Security is everyone's responsibility.
There are many things you can do to minimize risks to you and your money.
Ways that we protect you:
Sending automated Alerts about activities that occur in your accounts
Controlling access to your accounts
Closing inactive online banking sessions
Encrypting data – providing a safe online banking environment
Identifying internet scams and sharing what we know
Supporting e-Statements and e-Documents to share your information safely
Working to prevent card skimming
Understand how you can minimize risks when you do your banking.
If you ever suspect your personal information may be compromised – or you think you may be a victim of fraud – it’s your responsibility to get in touch with us immediately at 604-419-8888 or contact your G&F branch.
We have provided many tips for being safe online. Below is a brief summary of safety precautions to practice while you are doing your banking:
- Don’t click or open anything you weren’t expecting to get without being certain of its safety, including being skeptical of links or attachments from friends or family. An email-FROM address can easily be spoofed and look like it’s from a friend.
- Deactivate autoplay. Autoplay allows applications to open digital media instantly and ransomware can exploit this and trick computers into running a program.
- Stay up to date. Accept and install updates to your computer’s operating systems, browsers and plug-ins when received from a legitimate and recognized source.
- Check your bank and credit card statements regularly to ensure that all transactions are legitimate.
- Ensure your home computer is running up to date anti-virus software.
Protect your identity.
Recovery from identity theft is a long and traumatic experience. You can find helpful tools and information on identity theft at the Canadian Anti-fraud Centre website or at the Get Cyber Safe website. The RCMP also provides information on handling identity theft on their website.
Be cautious when sending e-transfers.
When you are making an e-Transfer, a notification is typically sent from Interac to your recipient's email account. You need to be aware that criminals can attempt to intercept transfers by hacking email accounts. Once they are inside an account, criminals can see the notification from Interac and use the deposit link to redirect funds into a different account by answering the security question.
Here are some tips to prevent the e-Transfer notification from being intercepted:
- Select a question and answer that are not easy for a third party to guess. If the notification is intercepted, it will be harder for a criminal to answer and steal the funds.
- Never send the answer to your security question via email. Call or text the recipient with the answer.
- Be cautious not to click on any phishing links in your emails.
- Ensure that you are only making transactions with websites, vendors and people that you trust.
- Notify G&F immediately if you sense anything suspicious about your transaction.
Monitoring your account with alerts
Monitoring activities in your account will ensure that you spot any incorrect or fraudulent transactions as soon as they occur. If your card has been skimmed (when the card's magnetic stripe and PIN are fraudulently copied by embedded devices at ATMs or point-of-sale devices) or unauthorized transactions have been made, you will want to catch this as soon as possible.
A great way to monitor your account is to sign up for Alerts through online banking.
Alerts allow you to receive email and/or text message notifications when various activities occur in your accounts. Alerts also help you better understand your finances and cash flow, organize your money and ensure that you have maximum control over your financial situation
Set up Alerts today and start monitoring your accounts.
- Login to online banking.
- Click on Messages and Alerts in the shortcuts menu on the left side of the page.
- Click on Get Started Today or Manage Alerts in the shortcuts menu on the left side of page. Follow the steps as outlined.
You can also set up your Alerts by using the G&F mobile app on your smart phone.
Choose what you want to be notified about.
You can choose to receive the following alerts:
- Security Alerts provide an additional layer of protection by allowing you to detect possible fraud quickly and take appropriate action
- Balance and Activity Alerts can help you to better manage your finances and budget
G&F's Alerts are free.
There is no fee to sign up for Alerts, and no fee to receive them. However, your wireless carrier may charge you for receiving text messages and for data usage. Please check with your wireless carrier for details about your mobile phone package.
Frequently asked questions about Alerts
How can you tell it’s a G&F Alert and not phishing or smishing?
What happens to Alerts when my phone or email isn't working for a while?
Am I guaranteed to receive Alerts sent to me?
Why do I see two CHQ0s in my Alerts?
Why isn't my mobile phone carrier listed in the carrier dropdown menu for Alerts?
What if I no longer wish to receive an Alert?
Who should I contact if I notice an unauthorized withdrawal on my account?
Your Personal Access Code is one of your best defenses against theft.
Online credentials can be numerous as they are needed for email accounts, social networking sites, online newspapers and shopping websites. That's a lot of usernames and passwords – and it can be tempting to use the same combination for everything. But this makes it far too easy for hackers because once they have one password, they can access all your sites. Login credentials are the keys to your accounts so don't leave those keys around for anyone to find. For online banking, the key is your Personal Access Code (PAC). (We call it a "PAC" instead of a "password" because it is more than a "word", it is a string of letters, numbers and special characters.)
Have you forgotten your PAC, your online banking password? Do you need to change your password? Here's how to set up a new PAC so you can continue with your banking:
How to change your Personal Access Code
You can change your password or Personal Access Code through this website.
- Start by going to the PAC reset page.
- Enter your member number.
- Provide your name, address and phone number.
- Answer several security questions. (These are created based on information you provided.)
- Enter your new Personal Access Code and click Submit.
How to choose a strong Personal Access Code
Characteristics of an effective strong PAC include an alphanumeric combination, with a combination of upper and lower case letters, and special characters. Phrases that are extended in length but easy for you to remember would create a stronger PAC. A good example may be: My2dogshave5brownspots!!
Choose a PAC that is difficult for others to guess. Avoid using keyboard strings (qwerty), repetitive letters or numbers, dates, common words (e.g., password, winter, etc.), personal information (e.g., name, date of birth, phone number, city names, etc).
How to keep your Personal Access Code safe and secure
- Change your PAC on a regular basis; we suggest every 90–120 days.
- Make sure your PAC is not the same as other online passwords you may have.
- Make sure no one observes you typing in your PAC.
- Consider using password-management software, which secures and encrypts usernames and passwords and allows you to use a single master password.
- Keep any written passwords locked away in a place only you can access.
What not to do
- Do not share your PAC with anyone, especially online. Keep it confidential. Understand that employees of our financial institution will never call, email, write or ask you to provide your online banking credentials.
- Do not use a part of your bank or debit card PIN or another password.
- Do not disclose your PAC in a voicemail or email. Do not share it with a person you are talking to on the phone.
- Do not authorize internet browsers (such as Chrome, Internet Explorer, etc.) to memorize your username and passwords. Saving these on your computer allows anyone using your computer to gain access to your login-protected sites. Be aware: criminals have ways of tricking you into letting them log onto your computer remotely, giving them access to any list of passwords you may have stored there. Some may pose as computer repair persons and insist that they need to fix your computer. This is a common scam in Canada.
Identify and prevent scams
While pickpockets can only target a few people each day, Internet fraudsters cast their nets much wider, using the anonymity and reach of mass emails and fake websites. You can protect yourself from these situations by knowing how to identify and avoid these scams.
We take attempts to defraud our members very seriously. If you receive correspondence that you think may not be from G&F, please report it to us by emailing firstname.lastname@example.org or calling us at 604-419-8888.
Quick tips to avoid scams:
- Never use a link provided in an email or text to access your online banking (because we don't send those, scammers do).
- Do not open emails, texts or attachments from unknown sources.
- Scan your emails using anti-virus software.
- Read before you click! It is important to understand that electronic messaging is not a secure form of communication.
G&F will never send you an unsolicited email or text message that asks you to provide sensitive personal information like your social security number, bank account number, and credit card information, ID questions like your mother's maiden name or your password.
Ways to identify and prevent scams:
Choose secure 'https' websites.
Understand phishing and smishing.
Keep an eye out for malicious software.
Browse the internet safely
When visiting a branch, you can feel confident that your money is safe and secure, with the premises adorned by vaults, locked doors, security and surveillance. We are keeping you just as safe when you bank online but once your information reaches your computer, you have a responsibility to protect it.
Log out of G&F online banking, every time.
When you are finished with your banking session, always log out by clicking the Log Out button, as opposed to simply closing the browser window. To help protect your information, your online banking session will end automatically if there has been no activity for 20 minutes or if your visit lasts longer than 60 minutes. If your session has timed out, no further transactions can be made until you log in again. This time-out feature helps protect your accounts from unauthorized access if your computer is left unattended or if you have forgotten to log out.
Use the latest Internet browser.
Web browsers are the gateways to the Internet. Similar to having an up-to-date operating system, upgraded browsers provide more features, stability and security. Whether you use Internet Explorer, Firefox, Safari, Chrome or something else, stay safe online by using the latest version available.The latest versions of web browsers have security features that can identify and block harmful and fake websites and pop-ups, and warn you if a site is flagged as unsafe. Some browsers also have a "private browsing" feature, which conceals your browsing history from others. We suggest you update your browser.
Choose private browsing.
Some web browsers have a feature that allows you to browse the Internet without the browser storing information, such as the sites you visit, the images you see and videos you watch. This feature is sometimes used by people who share the same computer. Private browsing is a temporary option and must be selected in order for it to be activated. Private browsing, however, does not give you immunity to spyware or make you anonymous. It is still possible for your Internet service provider, employer or the websites you visit to track your online activity.
Learn more ways to browse the Internet safely.
Clear the data stored in your browser.
Control how you use free Wi-Fi.
Be careful using your credit card online.
Keep your devices safe.
It's a good idea to protect and maintain the devices you use to do your banking. This can involve upgrading the software and other practices as outlined here.