Skip to main content

Stay Informed On the Latest Cyber Scams

Being aware of online scams and knowing what to look for is the key to protecting yourself against cyber criminals. Here are some cyber scams currently affecting RBC clients.

Date: May 2023
Type: Fake Website
Status: Active

Package Delivery Phishing/Smishing Scams

Use Caution When Opening Links from Package Delivery/Courier Services

1. Details of the scam:

The drastic rise of e-commerce has resulted in an increase of scammers sending fake shipping notices from popular courier services. Scammers are taking advantage of this by sending phishing SMS and emails to trick unsuspecting Canadians into submitting their banking information.

The messages claim that the recipient has a parcel waiting but must pay a customs or rescheduling fee, which needs to be done online via the attached link. This link directs the recipient to a genuine-looking phishing site for the courier service, where they will be tricked into either entering their credit card or banking information.

2. What should you know:

  • Unless the customer has signed up for SMS or email notices, popular couriers servicing Canada will inform recipients of missed deliveries by leaving a delivery notice at the customer’s door or in their mailbox.
  • Couriers will never complete any transactions via Interac e-Transfer.

Red Flags to look out for:

  • You receive an unexpected email or text message claiming to be from a courier service regarding a package.
  • The text in the email or text message has spelling or grammatical errors.
  • The URL in the message has spelling or grammatical errors. If you are unsure of the genuine URL, use a search engine and go directly to the company’s website.
  • The website claiming to be the courier service is requesting some form of payment.

3. What should you do?

  • Don’t click on links in email or text messages. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.
  • Delete the email or text message immediately. Do not click on any unsolicited links that appear to be from courier services.
  • Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.

Examples of Package Delivery Scams

The scam messages sent can range from being good imitations, to primitive or very off-brand:

Date: April 2023
Type: Fake Facebook Page
Status: Active

Fake RBC Facebook Pages

Exercise Care when Interacting on Social Media

1. Details of the scam:

Fraudsters continue to impersonate RBC by creating fake RBC Facebook pages. Unsuspecting clients may interact with the fake pages and provide personal information, assuming that it is a RBC legitimate Facebook page.

2. What should you know:

These fake Facebook pages may look deceivingly close to the legitimate RBC Facebook page (https://www.facebook.com/rbc) as they often copy images, posts, and reactions from the RBC page.

RBC legitimate Facebook page has the blue verified checkmark, which confirms the authenticity of a page.

Red Flags to look out for:

  • The fake Facebook pages do not have the blue verified checkmark.
  • The fake Facebook pages have no or low follower counts.
  • The likes, comments, and reactions are part of the image and you are unable to view users who commented/reacted/liked the post.

3. What should you do?

  • Go directly to the official website.
    When in doubt, type www.rbc.com or www.rbcroyalbank.com into your browser, or use an official RBC app. The official RBC website has many resources that will direct you to the product or assistance you need.
  • Go directly to the RBC official Facebook page if you prefer to interact on Facebook.
    RBC official Facebook page https://www.facebook.com/rbc has the blue verified checkmark, which confirms the authenticity of a page.
  • Example of a fake RBC Facebook page that uses posts, images, and logo from the official RBC Facebook page:

Date: March 2023
Type: Fake Website
Status: Active

Fake Interac e-Transfer

Use Caution When Accepting Interac e-Transfers

1. Details of the scam:

Scammers are using fake Interac e-Transfer pages to direct clients to phishing sites resembling their bank’s login page, where they will be tricked into entering their login credentials. Once the credentials are entered, the scammers use them to steal money from the client’s bank account.

2. What should you know:

These fake Interac pages look just like the legitimate Interac e-Transfer page, and contain links for the most common Canadian banks, including RBC. Scammers may use reasons such as tax refunds, telecom refunds, and COVID-19 relief to lure clients, allowing fraudsters to target as many Canadians as possible.

Red Flags to look out for:

  • You receive an unexpected e-Transfer request from an unknown individual.
  • The URL displaying the e-Transfer page is not “etransfer.interac.ca”.
  • The URL in the text, email, or e-Transfer page has numbers, dashes, or spelling mistakes.

3. What should you do?

  • Sign up for Interac AutoDeposit. By using AutoDeposit, any legitimate e-Transfers will be automatically deposited into your bank account without requiring your interaction. If you are enrolled in AutoDeposit, you can safely determine that any Interac e-Transfer links you receive are fake.

    For more information, visit https://www.rbcroyalbank.com/dms/payments/autodeposit/.
  • Verify the sender’s identity before clicking on any links in the e-Transfer request. If it is from an unknown phone number or email address, do not accept the e-Transfer.

    E-Transfer(s) received via SMS:
    Legitimate SMS messages from Interac Corp. regarding e-Transfers will be sent from the number “10001”. However, this number can still be faked by scammers, so continue to be vigilant while clicking links received from “10001”.

    E-Transfer(s) received via Email:
    Verify the origin of the interac e-transfer email before clicking on links. Legitimate interac emails are typically sent from the “payments.interac.ca” domain and include a digital signature. See screenshot for more details on what to look for.

  • Check the URL before you click through an Interac e-Transfer page. Legitimate e-Transfers always start with the URL “etransfer.interac.ca”.
  • Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.
  • Don’t click on links in email or text messages. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.

Below is an example of a fake Interac e-Transfer site directing clients to a fake RBC Login page:

Example of a legitimate e-Transfer URL and webpage:

Date: FEBRUARY 2023
Type: False Advertisements/Website
Status: Active

Fake RBC Advertisements Linking to Phishing Websites (Malvertising)

Exercise Care when Web Searching to Avoid Phishing Scams

1. Details of the scam:

Fraudsters continue to impersonate RBC by creating “genuine looking” phishing websites and scheming new ways to lure clients into clicking malicious links.

Cybercriminals are purchasing advertising space to promote their phishing sites so that they appear at the top of search engine results. Unsuspecting clients may click the first or second link that appears to them, assuming that it is a trustworthy website.

2. What should you know:

These fake advertisement links often look deceivingly close to the legitimate RBC URLs (such as www.rbcroyalbank.com or www.rbc.com). Clicking a malicious link will redirect the victim to a phishing website, which may possibly result in the victim disclosing sensitive information. Red Flags to look out for:

  • The URL in the ad has numbers, dashes, or spelling mistakes.
  • The ad description has text unrelated to RBC or has spelling mistakes.
  • The ad description contains the keywords you are looking for, but clicking the link takes you to a URL that does not belong to RBC.

3. What should you do?

  • Go directly to the official website. When in doubt, type www.rbc.com or www.rbcroyalbank.com into your browser, or use an official RBC app. The official RBC website has many resources that will direct you to the product or assistance you need.
  • Be careful when clicking “Sponsored” or “Ad” links. Ads typically appear at the top of search results. The first link may not always be the best link to click.
  • Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.
  • Don’t click on links in email or text messages. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.

Example of fake RBC websites advertised in search engines (the domains in the images do not reflect real phishing domains observed for security reasons):

Date: JANUARY 2023
Type: Website
Status: Active

“I’m not a robot” Test

1. Details of the scam:

Fraudsters continue to trick victims into entering credentials onto fake RBC websites. It is now common for phishing sites to be hidden behind a “CAPTCHA”, which is a test to differentiate between humans and robots, commonly known as "I'm not a robot" test.

2. What should you know:

RBC does not use any CAPTCHA services as we use many other tools to identify and authorize you to keep your accounts safe. If you find yourself clicking or tapping on an RBC-related link and are faced with a CAPTCHA, do not go any further, and immediately close the website.

3. What should you do?

  • Close the page immediately
  • Always go directly to the official website when providing sensitive information. Type the website URL directly into your browser – e.g., www.rbc.com. Or use an official app (e.g., RBC Mobile app)
  • Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.
  • When using a search engine, pay attention to which links are ads and which are genuine search engine results. Ads typically appear first. Also, the first link displayed by a search engine may not always be the best link to click.
  • You can help us by forwarding the phishing email or attaching a screenshot of a fraudulent text message to phishing@rbc.com.
  • If you accidentally share your banking information, contact us immediately.

To help you spot phishing emails and fake websites, visit our Cyber site.

Example Screenshot:

Date: OCTOBER 2022
Type: Website
Status: Active

Example Screenshot:

EMAIL FROM YOUR RBC INVESTOR ADVISOR

1. Details of the scam:

Delivery: Email

Subject line: RBC GIC special introduction rates

An email arrives in your inbox indicating it’s from an RBC employee and it has an RBC logo, promising special GICs rates. However, the email address doesn’t look right, and they are asking for your personal information.

2. What should you know:

  • This is an example of a Phishing Email Scam.
  • Phishing emails appear to be sent from organizations or personal contacts typically asking for financial or personal information.
  • They often appear to offer a financial reward, an impending threat towards you, or claim to be someone in need of your help.
  • While you may think you’re giving your information to a valid company, you’re instead providing it to a fraudster.

3. What should you do?

  • Never open attachments you were not expecting.
  • If the email appears to come from a person you know, contact them to verify the authenticity.
  • Never provide any personal information in an email.
  • For phishing emails, please notify us by forwarding the suspicious email to phishing@rbc.com for analysis. Please note that phishing@rbc.com is an automated mailbox for reporting phishing and website fraud only – we are unable to provide responses from this mailbox.
  • Reset all digital credentials
  • If you believe your confidential information may have been stolen or obtained by a fraudulent party either online, by telephone or through any other means, call us immediately. Contact Us
  • Delete the email

To help you spot phishing emails and fake websites, visit our Cyber site.

Date: DECEMBER 2020
Type: Website
Status: Active

Example Screenshot:

Example:
The first result in this search looks very convincing. The link associated with the ad was a realistic-looking phishing site.

Exercise Care with Web Searches to avoid Phishing Scams

Fraudsters continue to impersonate RBC through many channels, including genuine-looking phishing websites. Scammers lure clients through malicious links in emails, text messages and search engine results, aiming to trick users into sharing sensitive information.

Malvertising Scams

Cybercriminals are actively targeting RBC clients by taking out fake online advertisements to drive traffic to malicious websites. Known as “malvertising”, these attacks target the web search results of highly visited websites, including popular ecommerce sites and financial institutions like RBC. Fraudsters aim to trick users into divulging sensitive information before the search engines can remove fake ads. Be careful when clicking on any link and stay alert for fake websites.

Telltale Signs:

  • The ad text appears genuine, but when clicked the link takes you to a different URL.
  • When trying to sign in with genuine credentials, often there’s an “error message” and asking you to call for support.
  • When calling the (fraudulent) support number provided on screen, an agent asks for details like you client card number, password and verification questions - or to take over your computer remotely.
  • There is “urgent action required”.

How to Protect Yourself:

  • Go directly to the official website when providing sensitive information. Type the website URL directly into your browser – e.g. www.rbc.com. Or use an official app (e.g. RBC app.)
  • Don’t click on links in email or text messages. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.
  • Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.
  • When using a search engine, pay attention to which links are ads and which are genuine search engine results. Ads typically appear first. Also the first link displayed by a search engine may not always be the best link to click.
  • Don’t let anyone take control of your computer remotely. For example, to “sign you in”, “reset your password” or provide “technical support”.
  • Don’t provide financial details or personal information to unknown parties over the phone. (e.g. credit card number, expiry date).
  • If you need help from RBC: Visit our website by typing the RBC URL directly into your browser (e.g. www.rbc.com). Use the information listed only on our official website to contact us or call the numbers listed on the back of your RBC client card.

How to Report Fake Websites or Online Scams:

If you think you’ve spotted a fake website or online advertising masquerading as RBC, copy and paste the website address or search result and email to phishing@rbc.com. Online advertising scams can also be reported directly to the search engine using tools for submitting violations.

Note: We receive large volumes of reports and are unable to provide personalized responses to emails sent to this email address.

Date: DECEMBER 2020
Type: SMS
Status: Active

Example Screenshot:

The fraudulent text messages can be very convincing. This one claims an “online account” has been “temporarily locked”.

Cyber criminals continue to send fraudulent SMS (text) messages masquerading as RBC. Known as Smishing, a form of phishing, these texts are sent by fraudsters trying to trick people into providing personal or financial information.

Be alert for any text messages claiming to be from RBC – particularly those asking you to log into your RBC accounts or appearing to require urgent attention.

If you receive one of these messages:

Do not:

  • Click on any links in the message or share personal information. RBC will never ask you to provide, confirm or verify personal, login or account information through regular unsecured email, text message or unsolicited phone call. For example, RBC won’t send you a link via text message or email asking you to “click here” to log in to your bank account.
  • Reply to the message or call the number provided

Do:

  • Log in to any accounts directly through RBC’s website or apps. (e.g. RBC Mobile App.)
  • Contact RBC immediately if you believe your confidential information may have been stolen or obtained by a fraudulent party through text messages, email, phone, websites or any other means. Use the contact numbers on the back of your client card or on our website rather than the number provided in the message.
  • Take extra care with phone numbers you don’t recognize. Keep in mind that it’s easy to imitate phone numbers or senders.
  • Learn more about phone and messaging scams and how you can communicate with RBC safely.

RBC Text Messages and Alerts:

  • RBC Text Messages: RBC will use text messages sent via a short code to communicate with you at your request. All short codes used by RBC are listed on the page. If you have received a text message from a phone number not listed, or any message asking you to provide or confirm personal details or confidential information, do not reply. Report it to us at phishing@rbc.com.
  • RBC Royal Bank Alerts: You can set up alerts through RBC Online Banking or the RBC Mobile App. Simply set the type of alert you want to receive and decide how to receive them – by text message, email or mobile push notifications.

How to Report Smishing/Phishing:

  • If the message is pretending to be from RBC: Do not reply. Forward to the RBC security team at phishing@rbc.com and enter "Smishing Incident" in the subject line. Include the phone number and the contents of the text message. Once reported, you can then delete the text message from your device.
  • Scams can also be reported to local government, law enforcement and/or telecommunications providers. For example, the Canadian Anti-Fraud Centre.

Date: APRIL 2020
Type: E-Mail/SMS
Status: Active

Cyber criminals are continuing to use COVID-19 themed messages to harvest personal information and commit fraud. Their tactics continue to evolve, with the latest phishing emails focused on emergency financial support, employment and benefits programs, including the Canada Emergency Response Benefit (CERB) program.

What to look for:

  • Be on high alert for phishing emails and phone/text messaging scams related to COVID-19.
  • Watch for any message that asks you to provide personal or financial information – for example, to claim money or apply for COVID-19 benefits.
  • Be careful about clicking any links or attachments in emails, texts, messaging apps or social media messages. It’s very easy for attackers to fake email addresses or phone numbers to impersonate other people or organizations, like government agencies.

Do’s and Don’ts:

  • When registering and claiming your COVID-related benefits, go directly to the official websites of authorities. Don’t click on links in emails or text messages, or open attachments. Go directly to official websites by typing the address into your browser, or use a trusted search engine to find the official site. And always be wary when entering ANY personal or financial information online.
  • Do use reliable information sources, such as government websites, when seeking information on financial relief related to the COVID-19 pandemic.
  • Do report suspicious messages and then delete them immediately. If you receive a suspicious email appearing to come from RBC, please forward it to phishing@rbc.com.
  • Do be very careful about trusting emails or text messages, and who sent them. Look closely at the “from” email address and remember that it’s very easy for attackers to forge emails or phone numbers to appear legitimate.
Where can I get trusted and safe information about COVID-related financial benefits, and how to claim them?

Where do I report any scams?

Canada:

U.K.

U.S.

Other countries:

  • Please visit the official websites of your region’s government authorities.

Date: APRIL 2020
Type: SMS
Status: Active

Sample text

Scammers are sending text messages impersonating government revenue/taxation authorities and agencies, such as the Canada Revenue Agency (CRA) and Internal Revenue Service (IRS). Although taxation scams may be more frequent around tax-filing deadlines, they also continue throughout the year.

How to Recognize the Scam
Text messages that claim to provide a tax reimbursement with a website link. Scammers are attempting to steal your personal information, such as:

  • government identification, like a Social Insurance Number (SIN) or Social Security Number (SSN)
  • online taxation service usernames and passwords
  • online banking client card, username, and passwords

Government taxation agencies will never contact taxpayers by email, text message, or social media requesting personal or financial information

This current tax-related scam is similar to past ones, such as a refund deposit, claiming you owe taxes, offering free tax preparation, or that your government identification or bank account is being suspended.
See the past RBC alert, “Phishing Scam: Payment Receipt Advise.”

What should you do?

Where can I get trusted and safe information about tax returns?

Date: MARCH 2020
Type: Email
Status: Active

Sample Emails



Cyber criminals are currently taking advantage of the COVID-19 pandemic by sending emails, texts and social media messages that contain phishing links or malicious attachments.

Cyber criminals are impersonating governments, health authorities and other organizations to provide false information, steal information, sell fake medical products or tests and redirect to fake charity donations.

What to look for: 

  • Be careful about clicking links or attachments in suspicious emails, texts or social media messages.
  • Attackers can falsify the sender information in messages. Make sure the sender’s email address has a valid username and domain name.
  • Be careful before revealing any personal or financial information through email, a website, text message, social media, or by phone.
  • Learn how to protect yourself online

What you should do if you receive a suspicious message:

  • If you receive a suspicious email appearing to come from RBC, please forward it to phishing@rbc.com.
  • Delete suspicious messages immediately after reporting them.
  • Consider contacting the person or organization that sent the message using a phone number you’ve used before or one listed on their website.

Where can I get trusted and safe information about the pandemic?

Visit known and reputable websites, like the official World Health Organization’s Coronavirus disease (COVID-19) Pandemic page, or local health authorities like the Public Health Agency of Canada website for correct up-to-date information on COVID-19.

For updated information on COVID-19 from RBC, please visit https://www.rbc.com/covid-19/index.html

Make sure you know how to protect your business.

Date: JULY 2019
Type: Email
Status: Active

Investors are being targeted by a scam using fake RBC Direct Investing branded websites. Cyber criminals are attempting to solicit members of the public to invest money in a questionable investment or one that doesn’t exist at all via websites that appear to be from RBC. Common tactics of the online investment scam include website spoofing (making a similar version of a trusted website), using social media to research and attract potential targets, and soliciting them through popular messaging platforms and/or email.

RBC Direct Investing has two legitimate websites:

If you are unsure whether a correspondence claiming to be from RBC is authentic, please contact us immediately.

If you have already invested in an offering you think may be fraudulent or you have been asked to pay additional money to get back money from an investment, we strongly recommend that you take steps to report the matter to your local law enforcement.

For secure ways to open an RBC Direct Investing account, Investors should contact RBC Direct Investing

Recognizing and avoiding investment scams:

  • If something seems too good to be true, it probably is. If an investment is advertised as having high or guaranteed return with little or no risk, it is usually a good indicator that you should investigate further before investing.
  • Ask questions and research the company, the broker, and the investment.
  • If someone is pressuring you to make a quick investment decision or move funds out of your country or market, disengage and reconsider.
  • Approach unsolicited offers with caution.
  • Don't follow links contained in investment offers; always navigate to websites independently, and double check the URL, as cyber criminals are known to imitate trusted websites.

Please visit the following links to seek guidance on how to protect yourself:

Date: JULY 2019
Type: Email
Status: Active

Recently, we sent an email to our valued RBC business clients asking them to update their email servers to a more secure encryption protocol. The Payment Card Industry Data Security Standard (PCI DSS) for safeguarding payment data now requires an encryption protocol which includes the Transport Layer Security (TLS) v1.1 or higher (TLS v1.2 is the RBC Standard).

This update is needed to ensure our business clients have the right security measures in place to continue communicating safely and securely with RBC.

The email was sent from RBC TLS Communication (pcbtls@rbc.com) on July 8. Below is what it looked like:

What You Should Do

  • If you have received this email, please follow the instructions provided to verify that you are using an appropriate version of TLS.
  • Starting September 1, 2019, RBC will no longer support TLC v1.0 or v1.1. Please update your email servers to TLC v1.2 to ensure an encrypted connection between our email service and yours.
  • Hang up and call the company that the person or message states they are calling from on their official number to verify that the request is genuine.
  • Get more details about this change on our TLS v1.2 FAQs page.

Questions?

If you have any questions, please contact RBC's TLS Registration team at pcbtls@rbc.com.

Date: MAY 2019
Type: Phone
Status: Active

A telephone scam targeting the Asian community has recently resurfaced. The fraudsters claim to be calling from RBC. The purpose of these calls is to trick clients into giving up personal information for fraudulent use. The caller may use social engineering tactics like threatening to close your account or insisting you update your account information to create a sense of urgency.

The calls appear to be coming from an RBC phone number: 1-888-769-2598. This is known as ‘call spoofing’ where a caller falsifies the number that appears on the recipient’s caller ID display. In this case, the fraudsters are trying to trick you into believing that RBC is calling.

What You Should Do

  • If you answer the phone and the caller – or a recording – asks you to press a button to stop getting the calls, you should just hang up. Scammers often use this trick to identify potential targets.
  • Do not respond to any questions, especially those that can be answered with "Yes" or "No."
  • Hang up and call the company that the person or message states they are calling from on their official number to verify that the request is genuine.
  • If you accidentally share your banking information, contact us immediately.

Be Cyber Aware

Become your best defence against cyber criminals. Visit rbc.com/cyber for more tips on how to keep your personal information secure.

Date: MAR 2019
Type: E-Mail
Status: Active
Phishing Scam

RBC clients are the target of new phishing scam. The suspicious email, appearing to come from RBC, is a direct deposit notice indicating that the Canada Revenue Agency has recently put money into your RBC account. The email includes an attachment.

What to look for

Pay attention to the sender and their email address.

  • Make sure that the sender’s email address has a valid username and domain name. A suspicious email address could look like: "<noreply@achaft-rbc.com>"

The email's contents can also offer clues.

  • If you get an email and it asks you to download a questionable attachment and run it, that’s another red flag.
  • RBC will never ask you to download and run programs attached to an email.

What you should do

If you receive a suspicious email, appearing to come from RBC, forward it to phishing@rbc.com and then delete it right away. Even if you didn’t click on the link or download any attachments, it’s important that our cyber security experts are aware of these types of scams.

Be Cyber Aware:

  • Never open attachments, click on links or download anything from any email or website that looks suspicious
  • Always verify in-person or over the phone that the person contacting you is who they say they are
  • Here’s more on how to spot phishing scams.
  • Get more tips on how to keep your email safe.

Date: FEB 2019
Type: SMS
Status: Active
Smishing Scam

RBC clients are the target of another text-messaging scam. The text messages warn clients that their cards have been disabled, and that they must click on a link or call a phone number in order to secure their account.

If you receive one of these text messages, we strongly urge you not to click on the link, and to contact us directly using the contact numbers on the back of your client card or on our site rather than the number provided in the text message.

Clients have also received text messages instructing them to call a phone number to receive an important message. These messages are also fraudulent. DO NOT call the number provided, instead use the contact numbers found on the back of your RBC client card or on our site.

The scam appears to be limited to Canadian clients, but US or Caribbean clients may be targeted too. If you have received a text message from a number you don’t recognize, delete the message right away. If you believe your confidential information may have been stolen or obtained by a fraudulent party either online, by telephone or through any other means, contact us immediately.

Date: FEB 2019
Type: Phone
Status: Active

Several calls, designed to appear as though they are coming from RBC, have been made to RBC clients across Canada in order to retrieve personal or financial information. No RBC systems have been compromised, and we have escalated this issue to Canadian telephone carriers, who are working to remediate the situation.

What is Caller ID Spoofing?

Caller ID spoofing is when a caller deliberately falsifies the information transmitted to an individual’s caller ID display to disguise their identity.

Protect Yourself from Spoofing

Spoofing is often used as part of an attempt to trick someone into giving away valuable personal information so it can be used in fraudulent activity or sold.

Spoofing is a social engineering scam that relies on psychological manipulation tactics. Websites, phone numbers, email addresses, and various other communication methods can be spoofed.

As this is a Canada-wide scam that involves a wide range of corporate and personal phone numbers, here are some additional tips to protect yourself from caller ID spoofing:

  • If you answer the phone and the caller - or a recording - asks you to hit a button to stop getting the calls, you should just hang up. Scammers often use this trick to identify potential targets.
  • Do not respond to any questions, especially those that can be answered with "Yes" or "No."
  • Call us at the contact numbers found on the back of your RBC client card or on our site.

Need to Report Online Fraud?

Phone Icon

Call Us

If you believe your confidential information may have been stolen or obtained by a fraudulent party either online, by telephone or through any other means, call us immediately.

If you believe your confidential information may have been stolen or obtained by a fraudulent party either online, by telephone or through any other means, call us immediately.

Learn more

Report Icon

Report ID Fraud

If you think you are a victim of identity fraud and you are an RBC client

If you think you are a victim of identity fraud and you are an RBC client

Learn more

Email Icon

Email/Website Fraud

If you have received a suspicious email or accessed a fraudulent RBC website

If you have received a suspicious email or accessed a fraudulent RBC website

Learn more