able to steal the banking login information. This gives the scammers access to the account which allows them to withdraw large sums of money. Scammers are becoming more and more sophisticated, so extra caution is needed before you accept an e-transfer.

top 11 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 7 months ago (1 children)

I've always wondered why you needed to put in ALL your banking credentials to receive an etransfer if you don't have autodeposit on. Why not just have your username/access # only then have it put it in the default account or save it for later when you login. It just seems ripe for scams.

[–] [email protected] 5 points 7 months ago

I've never had to enter my credentials to receive an e-transfer before and I don't use auto deposit, that's pretty weird!

[–] [email protected] 11 points 7 months ago* (last edited 7 months ago) (1 children)

Scammers are becoming more and more sophisticated, so extra caution is needed before you accept an e-transfer.

This is not sophisticated, greedy people click links for free money then put their banking credentials into a page without looking at the address bar. The URL is always a red flag but "they're trying to send me money!"

If you are not expecting any money don’t click on links and try to deposit money

It's even in the article, no one is going to try to send you money. These scams rely on greed.

[–] [email protected] 4 points 7 months ago (1 children)

Shaming scam victims has been shown to make people less likely to seek help after being scammed. Your comment only serves to help scammers.

My dad was expecting an etransfer from a friend. He got a text for the right amount. He was on his phone and the URL was mostly hidden. It was the end of the day, he was tired, he let his guard down. Took us months to deal with the fallout.

The world isn't so black and white.

[–] [email protected] -1 points 7 months ago

Nothing against your dad I'm dealing with a similar situation right now as well, but there are several active steps to being scammed this way. I have also clicked suspicious links but then spent the next half hour trying to figure out if it's legit before moving forward.

Banks and credit card corps should be legally required to provide education to card holders AND restrict online access if the card holder can not demonstrate that they understood the information. It is not unreasonable for people to check a URL and recognize a fake financial login page after they have been shown how.

But the web has been treated like a toy, there is no education about it's safe use in schools and businesses would very much prefer that you and I know as little as possible about how it works. Lack of education is the underlying issue, your dad, like most people, probably doesn't look at the address bar or check SSL certs because that kind if thing is "tech stuff." But the web has been in everyone's pocket for almost 20 years, no one can say that it's too complicated or not important to learn how to be safe.

[–] [email protected] 6 points 7 months ago (1 children)

This is one of the many reasons that banks should stop being hostile to password managers. Browser-integrated password managers significantly help protect against phishing because my username + password won't auto-fill on the wrong domain. So I need to take my time and look up my password. Which will at the very least make me suspicious and give me extra time to consider what I am doing.

[–] [email protected] 7 points 7 months ago (1 children)

What do you mean banks are hostile towards password managers? I have yet to find a bank website or app that gives bitwarden any issue. Prior to LastPass becoming total shit I never had a problem with them either.

[–] [email protected] 9 points 7 months ago* (last edited 7 months ago) (1 children)

It is thankfully becoming more rare. But I have frequently seen some hostile behaviour.

  1. Not marking password fields as such so that they don't get filled.
  2. Blocking pasting into login fields.
  3. Requiring using some sort of on-screen keyboard to enter your password (or more often PIN).
  4. Requiring enter some characters of your password rather than the full thing. (ex please enter characters 1, 8, 2, 4 of your password).
[–] [email protected] 5 points 7 months ago

Time to name and shame that's some of the stupidest shit I've seen in a long time.

I know ATB so a Treasury not really a bank but they had an infuriating way of logging in as well.

After dealing with the big 4 I ended up using simplii for a while and they seem alright.

[–] [email protected] 7 points 7 months ago (1 children)

I got a couple of these about 2 weeks ago and just deleted them. Figured if they tried again I'd block the number.

Also received a few from so-called former "friends" looking to get in touch with me. Seeing as they spelled my name wrong and I haven't had contact with either of them in over 45 yrs I just deleted them too.

[–] [email protected] 4 points 7 months ago

I got the samething.