Fraudsters are likely to contact you by phone or email. This public information is easy to obtain. To protect yourself from becoming a victim, we recommend that you take some time to educate yourself on how these people may try to obtain your personal information.
Social engineering via the telephone
Social engineering involves tricking you into unknowingly disclosing confidential information like passwords or personal information. Social engineers or impersonators use techniques to bypass existing security measures by first gaining your trust. They use influence and persuasion to convince you they are someone they’re not. Consequences of social engineering attacks include fraud, identity theft or theft of confidential information.
Here’s what you can do:
- Request the full identity of the person asking for your help.
- Ask for a call back number to verify and call them back.
- Make sure to verify before providing confidential information. When in doubt, be careful and check any information this person gives you before doing anything.
Identity confirmation of individuals and organizations
Fraudulent activity often appears legitimate at first glance or provides an incentive too good to pass up. Individuals may pose as representatives of a reputable company, often using company names and corporate logos to make their solicitation more convincing.
Phone solicitations may offer cash gifts, free travel or prizes in exchange for personal or account information. Advertisements in newspapers may promote special rates and offers where, upon calling, you are asked for personal information or for an advance payment before the transaction can be completed.
Email addresses obtained from subscription lists, websites, chat rooms, online auctions, etc., may appear to be from institutions you have an account with. Mail can be illegally intercepted, and the information used to solicit your personal or account information.
Here are some ways to validate the legitimacy of organizations that you may deal with:
- Only subscribe to Internet-based newsletters from organizations you trust.
- Do not provide personal or account information over the phone until you have confirmed the identity of the organization. If you receive a phone solicitation, call the organization back using a number you know to be legitimate.
- If you see an advertisement for a loan or mortgage in a local newspaper, check out the source through the Canadian Council of Better Business Bureaus (Canada) or Better Business Bureau (United States).
Examples of fraudulent activity: phishing and pharming
These techniques are designed to encourage customers to divulge personal and financial information over the Internet by appearing to be legitimate, branded web sites of trusted organizations.
Phishing scams use fraudulent emails or pop-up web pages that appear legitimate and are designed to deceive people into sharing personal or financial account information. They often use the logo or other identifier of a reputable company and request urgent action to provide, update or verify your information.
The following is an example of how it usually works. You receive an email that looks legitimate complete with the company’s logo. The email requests that you click on a link provided in the body of the email. The reason for the request can vary from reactivating your account due to a technical upgrade or claiming that fraud has been committed using your card. The link will take you to a fraudulent website that will ask you to enter your personal information. They can then use this information to access your online accounts to withdraw money or make purchases, or even open new accounts in your name.
Pharming scams occur when you enter a web address into your browser. It will redirect you to a fraudulent website without your knowledge. The website often looks similar to the legitimate site in hopes of capturing your confidential information. The scammers often use the logo or other identifier of a reputable company and request urgent action to provide, update or verify your information.
If you did not enter a lottery, you cannot win a lottery. There are no email draws or lotteries where tickets are not sold. Legitimate lottery companies will not ask you for a payment before you can have your money. Sun Life Financial, as an insurer, cannot and does not sponsor lotteries.
- Do not wire transfer funds to someone you do not know. Sun Life Financial will never ask you to wire transfer funds.
- Legitimate loan companies and financial institutions will not ask you for money before lending you money. Sun Life Financial does not offer personal loans.
- Do not agree to have someone pay you more than the agreed selling price for goods and services and reimburse the balance.
- Do your research. Ensure people and companies you are dealing with are legitimate. Helpful information is available on Internet news sources and with better business bureaus.
- If it sounds too good to be true, it usually is.
What to do if you suspect fraud
Contact us if you suspect fraud, believe you have been a target of a scam and/or receive a suspicious email or telephone call from someone that you suspect to be falsely representing Sun Life Financial or if you have shared personal information with a scammer.