Incidents of identity theft and fraud continue to rise. To protect yourself, please proceed with caution when divulging personal or financial information to any third party.
If you receive a letter requesting payment of funds or personal information, please confirm the sender is a legitimate organization and the information requested is for legitimate purpose.
If you use a public or shared computer to access CIBC Mellon's websites and applications, it is vital that you sign out when you are finished. Once you have signed out, you should delete the browser's cache. The cache maintains a copy of web pages that have been viewed recently.
- What is phishing?
- How does phishing work?
- What do phishers do with information?
- What should I look for in a valid message from CIBC Mellon?
- How can you verify an e-mail?
- What you can do
"Phishing" or "brand spoofing" is the act of sending an e-mail to a user falsely claiming to be a legitimate enterprise in an attempt to scam the user into disclosing private information. Government, financial institutions and online auctions/pay services are common targets of brand spoofing.”
Phishing e-mails are often sent out as spam to numerous recipients and appear to come from legitimate businesses, sometimes even duplicating legitimate logos and text. Within the message, you may be requested to click on a link that takes you to a fraudulent site or pop up window where you are asked to submit personal and financial information. Messages may imply a sense of urgency or immediate risk to bank accounts or credit cards if you fail to answer, increasing the chances of a response. Special offers and prizes may also be promoted as incentives.
Phishers can access your accounts using your passwords and other information to wire funds, withdraw money or make purchases. Personal information can also be used by phishers to open new bank or credit card accounts in someone else’s name.
CIBC Mellon will never request that you log on to our systems through a link provided within an email directly. Website access should be provided by typing www.cibcmellon.com directly into your browser window.
There are lots of sources on the internet to help you look up and gain a better understanding of phishing. One recommended link is:
Throughout North America, there has been an increase in fraudulent mailed, e-mailed and faxed letters sent to consumers and businesses informing recipients of large lottery winnings or concerning a "request for urgent business transaction."
The scheme, now increasingly carried out via e-mail according to the Canadian Anti-fraud Centre (CAFC), begins once a consumer receives a letter.
You should be wary of any e-mail, mail or fax you receive if it carries any of the following themes that often appear in fraudulent letters. These letters often:
- Emphasize the urgency and confidentiality of a transaction.
- Stress the importance of trust and honesty in order to make the reader believe there is a validity to the letter.
- Refer to known corporations with good reputations to increase the air of legitimacy to the transaction in question. For instance, the writers of these letters will commonly claim to be a doctor and/or a corporate entity with a major foreign corporation. There may also be some mention of government involvement.
If you respond to these letters, unknowingly requesting more information, the writer of the letter will normally ask for an upfront processing fee or false tax payment. In some cases, there will be a request to arrange a meeting to discuss the transfer of funds to complete the scheme.
If you receive spam e-mails of this nature, do not open the message. You can contact email@example.com to learn more.