Crossroads Loading Indicator
SIGN IN
SIGN IN

Fraud Prevention

March is Fraud Prevention Month — a nationwide initiative dedicated to empowering Canadians with the knowledge and tools they need to strengthen their fraud defences and stay one step ahead of criminals.

At Crossroads Credit Union, protecting our members is at the heart of everything we do. All month long, we’ll be sharing fraud prevention tips across our social channels to help you stay informed, alert, and confident. Our topics will spotlight the fastest‑growing scams affecting Canadians today, including:

  • AI‑powered scams
  • Identity theft
  • Government impersonation schemes
  • Online shopping scams
  • …and much more

Fraud Friday: Test Your Knowledge & Win!

And we’re not stopping there.


Every Friday starting March 6, we’ll post a Fraud Friday Question — right here on our webpage and on our social platforms.

  • Answer the question
  • Get your name entered into a draw
  • Win exclusive Crossroads Credit Union swag!

It’s a fun and engaging way to test your fraud‑fighting smarts while learning how to better safeguard your money and identity.

Week 2 Fraud Friday Question

Here is this week's Fraud Friday Question. Test your knowledge and you could be a lucky winner!

ANSWER THIS WEEKS QUESTION

STRENGTHEN YOUR FRAUD DEFENCES

Here are some safety steps you can take to combat fraud. Learn more about our security services that you can activate yourself in minutes.

Banking alerts provide added protection and convenience to your online banking experience. Stay informed by email or text message when an online event occurs on your accounts including:

  • Your personal access code (PAC) is changed.
  • Attempts have been made to access your account.
  • A new bill payment vendor or e-Transfer recipient is added to your profile.
  • Online Banking Account has been locked out - Incorrect response to Security Question

Click here to learn more.

A strong password provides essential protection from financial fraud and identity theft. One of the most common ways that hackers break into computers is by guessing passwords. Simple and commonly used passwords enable fraudsters to easily gain access and control of a computing device.

  • Create complex passwords.
  • Passwords should contain at least ten characters and have a combination of lowercase and uppercase letters, as well as numbers and special characters.
  • Utilize two-factor authentication. Use passphrases (watch the video below to learn more).
AI - Powered Scams

Fraudsters are using AI to create deepfake videos, voice cloning, and sophisticated phishing emails. Scammers use AI to create realistic fake content that can deceive even the most cautious individuals. Always verify the source of any unexpected communication and be skeptical of urgent requests for personal information.

Fraudsters can use AI to:

  • Impersonate a well-known company or individual to promote fake products or services.
  • Generate a convincing fake investment opportunity.
  • Make chat bots spread fake reviews that sound and look like real people wrote them.
  • Use voice cloning for deceptive telemarketing.
  • Realistic-looking videos of a public figure promoting an investment opportunity, or any other promotion they don’t normally do.
  • Unusual body or lip movement in videos.
  • Strange phrasing or inconsistencies, irrelevant content.
  • Websites that mimic real companies.
  • Unexpected phone calls or messages, especially if the sender conveys a sense of urgency, fear, or panic.
  • Trust your instincts when something doesn't feel right.
  • Use a family safe word.
  • Hang up & call the real person.
  • Slow down - urgency = red flag.
  • Never share passwords, MFA codes or banking details.
  • If something seems fishy, check names and logos on websites for authenticity.
  • Stay informed about AI and frauds—research, read, and discuss with friends and family.
  • Report suspicious websites. If you believe you’ve come across misleading AI generated content, report it to the Competition Bureau or to the Canadian Anti-Fraud Centre.
Phishing Scams

Canadians are spending more time online and fraudsters are getting creative with scams in the digital era. Scammers use email or text messages to trick you into giving them personal information. Phishing is when you get an unsolicited email or text that claims to be from a legitimate organization such as a financial institutions, business, or government agency. Scammers ask you to provide or verify, either via email or clicking on a web link and trick you into providing personal and/or financial information. These messages often copy the tone and logo of reputable organizations you trust and usually include a call to action, and they are wanting your personal information.

  • Request for Personal Information: reputable organizations will never ask for personal information through email or text.
  • Urgent Requests: Look out for messages that include a call to action and they are wanting you to respond immediately.
  • Real emergencies don’t happen via email.
  • Unsolicited Emails: Look out for receipts for items you didn’t purchase, updates on deliveries for things you didn’t order etc.
  • Spelling/Grammar Errors that a legitimate organization would not miss.
  • Suspicious Attachments that you were not expecting and didn’t ask for, weird file names and uncommon file types.
  • Anything Too Good to Be True: Winning a lottery is unlikely. Winning a lottery, you didn’t enter is impossible!
  • Do not click any links.
  • Do not open any attachments.
  • Do not reply or forward the message – Delete the email or text!
  • If unsure about legitimacy – contact the company through a different channel such as the phone. Research online for the contact information; never contact them using the information received in the message!

Investment and Crypto Scams

Investment and crypto scams happen when fraudsters promise high returns with little or no risk to persuade people to hand over their money. These scams often involve fake investment opportunities or fraudulent cryptocurrency platforms designed to steal personal information or funds.

  • Guaranteed returns.
  • Being moved to WhatsApp/Telegram.
  • Pressure to "invest now".
  • Crypto-only payments.
  • Check advisor registration.
  • Avoid WhatsApp/Telegram investment pitches.
  • Research before sending money.
Romance Scams

A scammer convinces you to enter a virtual, online relationship so they can gain your trust and affection. This can occur through:

  • Email messages
  • Fake profiles on social media and dating sites

Eventually, the scammer may ask you:

  • for money for travel, a medical emergency or family assistance – making it seem urgent or like an emergency
  • to receive money for them – by doing so you might unknowingly be committing a crime
  • to join a business venture with them
  • to invest in cryptocurrency

Scammers will try to use any means necessary to convince you that their requests are legitimate. The majority of fraud is not committed by amateurs, and they will use technology to their advantage.

  • Someone you haven’t met in person professes their love to you.
  • The person wants to quickly move to a private or different mode of communication (email, text, WhatsApp, Google Hangouts etc.).
  • They always have an excuse not to meet in person.
  • You receive poorly/oddly written messages, sometimes even addressing you by the wrong name.
  • The individual claims to live close to you but is working overseas.
  • They act distressed or angry to guilt you into sending money.
  • The individual discourages you from discussing them or their situation with your friends and family (attempting to isolate you from those who may be suspicious of the relationship).
  • Be careful what you post and make public online.
  • Trust your instincts, ask questions
  • Don’t be afraid to say “NO”
  • Never send money or give financial details on a dating site.
  • Remember that it’s very unlikely that someone will declare their undying love to anyone after only a few letters, emails, phone calls or pictures.
  • Always avoid sending money or personal information to someone you haven't met in person
  • Remember, if it’s too good to be true, it is!

CRA/Government Impersonation Scams

CRA and government impersonation scams occur when fraudsters pose as government agencies—like the Canada Revenue Agency—to pressure you into paying fake debts or sharing personal information. These scammers often use threatening language, spoofed phone numbers, or urgent emails and texts to make their demands seem legitimate.

  • Threatening or urgent messages.
  • Requests for e‑transfer, crypto, or gift cards.
  • Refunds offered by e‑transfer.
  • Links asking you to “verify” info.
  • Log in directly to CRA My Account.
  • Never click links in unexpected messages.
  • Call the CRA using the number on their official website.
CRA will NEVER:
  • Send refunds by e‑transfer.
  • Demand immediate payment.
  • Request payment by crypto, gift cards, or e‑transfer.
  • Use aggressive or threatening language.

Interac® e-Transfer Interception Fraud

E-transfer interception fraud occurs when money is being sent via Interac e-Transfer® from one bank account to another using an email address or text message. Fraudsters will intercept the online transaction and divert the money to a different bank account. Whether you’re the sender or recipient of an e-Transfer, everyone is responsible for playing their part in preventing fraud.
  • Register for Autodeposit – Automatically deposit funds into your account to remove the risk of criminals intercepting the notification email.
  • Use answers that are not easy to guess – Ensure the answer to your security question cannot be easily guessed or found on social media. If the notification is intercepted, it will be harder for a criminal to answer and steal the funds.
  • Do not include the answer to your security question in the message box – Only share the answer via a secure and different channel, such as over the phone.
  • Never Click Links to accept e-transfers that you were not expecting.
  • Keep Your Email Secure – Be cautious of phishing links. Don’t stay logged in when you’re away from your computer. Use strong passwords that are difficult to guess.
  • Register for banking Alerts - Receive an alert when a new e-Transfer recipient has been added so you can verify this action.
  • Be cautious of the information you share online, including personal identifiable information that hackers can use to access your accounts.
Employment Scams

Employment scams often appear on job boards, social networking sites like Facebook and Twitter, or the targets of such scams may receive unsolicited emails from supposed employers. The scammer often assumes the identity of a legitimate company, recruiter or hiring agency and will quickly offer the victim a job that pays well but requires little or no effort. The jobs offered are typically 'work from home' or ‘mystery shopper’ jobs. The victim will often get the job without needing to send in an application, have an interview or even discuss the role at all with their supposed employer.

Scammers will take advantage of job seekers by collecting confidential information that they will use for identity theft, or they will have the victim cash fraudulent checks, wire money, or transfer funds for services or supplies. There are several ways an employment scammer may take a victim’s money.

  • Scammer will ask the victim to submit personal information, like a social security number or driver's license number, that is needed to complete their application.
  • Scammer will ask the victim to provide bank account information to process their pay.
  • Scammer will ask the victim to send their credit card information to pay for training or training materials that are needed as part of the job.
  • Scammer will ask the victim to cash a cheque to complete the application process or as payment for their new job. The victim will be asked to send the money to a third-party or wire any excess funds back to the employer. The victim will soon find out they are involved in an overpayment scam.
  • Don’t give out personal information.
  • Protect your online accounts.
  • Don’t be afraid to say “NO”.
  • Never agree to deposit a check and wire transfer money back anyone or forward funds to a third-party.
  • Be cautious when dealing with people you have only met online. If you decide to send them money use secure, traceable transactions. Do not send wire transfers, prepaid debit cards or gift cards.

Other Scams to Be on the lookout for

A typical cheque fraud scam is where a fraudster emails you an “electronic cheque”. They tell you to take a picture of the “electronic cheque” or to print the item and then take a picture to deposit the funds electronically.  They then tell you to deposit the cheque in your account using your Mobile App and then asks that you forward the majority of the funds via e-Transfer, or by purchasing gift cards or bitcoin.

An example of where this type of fraud can occur is an overpayment for something you're selling on an online site or a new online job that you have just been hired for.

Learn to Recognize the Signs:

  • If it seems odd, it’s probably fraud.
  • If someone you don’t know emails you a picture of a cheque, it’s a scam, contact your financial institution to verify.
  • There is an immediate request to send funds back through e-Transfer, gift cards or bitcoin.
Tips to Protect Yourself:
  • DO NOT accept cheques sent to you via email.
  • Do your research.
  • Know who you are dealing with.
  • IN ALL CASES ~ you get a cheque and someone asks you to send back money in ANY means, THAT’S A SCAM!
Synthetic identity fraud occurs when scammers combine real and fake personal information—often including a genuine SIN—to create an entirely new identity. Watch for warning signs such as unfamiliar addresses appearing on your credit report, hard credit checks you didn’t request, or personal details that don’t match. You can protect yourself by reviewing your credit report annually, questioning any activity you don’t recognize, and safeguarding your personal information.
Fake online stores and ads—often created using AI—are designed to trick shoppers into paying for products that never arrive or to steal their payment information. Common red flags include extremely low prices, missing contact details, retailers that only accept crypto or wire payments, and generic or AI‑generated reviews. Protect yourself by researching the retailer, confirming real contact information, avoiding sellers that only accept e‑transfer, crypto, wires, or gift cards, and using credit cards for safer purchases. Remember: if an online deal looks too good to be true, it probably is.
Fraudsters are increasingly using fake QR codes placed in public spaces or sent through text and email to trick people into visiting malicious websites. Stay alert for signs such as QR codes that appear to be stickers, unexpected codes sent in messages, or websites that look unusual after scanning. Protect yourself by checking for stickers places over original signs, previewing links before opening them, avoiding scans from unexpected emails or text, and manually typing website addresses when in doubt. 

"Pig butchering" scams are long‑term fraud schemes where scammers build trust—often through social media or messaging apps—and then convince victims to invest in fake crypto or investment platforms. Once the victim deposits significant money, the scammer disappears, leaving them unable to withdraw their funds.

Red flags to watch out for:

  • Seemingly accidental or mistaken contact, but the person wants to keep talking.
  • Conversation turns to investments in cryptocurrency, gold markets, or forex.
  • Continued, sustained contact to encourage repeat theft.

How to protect yourself: Be suspicious of any seemingly mistaken contact. This includes texts, messaging services like WhatsApp, online dating platforms, and social media. With the rise of generative AI, even "wrong number" phone calls and video calls could be pig butchering scams. These texts can be simple ("Hi."), conversational ("Long time, no see"), or even whimsical ("It's been forever since our last charity gala!"). A good rule of thumb is to never respond to any communication from a stranger. Don't even tell them they're texting the wrong number.

Be aware of fraudsters pretending to be your financial institution and asking for e-transfer URLs, “codes,” or your multi-factor authentication protection code. This is a scam! Your financial institution will never ask for this information.

Tips to Protect Yourself: 

  • Create strong passwords for each of your accounts.
  • Set up multi-factor authentication to make it harder for others to access your accounts.
  • Never share your multi-factor authentication code with anyone.
  • Avoid reacting automatically. Take five minutes to ask additional questions and trust your instincts. If something doesn’t seem right, ask someone you trust.
  • Do not trust the information on your call display because it can be easily manipulated.
  • Do not provide your personal or financial information on demand.

Grandchild in jail? Don’t act too quickly! Emergency frauds usually target loving grandparents, taking advantage of their emotions to rob them of their money. Typically, the scam starts with a grandparent receiving a call from someone claiming to be their grandchild. The “grandchild” will say they are in trouble or have been in a car accident and they need money immediately. Take time to verify the story, call the grandchild or the child’s parents. Scammers are wanting you to react quickly, never send money to anyone you don’t know and trust!

Some scammers may be pretending to raise funds on behalf of a charity but are actually stealing your money! Donations are a vital source of funding for worthy causes and charities. As a donor, it’s important to be well-informed so you can feel confident about where your money is going. Gather as much information as possible on the organization, visit their website for annual reports, contact information, etc. Check the List of Charities on the Canada Revenue Agency website to find out if they are a registered charity.

General Safety Reminders!

Always follow these tips to keep your personal and financial information secure!

  • Do not click on strange links within emails.
  • If you are not expecting an Interac e-Transfer from someone, don’t accept it and do not click on any links to log into online banking.
  • Do not use public Wi-Fi to log into online banking.
  • Do not share your debit card and never disclose the personal access code (PAC) to anyone.
  • Visit the Canadian Anti-Fraud Centre to learn about current scams affecting Canadians.
LEARN MORE ABOUT CURRENT SCAMS

What to do if it happens to you

1. Notify your financial institution immediately if you suspect fraud or identity theft. They can provide advice on how to limit access to your credit card or financial accounts and investment.

2. Call the police and file a report. Keep a copy of the report for your records.

3. Change your PIN and passwords immediately.


*Note: Keep a list of the people you speak to when reporting a fraud, recording all dates, names, phone numbers and what was said.
Canada Anti-Fraud Centre

1.888.495.8501



Competition Bureau of Canada

1.800.348.5358



Government of Canada (Public Safety Canada)

Resources on Identity Theft

Equifax Canada

To order your credit report or to report identity theft:

1.800.465.7166

consumer.equifax.ca


TransUnion

1.800.663.9980

transunion.ca

To learn more about fraud & to report fraud visit the Canadian Anti-Fraud Centre.

To learn about the 12 common scams check out The Little Black Book of Scams 2nd Edition.

This website uses cookies to improve your user experience. By continuing to browse the site you are agreeing to our use of cookies.