Log In
Register
Topic RSS
Facebook
Twitter
Email this6:44 pm
January 7, 2023
Offline
Pythagoras said
I agree. If a bank clears a fraudulent cheque that was deposited in the account without the owner's knowledge, the responsibility lies with the bank, not the account owner.
Totally agreed. Access Credit Union did the right thing to reimburse the victim while Steinbach Credit Union denied responsibility and blamed the victim.
8:42 pm
September 28, 2023
Offline
Another reason its not a terrible thing that Hubert is phone only transactions (they are part of the same Access CU in the article). Glad they helped the lady out.
It would be debateable who is responsible if payments are made under a compromised login, but no one should ever be held responsible for fraudulent deposits to their account (especially cheques)... does Steinbach CU not have a hold policy?
One thing that I think might help would be having a small floor limit for bill payments and e-transfers (maybe $500-1000 per month each recipent)... which could be raised by somehow authorizing recipients with the FI via 2FA or other means. It would allow a lot of regular bills and small e-transfers (one time things like flea markets, food trucks, etc) to take place without a lot of hassle, but would prevent these bad guys from moving a lot of money fast if they do hack in.
9:50 pm
February 22, 2024
Offline
smayer97 said
This!People are lulled into believing that SMS 2FA is about security... it is not. It is about tying your activity to your phone for better isolation and identification linked to a more unique identifier, your cell #. It is about tracking.
Consider using your computer instead. Not perfrect but more control, more options to protect yourself, less vulnerability.
What people are lulled into believing is that their virus protection will keep them safe. I use a tablet dedicated for online banking and phone for verification. I would not use my computer for banking.
4:24 am
May 20, 2016
Offline
Sask. retiree warns others after losing $3K to crypto fraud using AI video of prime minister
4:47 am
November 8, 2018
Offline
mordko said
This reminds me to close accounts I am not using. Having accounts with $10 balances carries outsized risks.
Wise recommendation. Also, logging into each of accounts (that allow deposits by cheque) daily to check their balance will defeat this type of fraud.
Do not rely on email notifications of account balance change, if your computer was compromised fraudsters can intercept these emails and delete them.
Ideally, if one uses home PC (desktop, laptop, etc.) for banking, they should use smartphone with preinstalled FI apps to login daily and check accounts balance. It is unlikely to have both devices compromised same time.
For that same reason, configure SMS delivery for 2FA codes, instead of email.
8:57 am
January 12, 2019
Offline
davidgeorge said
Sask. retiree warns others after losing $3K to crypto fraud using AI video of prime minister
I've also seen similar AI fake ads like that ⬆️ (with our PM) on FaceBook.
To most people, those ads are obviously Fake ... but to some others, they can appear Real & Legit ... and then the Damage is Done. 
Their targets are the Young and the Old ... and the Naive and Gullible.
- Dean
" Live Long, Healthy ... And Prosper! "
11:20 am
November 18, 2017
Offline
My VanCity statements always carry a note with my cheque images stating that cheques being listed in the statements does not necessarily mean they have/will be honored.
Scam reports always indicate that even cheques "cleared" may be back-charged weeks later. That's how the overpayment scam works: someone sends you a cheque for more than what is owed and asks for the extra back. Later, the original cheque bounces. Particularly common with cheques from Africa and work-from-home scams.
RetirEd
12:30 pm
April 27, 2017
Offline
Dean said
davidgeorge said
Sask. retiree warns others after losing $3K to crypto fraud using AI video of prime minister
I've also seen similar AI fake ads like that ⬆️ (with our PM) on FaceBook.
To most people, those ads are obviously Fake ... but to some others, they can appear Real & Legit ... and then the Damage is Done.
Their targets are the Young and the Old ... and the Naive and Gullible.
Dean
A relatively small sum spent; a valuable lesson learnt.
1:29 pm
July 5, 2019
Offline
AR said
Wealthsimple is the only financial I have that sends notification for every single transaction.
forum.
There is great variance in the number and types of alerts offered and probably most would not have helped the fraud victim. Good for Wealthsimple. I wish I could get alerted on every single transaction.
4:50 pm
November 18, 2017
Offline
What we need are regular alerts that everything on the web is bullshit!
RetirEd
8:00 pm
April 6, 2013
Offline
kelbee said
There is great variance in the number and types of alerts offered and probably most would not have helped the fraud victim. …
All the alerts wouldn't have helped the victim; he did the e-transfer himself! His bank, RBC, even called him and warned him it may be a scam. But, he went ahead anyways:
The site asked him to send the money through crypto.com — a Singapore-based company registered to operate in Canada through the Canadian Securities Administrators — using an e-transfer. The move concerned his bank.
“RBC phoned me and said, ‘Are you sure you want to do this?’” [the victim] Phaneuf said.
They told him cryptocurrencies often involve scams, but when he asked if RBC had problems with the specific company, crypto.com, the representative said no, Phaneuf said.
“He couldn’t give me an answer: is this OK or is this not OK?”
The call lasted five minutes.
9:23 pm
September 28, 2023
Offline
I dont know what the answer is here.
Maybe seniors could voluntarily place restrictions on their account where they would need the authorization of a trusted family member or friend to conduct transactions that are completely out of the ordinary for them like this.
They grew up in an era where almost everyone could be trusted.. and the scammers are very convincing and persuasive. With AI video and voice generation, these situations are going to increase in size and scope, as it will become much more murkier what is a scam and what is not (just like the CRA thread I was reading on this forum earlier today).
12:26 am
November 18, 2017
Offline
I'm in my seventies. At any era I've lived through, there were scammers and scams, and scam warnings. Some scams over 50 years old are still being practiced. Maybe some new electronic scams have emerged, but grift is nothing new. Anyone who approached you with an offer - even family members or religious officials - are likely grifters.
ANYTHING on the web is almost certainly looking to take advantage of you.
RetirEd
5:57 am
April 27, 2017
Offline
Scums and scammers have always existed but the idea to have a “trusted contact person” is a good one regardless of age.
WS would contact this person if there is suspicious activity or they have reasons to believe your mental capacity is deteriorating. And “Any other situation where Wealthsimple suspects financial abuse related to your account”.
8:53 am
September 11, 2013
Offline
RetirEd, re. the fraud that started this thread, no-one "approached" anybody, these transactions were done without the knowledge (until after the fact) of the victims.
Things are very different today.
9:58 am
December 12, 2009
Offline
Warwick111 said
Totally agreed. Access Credit Union did the right thing to reimburse the victim while Steinbach Credit Union denied responsibility and blamed the victim.
That's good to hear. Not sure on the amounts for those two cases. I can appreciate banks and CUs are reluctant, for legal reasons, to acknowledge any sort of culpability, but that can be done by refusing the refund, denying responsibility, then, shortly after, "put it right" with their customer through a separate internal fund to cover such things.
They can incentivize themselves to reduce the budget allocation to such "customer goodwill" funds, by (a) disabling the customer's online and mobile banking privileges until they have (i) certified their computer or mobile device has been inspected and cleaned, with anti-malware detection software installed and (ii) completed an approved, free online course in good home and personal device security practices. Additionally, they would further reduce fraud costs if they would stop insisting on the lazy man's approach to Internet security, by using TOTA-based multi-factor authentication, like Google Authenticator, Authy, and the like, instead of e-mail or SMS-based codes.
Cheers,
Doug
10:02 am
December 12, 2009
Offline
The site asked him to send the money through crypto.com — a Singapore-based company registered to operate in Canada through the Canadian Securities Administrators — using an e-transfer. The move concerned his bank.
“RBC phoned me and said, ‘Are you sure you want to do this?’” [the victim] Phaneuf said.
They told him cryptocurrencies often involve scams, but when he asked if RBC had problems with the specific company, crypto.com, the representative said no, Phaneuf said.
“He couldn’t give me an answer: is this OK or is this not OK?”
The call lasted five minutes.
That's good that RBC called them to confirm the transaction, but I take issue with the question. Instead of asking a yes/no question, they should've asked the purpose of the transaction, as well as other pertinent transaction details like the name of the vendor the RBC customer was taking to, agent who was speaking to them, etc. If that couldn't have been requested, they should've blocked the transaction and requested they go into an RBC bank branch with a trusted family member or friend as counsel to speak to a banking advisor.
Cheers,
Doug
10:07 am
December 12, 2009
Offline
Read the CBC article. I see where Steinbach is coming from. It seems she was using the same password as with her Access Credit Union account. She should've informed Steinbach at the time her accounts may have been compromised.
I doubt she will get the 3x the amount she is seeking; they may work out an out of court settlement for an amount equally split between herself and Steinbach if she's lucky.
10:10 am
December 12, 2009
Offline
Pythagoras said
I see. Thanks for that!
But what I still don't understand - don't all banks place a 5-10 day hold on deposits? If Steinbach cleared the cheques before they were supposed to, then aren't they at fault?
Even if the funds were on hold for the 10 days, and Steinbach cleared the cheques after the 10 days, aren't they still at fault?
If someone deposits a cheque into my account without my knowledge, and Steinbach clears that cheque, why should I be responsible?
I very much doubt there was no hold on the deposit. It seems likely she either didn't check her online accounts for more than 10 days, which was after the Access CU fraud, and the same fraudster was thus able to withdraw those funds via online bill payments, after the hold period had elapsed.
If you notice an unexplained $292,000 deposit to your account, should you not notify the bank right away?
Cheers,
Doug
11:42 am
October 27, 2020
Offline
doug said
Read the CBC article. I see where Steinbach is coming from. It seems she was using the same password as with her Access Credit Union account. She should've informed Steinbach at the time her accounts may have been compromised.
It actually doesn't say she was using the same password as with her Access Credit Union account.
This is what the CBC article says:
"Her lawsuit says she and her husband were never asked by Steinbach Credit Union whether there had been any recent fraudulent activities in their accounts at other financial institutions, and that their passwords for their Access and Steinbach accounts were different."
Please write your comments in the forum.