Skip to main content
Top of main content

What is phishing?

Phishing is one of the more common cybercrimes. It’s when fraudsters send emails, text messages or phone calls to entice, trick or scare you into providing sensitive information or clicking on malicious links.

They’re “phishing” for information – get it? If you click on the link, it’ll either install malware onto your computer or link you to what looks like a legitimate trusted website. Both are an effort to obtain your username, passwords, banking and account information and/or other personal information like your Social Insurance Number/Social Security Number, date of birth and an email address.

Knowledge is the best first-line of defence

For more resources, articles and tips about fraud protection, visit our Help Hub.

Phishing features to watch out for


If you don’t recognize the person who sent it, then don’t open any links they direct you to. Scan the CC section to see if you recognize anyone else. It’s also a good idea to check if it’s been sent to “undisclosed recipients”.

Spelling and grammar

If spelling and grammar are poor then chances are the message wasn’t sent from a reputable source or company.


If it says “urgent action needed”, “your account has been compromised” or prompts you to act fast by threatening to close an account you can safely assume it’s phishing—they’re just trying to force you to click out of panic.

Website URL

If you’re shopping online or just surfing the net and you happen to click on a website you’re unsure of, check the URL for misspelled words or missing periods in the name. These could be indicators of a fraudulent website.

Channels used for phishing


The most common phishing method is email. That’s when someone contacts you through your email address prompting you to click on fraudulent links.
SMS (texts)

You can be phished through a text message. It could be someone pretending to be your service provider prompting you to click on fraudulent links.
Social Media

This is when a company or person reaches out to you through private, or sometimes public, messages on your social media account prompting you to click on fraudulent links.

Protect your computer with updates

Keep your computer up to date

Ensure your operating system, web browser, and applications have the most current updates. See the videos on our Online Banking Security page to learn more.

Internet browser

Make sure you have a current version of your Internet browser installed. We only support an Internet browser that supports 128-bit encryption.

Clean your cache

Secure or erase files stored on your PC by your Internet browser so others cannot read them. Most Internet browsers store information in non-protected (unencrypted) files in the browser's cache to improve performance.

Anti-virus program

Install and use a quality anti-virus program and ensure it is updated regularly. See the videos on our Online Banking Security page to learn more.

Have questions?
Call us at 1.888.517.7000 Mon-Sat, 8am-8pm; Sun, 9am-5:30pm.