Barb Morgan likes to shop on eBay because she often finds good deals on costume jewellery.
It came as a surprise, however, when Ms. Morgan, the director of business development at Merix Financial in Toronto, received a call from her bank last fall to ask about two large credit card purchases from a Florida-based company called Gem Nation. She'd never heard of it.
"They called me and said, 'We've seen some unusual activity on your card. We're just wondering if you've made an $8,000 purchase.' " She'd never spent that much online. An earlier charge for $3,000 had already been processed on her MasterCard.
Thanks to her bank's watchful eye, Ms. Morgan was able to quickly dispute the charges and was not held liable. But a few months later, fraudulent charges appeared on her new credit card, this time from a phone company based in Australia. Ms. Morgan has never even been to Australia.
"They charged $100 five times in a row, so that's why it caught my attention," said Ms. Morgan, who had just come back from a European cruise. "I'm not sure I would have even noticed it, because there were a lot of transactions while we were away on vacation."
"Card-not-present" fraud, in which someone obtains a victim's card information and uses it to make fraudulent purchases, is very common, says Paul Proulx, RCMP Staff Sergeant at the Canadian Anti-Fraud Centre.
Card-not-present fraud is just one element of mass-marketing fraud. In 2010, Canadians reported $53.8-million in losses from mass-marketing fraud, defined by the CAFC as fraud committed by phone, mail or the Internet, which also includes schemes ranging from prize pitches to credit card protection.
"There's a lot of scams but they tend to be variations on a theme," says Ursula Menke, commissioner of the Financial Consumer Agency of Canada. Most scams try to get the victim to divulge personal information that can be used to create a phony credit card, charge a fraudulent transaction or gain access to financial accounts, but the approaches become more inventive every year. For instance,a new report by the CAFC states the most commonly reported mass-marketing scheme is deceptive solicitation for services.
Staff Sgt. Proulx says the latest version of this scheme is a phony anti-virus computer program circulating the Internet, in which a pop-up box on the victim's screen warns their computer is infected. When the victim clicks the link and calls the hotline for assistance, they are prompted to grant remote access to their computer so the company can "fix" the problem, at which point the scammer copies the hard drive and prompts the victim to purchase anti-virus protection by credit card.
Another new scam involves the use of an overlay device to capture a debit card user's key strokes as they enter their PIN into a card reader, says Rachel Jolicoeur, manager of fraud programs for Interac Association. Merchants are now adding additional security around their PIN pads.
Failure to protect personal and financial information is the most common mistake leading to debit card fraud, Ms. Jolicoeur says. "That would include such things as not protecting the PIN for their payment cards, not going to a trusted website to do e-commerce, disclosing information to a third party that they don't really know."
Ms. Menke of the FCAC was a victim of credit card fraud herself about a year ago, when someone created a duplicate of her card. "All of sudden I was making very small transactions in Japan when I wasn't there," she said, adding her bank quickly realized the purchases did not fit her spending pattern and notified her. She was not held liable.
Reporting fraud quickly is crucial to avoiding liability, Ms. Menke says. Anyone who suspects they have been victimized should first contact their financial institution, to have the charges stopped and reversed. The next step is to contact the two Canadian credit bureaus, TransUnion and Equifax, and ask for a fraud alert to be placed on your credit file.
Based on the number of complaints to the Canadian Anti-Fraud Centre, Canadians between the ages of 50 and 59 are the most targeted, with Ontario the most-targeted province.
Canadians between the ages of 40 and 49 reported the highest dollar loss.
Here are some tips to help you keep predators at bay.
1. Connect securely. Make sure you have a secure, password-encrypted Internet connection, the latest security software and the most recent version of your Web browser installed on your computer. Avoid making transactions through an unsecured, borrowed or public Internet connection.
2. Use one browser. Avoid opening a second tab or browser while doing financial transactions. While financial websites are encrypted, visiting a non-secure website could open up access to information from the secure content.
3. Clear your computer's memory cache when you're done.
4. Guard passwords. Never allow your computer to remember your passwords, in case they are stolen. Change passwords regularly, use different passwords for different sites, and do not share them with anyone. You can be held responsible for unauthorized transactions if you are found to have shared your password or PIN.
5. Check the URL. Type a financial website URL directly into your browser instead of clicking on a third-party link (such as a link embedded in an e-mail or advertisement), which may be a phishing attempt directing you to a fraudulent website.
Sources: Interac, FCAC