Phishing and fraudulent e-mails

What should I do if I've received a suspicious email?

If you think you’ve responded to – or have discovered – a phishing scam that claims to be from Vancity, contact us immediately. You can:

What is Phishing?

Phishing is a type of online deception, using fraudulent emails sent to unsuspecting users. It’s designed to steal personal data, such as credit card numbers, passwords or other account information, by masquerading as a legitimate business in an electronic communication – primarily by email.

How does phishing work?

In a typical phishing incident, a con artist will send you a fraudulent email message that appears to come from websites you trust – like Vancity or your phone company – and will request that you click on a link where you will be asked to enter your online credentials and provide personal information through a fraudulent website. The thief will then use this information they receive to access your bank or credit card accounts, spend your money or steal your identity.

Phony emails and websites often include official-looking logos and identifying information fraudsters have taken directly from legitimate websites. These copycat sites, also called "spoofed" websites, are often where people will unwittingly send personal information to con artists.

What we’re doing to protect you

Nothing is more important to us than the security of your personal information. If our employees or members identify a phishing site, we work to bring down the fraudulent site as quickly as possible.

Vancity also has Personal Access Features in online banking that protect you when you log into your account.

Never respond to unsolicited requests for banking or personal information. Vancity never solicits account information from members by email. If you receive an email that appears to be from Vancity asking for account information, please consider the email to be fraudulent.

Top five steps you can take to protect yourself

  1. If you think you've received a phishing email message, do not respond to it, and report it immediately to the company being faked or “spoofed.” Do not reply to any email that requests your personal banking information from Vancity – we would never ask you to submit your banking information by email. Instead, report the suspicious email immediately.
  2. Never click links in email messages unless you are sure of the destination. Links in phishing email messages often take you to phoney sites that encourage you to transmit personal or financial information. Even if the address bar displays the correct address, don't risk being fooled – con artists can display a fake URL in the address bar on your browser.
  3. Never enter personal or financial information into pop-up windows. Simply close the pop-up windows by clicking the X in the top right corner of the window (a "cancel" button may not work as you'd expect).
  4. Check the security certificate before you enter personal or financial information into a website. You can do this in most web browsers by checking the yellow lock icon on the status bar. If the lock is closed, then the site uses encryption to help protect any sensitive, personal information. If you have an up-to-date browser (which we recommend you always do), look for the green bar.
  5. Sign up for online banking alerts. Alerts are an online banking feature that automatically sends you an email and/or a text message to your mobile phone to alert you of certain changes to your account made through online banking. Best alert to sign up for: “new payee added”. If you receive an alert, you can then let us know if we need to address it.

For more information on phishing scams and how to avoid compromising your personal and financial information, visit our full section on avoiding fraudulent e-mail and websites.

See how online banking alerts can help protect you
Report an incident