Manitoba RCMP is warning the public about interac e-transfer scams that are becoming more prevalent. In these instances, the victim receives an email which appears to be from someone trying to send them an interac e-transfer. At first glance it appears legitimate and when the victim clicks on the link and enters in their banking credentials, the scammers are able to steal the banking login information. This gives the scammers access to the account which allows them to withdraw large sums of money. Scammers are becoming more and more sophisticated, so extra caution is needed before you accept an e-transfer.
This is one of the many reasons that banks should stop being hostile to password managers. Browser-integrated password managers significantly help protect against phishing because my username + password won’t auto-fill on the wrong domain. So I need to take my time and look up my password. Which will at the very least make me suspicious and give me extra time to consider what I am doing.
What do you mean banks are hostile towards password managers? I have yet to find a bank website or app that gives bitwarden any issue. Prior to LastPass becoming total shit I never had a problem with them either.
It is thankfully becoming more rare. But I have frequently seen some hostile behaviour.
- Not marking password fields as such so that they don’t get filled.
- Blocking pasting into login fields.
- Requiring using some sort of on-screen keyboard to enter your password (or more often PIN).
- Requiring enter some characters of your password rather than the full thing. (ex please enter characters 1, 8, 2, 4 of your password).
Time to name and shame that’s some of the stupidest shit I’ve seen in a long time.
I know ATB so a Treasury not really a bank but they had an infuriating way of logging in as well.
After dealing with the big 4 I ended up using simplii for a while and they seem alright.
I got a couple of these about 2 weeks ago and just deleted them. Figured if they tried again I’d block the number.
Also received a few from so-called former “friends” looking to get in touch with me. Seeing as they spelled my name wrong and I haven’t had contact with either of them in over 45 yrs I just deleted them too.
I got the samething.
I’ve always wondered why you needed to put in ALL your banking credentials to receive an etransfer if you don’t have autodeposit on. Why not just have your username/access # only then have it put it in the default account or save it for later when you login. It just seems ripe for scams.
I’ve never had to enter my credentials to receive an e-transfer before and I don’t use auto deposit, that’s pretty weird!
Scammers are becoming more and more sophisticated, so extra caution is needed before you accept an e-transfer.
This is not sophisticated, greedy people click links for free money then put their banking credentials into a page without looking at the address bar. The URL is always a red flag but “they’re trying to send me money!”
If you are not expecting any money don’t click on links and try to deposit money
It’s even in the article, no one is going to try to send you money. These scams rely on greed.
Shaming scam victims has been shown to make people less likely to seek help after being scammed. Your comment only serves to help scammers.
My dad was expecting an etransfer from a friend. He got a text for the right amount. He was on his phone and the URL was mostly hidden. It was the end of the day, he was tired, he let his guard down. Took us months to deal with the fallout.
The world isn’t so black and white.
Nothing against your dad I’m dealing with a similar situation right now as well, but there are several active steps to being scammed this way. I have also clicked suspicious links but then spent the next half hour trying to figure out if it’s legit before moving forward.
<rant>
Banks and credit card corps should be legally required to provide education to card holders AND restrict online access if the card holder can not demonstrate that they understood the information. It is not unreasonable for people to check a URL and recognize a fake financial login page after they have been shown how.
But the web has been treated like a toy, there is no education about it’s safe use in schools and businesses would very much prefer that you and I know as little as possible about how it works. Lack of education is the underlying issue, your dad, like most people, probably doesn’t look at the address bar or check SSL certs because that kind if thing is “tech stuff.” But the web has been in everyone’s pocket for almost 20 years, no one can say that it’s too complicated or not important to learn how to be safe.
</rant>