Scam Alerts

Package Delivery Scams

During the holiday season, scammers are taking advantage of the high volume of deliveries to steal information from clients. We have observed fake text messages and emails pretending to be from Package Delivery/Courier Services, or RBC regarding a pending delivery.

1. Details of the scams:

Scammers are sending fake shipping notices from popular courier services. They are sending phishing SMS and emails claiming that the recipient has a parcel waiting but must pay a customs or rescheduling fee, which needs to be done online via the attached link. This link directs the recipient to a genuine-looking phishing site for the courier service, where they will be tricked into either entering their credit card or banking information.

Scammers are also impersonating Delivery Agencies and RBC by calling clients, claiming to be assisting with a package delivery for which they require access to your online banking and personal and banking information.

2. What should you know:

• Unless the client has signed up for SMS or email notices, popular couriers servicing Canada will inform recipients of missed deliveries by leaving a delivery notice at the customer’s door or in their mailbox.
• Couriers will never complete any transactions via Interac e-Transfer.

Red Flags to look out for:

• You receive an unexpected email or text message claiming to be from a courier service regarding a package. The text in the email, text message, or the URL has spelling or grammatical errors. You may also receive a request for some form of payment
• You receive a call requesting that you provide sensitive details, such as passwords or one-time codes, to proceed with your package delivery. You might be asked to log in to your Online Banking.

3. What should you do?

• Don’t click on links in email or text messages. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.
• Delete the email or text message immediately. Do not click on any unsolicited links that appear to be from courier services.
• Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.
• Do not provide any personal and confidential information to anyone who calls you. This includes information such as Online Banking passwords, answers to security questions, one-time passcodes, or your client card/credit card PIN.
• Hang up and call back. If you receive a call that sounds suspicious, hang up, and call back using the information available on the company’s website.

Beware of Scams Targeting Online Sports Betting

What you should know:

With the overwhelming popularity and accessibility of online sports betting, fraudsters have adapted their tactics to target unsuspecting sports bettors. These scams often fraudulent offers, fake betting platforms, or manipulated odds to trick individuals into revealing personal information or sending money to accounts impersonating sports betting sites.

What to look out for:

One common tactic is offering "guaranteed wins" or "insider tips" in exchange for upfront payment or deposit into a fake account. Once the payment is made, the fraudsters either disappear or request further funds, claiming there is an issue with the initial deposit.

Fraudsters may also pretend to be legitimate sports betting platforms and ask for sensitive banking and/or personal information, claiming it is required to process winnings or refund an "overpayment".

What should you do?

• Research the platform. Verify the legitimacy of any online betting platform by checking reviews, licenses, reputation.
• Verify payment communications. Be wary when being asked to transfer funds to platforms through unconventional methods, such as e-Transfer, wire transfers, gift cards, or cryptocurrency.
• Guard your personal information. Do not share sensitive personal or banking information to unsecure websites. Legitimate platforms will not ask for unnecessary information.

RBC Cyber Fraud Alert: Taxi Scam

Details of the scam:

The taxi scam involves a card swap and a stolen PIN. In recent situations, an individual will be approached by a scammer claiming that they are attempting to pay their taxi fare, but they only have cash, and the taxi driver will only accept a card payment. The scammer will ask the individual if they can give them the cash and, in return, borrow and use the individual’s card to pay for the taxi fare.

The taxi driver, who is also a scammer, will ask the individual to complete the payment by inserting their card into a device and entering their PIN. The device is rigged to capture the entered PIN; meanwhile the taxi driver will secretly swap cards and hand back a different, but similar looking card to the individual.

With the card and PIN in hand, the fraudsters will then utilize it aggressively in a short period of time for in-store purchases or ATM withdrawals until fraud is detected or reported and card is blocked.

There has also been reports of scammers working alone, posing as a taxi driver and completing a card swap when the individual is paying for their ride

What should you do?

• Do not participate in transactions that you have not initiated
• When possible, use a contactless payment option. A PIN is not required when using the tap option
• Set up alerts on your account(s) to be notified when there’s a purchase or withdrawal greater than a specified amount
• Regularly review your statements for unusual transactions
• NEVER let your credit card or client card leave your sight, and verify that you receive the correct card when it’s handed back to you
• If you’ve fallen victim of this scam and/or you no longer have your card in hands, contact RBC immediately to secure your account
  
  • You can lock your RBC client card or credit card temporarily at any time by simply logging in to the RBC Mobile app and navigating to your account details page.
  • 1-800-769-2511 (telephone banking)
  • 1-800-769-2555 (online/mobile banking)
  • 1-800-769-2512 (credit cards)
  • 1-800-769-2535 (RBC Express online banking Client Support Centre)
  • RBC Bank (Georgia), N.A.: 1-800-769-2553
  • TDD/TYY: 1-800-661-1275
  • Outside Canada and the U.S.: Reach us using our International Toll-Free Service
  • If you live in the U.S. please also contact your local authorities as well as the FTC (Federal Trade Commission) at 1-877-438-4338.
  • For personal credit card, you can also report fraudulent activity through Online Banking or the Mobile App
• Be sure to report the incident to your local police and file a report with the Canadian Anti-Fraud Centre

Card pick-up scam

Details of the scam:

Individuals, especially seniors, are receiving phone calls from fraudsters pretending to be a bank employee. The caller will create an urgent scenario; in most cases, they will inform you that they’ve identified fraudulent activity on your account(s), and the card(s) needs to be cancelled immediately.

The fraudster will then instruct you to put your card(s) and PIN in an envelope, and hand it over to someone who will come to your door to pick up. Within a few minutes, the other fraudster will come to the door dressed as a courier service staff, while you are on the phone with the caller. You are then instructed to hand over the envelope to the person at the door.

The fraudster proceeds to deplete funds quickly through various means. This includes ATM withdraw, Point-of-sale purchases, and online purchase for credit cards.

To gain your trust, the caller will usually provide some details regarding your personal information (e.g. name, address). Or they sometimes will ask you to cut the card into pieces but leave the chip on the card intact before you put the pieces in the envelop. However, once they receive the card pieces they can tape it back and will still be able to use it for POS purchases since the chip is still functioning.

What should you do?

• NEVER divulge your PIN to anyone. RBC will never ask you for this information.
• NEVER let your credit card or client card leave your sight and never give your card to anyone else
• If you’ve fallen victim of this scam and/or have provided your PIN number, contact RBC immediately to secure your account(s).
  
  • 1-800-769-2511 (telephone banking)
  • 1-800-769-2555 (online/mobile banking)
  • 1-800-769-2512 (credit cards)
  • 1-800-769-2535 (RBC Express online banking Client Support Centre)
  • RBC Bank (Georgia), N.A.: 1-800-769-2553
  • TDD/TYY: 1-800-661-1275
  • Outside Canada and the U.S.: Reach us using our International Toll-Free Service.
  • If you live in the U.S. please also contact your local authorities as well as the FTC (Federal Trade Commission) at 1-877-438-4338.
  • For personal credit card, you can also report fraudulent activity through Online Banking or the Mobile App
• Report the unsolicited fraudulent phone call to:
  • Local police
  • Canadian Anti-Fraud Centre (CAFC) 1-888-495-8501
  • Canadian Radio-Television and Telecommunications Commission (CRTC)

Beware of Overpayment Scams Targeting Commercial Clients

What to look out for:

Fraudsters are targeting commercial clients using counterfeit cheque that are couriered to RBC branches. These cheques come with instructions to deposit funds into the commercial client’s account.

After the deposit is made, the fraudster contacts the commercial client pretending to be a legitimate customer who has accidentally made a payment in excess of an agreed upon price or quote (“overpayment”). The victim is asked to wire the difference to an overseas account to correct the error.

When the counterfeit cheque is inevitably returned, the account is at a loss for the funds that were sent to the bad actors.

What you should know:

• Perform due diligence when fulfilling a request to resolve a payment error that involves reimbursement. Confirm that the initial payment was received and that any cheques are cleared of any holds or restrictions before using the funds.
• Verify with your customer if the request sounds suspicious. If it’s someone you’ve dealt with before, try to initiate contact through a trusted phone number or email address to confirm payment information (Remember: Phone numbers can be spoofed by fraudsters. It’s always better to be safe than sorry).
• Be wary of red flags when communicating with customers, including, but not limited to:
  
  • Payments sent in excess of the expected amount
  • Instructions to send payment to overseas accounts and/or countries that do not align with the companies physical location(s)
  • Unreasonable requests to divulge personal or banking information, outside of what is expected to complete a regular transaction and/or is publicly available
• Regularly review your banking statements and account activity. Several victims advised that they were not expecting to receive a cheque. If you see a credit or deposit that you do not recognize or were not expecting, or otherwise suspect that you may be the victim of a scam, contact RBC immediately to secure your account(s).
  • 1-800-769-2512 (Credit Cards Business Clients)
  • 1-800-769-2520 (Business Banking)

Beware of the risks associated to Bank Impersonation Scams

What to look out for:

Recent scam campaigns involve bad actors contacting clients as fraud representatives within their financial institution, including RBC. These are not actual representatives of the bank but are impersonating them to take advantage of unsuspecting victims. These calls may involve but are not limited to the following:

• Caller ID showing a phone number coming from your financial institution (spoofed phone number)
• Caller indicating that there is fraudulent activity on a banking profile or credit card
• Caller indicating that there is a need to provide a One-Time Passcode in order to identify you
• Caller may ask to create a new online banking password together
• Caller may ask for you to send money to yourself via e-transfer in order to secure your banking profile
• Caller may ask you to enter your PIN on your device to validate activity or require you to scan your ID on your phone
• Caller may ask you for an Interac e-transfer (Certapay) reference number

Other red flags of a scam to look out for on any call, not just those purporting to be from RBC:

• Asking you to download a remote access application (i.e. Anydesk) in order to share your screen
• Asking you to go to a store and buy gift cards

What you should know:

A Royal Bank of Canada representative or employee will NEVER:

• Ask you to provide one-time codes sent through SMS, emails, or voicemail to identify yourself.
• Ask you to send money to secure your profile
• Ask you to initiate any type of transaction on their behalf.
• Ask you to download a remote access application
• Access your online banking in order to add payees on your behalf

In addition, RBC will never ask you to assist in creating a new Online Banking password or ask you to share it. Online Banking passwords should only be created by the client, and never shared with anyone.

What should you do?

• Do not provide any Online Banking information to anyone who calls you. This includes information such as Online Banking passwords, answers to security questions, or your client card/credit card PIN.
• Never send a payment or Interac Etransfer at the request of someone advising you they are RBC.
• Never share answers to security questions for Interac Etransfers
• Never share your Interac Etransfer reference number with anyone
• Hang up, and call us back. If you receive a call from RBC that sounds suspicious, hang up, and call us using the number on the back of your debit or credit card. Even if it is an RBC representative contacting you, we will understand if you were more comfortable calling back. Better to be safe than sorry.

Beware of Phishing Scams Targeting Canadians During Tax Month

What to look out for:

As the tax filing deadline approaches in Canada, we are once again observing a spike in phishing attacks targeting Canadians via SMS, emails, and phone calls. These scams may claim to be notifications and links regarding the following (but are not limited to):

• Outstanding tax owing
• Eligible tax refunds
• Fake CRA sites
• Tax filing portals
• Tax filing services or assistance

These scams may also contain the following keywords if there is a linked URL (but again, are not limited to):

• CRA
• revenue
• refund
• gst/hst
• tax

What you should know:

The CRA will not ask you by text message or email for personal information, bank information, payments by e-transfers or gift cards. While the CRA may notify you of new tax-related communications via email, these messages must be read by signing in to your CRA account at Canada.ca.

In addition, the CRA will never issue refunds via Interac e-Transfer. Should you click any link directing you to an Interac page, close the page immediately. All CRA payments are sent through Direct Deposit or mailed to you by cheque.

What should you do?

• Do not click on links in unsolicited emails and text messages. This applies to all messages, but remain especially vigilant regarding tax matters this month.
• Only file your taxes through the Official methods. Never attempt to file taxes through links sent to you, or over the phone with someone you do not know and trust. Available CRA tax filing options are listed here: https://www.canada.ca/en/services/taxes/income-tax/personal-income-tax/get-ready-taxes/ways.html
• Delete the email or text message immediately. If you receive a message you suspect to be spam, delete it immediately.

For more information about protecting yourself against CRA Scams, please visit https://www.canada.ca/en/revenue-agency/corporate/security/protect-yourself-against-fraud/scam-alerts.html.

Be Aware of Phishing Messages Containing RBC and Other Bank Logos

What to look out for:

In previous Scam Alerts, we’ve discussed some tricky text-related methods that Fraudsters use to lure clicks, such as:

• Replacing letters with numbers, other types of “lookalike” characters, or adding extra letters.
• Hiding a phishing link behind a URL that looks like a legitimate RBC URL.

However, sometimes all it takes is the use of a familiar, “trusted” image (like the RBC logo) to get a victim to fall for the scam. Malicious messages may utilize bank logos or include image previews from their phishing websites to appear trustworthy, and the use of familiar logos can create a false sense of security – making it easier for unsuspecting individuals to fall victims to these scams.

What should you do?

• Exercise caution. Remain vigilant about messages from unknown senders, even if the message contains RBC logos, or logos from other reputable brands.
• Exercise caution when clicking any links. If you were not expecting a message from RBC or suspect that it is not a legitimate request, do not click on the link.
• You can help us by forwarding the phishing email or attaching a screenshot of a fraudulent text message to phishing@rbc.com
• Delete the email or text message immediately. If you receive a message you suspect to be spam, delete it immediately.

Fake Job Opportunities

Details of the scam:

Social media platforms are being increasingly leveraged by cyber criminals to spread malicious software (malware). Fake job postings or business opportunities might be used to lure users to download the malware.

Victims will receive direct messages from false recruiters with very attractive job opportunities, via LinkedIn or Facebook. The message contains a link to what is supposed to be the job description. When clicking the link, the malware will be downloaded.

Note: The job description could be hosted in a legitimate website (e.g. Dropbox, Google Drive, iCloud etc.)

Red Flags to look out for:

Before clicking any links or downloading any attachments:

• Always check the legitimacy of the recruiter sending you the message.
  Does their profile have enough information about their experience and background? If not, it may be a fake profile.
• Check the legitimacy of the job post.
  Is the job posted on LinkedIn or on the company’s website? If not, it may be a fake opportunity.
• Beware of opportunities that seem too good to be true. A salary that is way above average, unrealistic profits for a new business, or unusual benefits are all red flags.

What should you do?

If you received a fake job posting:

• Don’t click on links from unknown senders. Even if the sender’s address looks legitimate, remain cautious as it is possible for fraudsters to craft fake email addresses to appear real.
• Delete the email or text message immediately. If you receive a message you suspect to be spam, delete it immediately.
• Report it to the job site immediately.

Fake QR Codes - Quishing

Details of the scam:

You may have noticed that QR codes gained popularity during the pandemic - especially at restaurants as an alternative to printed menus. QR codes also continue to be a popular way to link to a website while attending an in-person event. Although convenient, QR codes can be used to trick you! Hackers are taking advantage of their popularity and sending phishing e-mails with malicious QR codes.

Red Flags to look out for:

You receive an unexpected message with a QR code attached, requesting you to scan it.

• Scanning the QR code will take you to a malicious website that can steal your credentials or download malware (malicious software).
• The e-mail might mimic well-known brands, like Adobe or Docusign, or emulate a message from a client.
• The attachment could be any file type that displays an image. Some common file types include: .pdf, .docx, .html and .eml (Outlook e-mail format).

Other Red Flags:

• Senders you don’t recognize: Avoid clicking on any links received from an unknown sender.
• Unexpected QR codes: QR codes are typically used for in-person events, so an email with a QR code is out of the ordinary and can be suspicious.
• Domain of the website: If you happen to scan the QR code, review the link before clicking the website. If it’s from a website you don’t recognize, that’s a red flag.

What should you do?

• Don’t click on links or scan QR Codes from unknown senders.
• Delete the email or text message immediately. If you receive a message you suspect to be spam, delete it immediately.
• Exercise caution when scanning any QR Codes. Rather than scanning the code, go to the website directly.

Telecom Refund Scams

Details of the scam:

Like other methods discussed in previous posts (Package Delivery scams – May 2023, Interac e-Transfer scams – March 2023) another common tactic targeting Canadians is the use of fake Telecom company refunds by masquerading as companies like Rogers, Bell, or Telus.

Victims will receive smishing and phishing messages stating that they are eligible for a refund due to a variety of reasons, such as outages, goodwill, or account corrections. These messages include a link directing them to a realistic-looking Telecom company phishing page and will appear to offer a refund via Credit Card or Debit. If Debit is selected, the victim will be directed to a fake Interac e-Transfer page where they will proceed to select their bank.

Keep in mind that Telecom companies will never send SMS messages regarding refunds, or issue refunds via e-Transfer or Credit Card. Any messages received should be deleted immediately.

Red Flags to look out for:

• You receive any SMS/emails informing you of a refund with a Telecom company regarding any reason.
• You receive a message regarding a refund or credit that you were not expecting.

What should you do?

• Don’t click on links from unknown senders. Take care when clicking on any links received from an unknown sender.
• Exercise caution when clicking email links from known senders. Even if the sender’s address looks legitimate, remain cautious as it is possible for fraudsters to craft fake email addresses to appear real.
• Delete the text message immediately. If you receive a message you suspect to be spam, delete it immediately.

Beware of investment scams involving cryptocurrency:

1. Details of the scam:

An investment scam is when a fraudster offers an individual the opportunity to invest, often using cryptocurrency, and promises a high rate of return in a short amount of time. These offers can be solicited through online ads where the victim is redirected to a website, but may also be unsolicited; in either case, there is time pressure to ensure the individual commits before they have time to complete their research on the investment opportunity.

Scammers will create fake accounts on websites or on social media that appears to be legitimate. They will reach out to individuals to invest in cryptocurrencies and promise them massive profits, even sharing ‘screen captures’ or live ‘trend graphs’ showcasing the progress of their investment. Note that these types of returns cannot be guaranteed, and anyone who promises a no-risk investment is most likely a scammer.

Cryptocurrency, along with other forms of payment such as gift cards, are often preferred by scammers because they are untraceable once they have left your account.

In most cases, victims of an investment scam will lose not only their investment but also their personal and financial information, leaving them vulnerable to identity theft.

2. Red Flags to look out for:

• Be mindful of individuals or services promising high (or quick) returns and unrealistic investment opportunities. If an opportunity sounds too good to be true, it’s a scam.
• If the individual contacts you in an unsolicited manner for an investment opportunity, either by phone, online or via social media, it is likely not legitimate.
• Investment scams are often tied to romance scams; if you are dating online and a romantic interest suddenly turns into an investment opportunity, you are dealing with a fraudster.
• Fraudsters will often showcase testimonials from "satisfied customers" to increase their credibility – do not let these hinder your decision making.
• Watch for grammatical errors in communications with the buyer. It may indicate that they are not the professional they claim to be.

3. What should you do to prevent becoming a victim of an investment scam?

• Do your homework and take time to research the offer. Scammers will rush you to into making a decision by telling you it’s a limited offer or that you can get a rebate if you invest today.
• Only send cryptocurrency to people you trust; it is always best to know the person to whom you are transferring money.
• Avoid sending funds to a third party. All transactions should be completed with the same person you initially engaged with.
• Complete your due diligence to verify the individual’s accreditation by making telephone calls and sending emails using trusted sources.
• Contact or visit your provincial security commission’s website to verify if the entity who you are in contact with is legally allowed to provide financial services in your jurisdiction. Contact Us - Canadian Securities Administrators (securities-administrators.ca) (Opens in new tab)
• Never provide copies or images of your identification or banking details.
• Ensure you have direct access to your investment account and can independently verify performance. Be wary of investing via a third party.

Realistic Looking URLs from Fake RBC Text Messages

1. Details of the scam:

With the increase in scam SMS messages (“smishing” messages) sent to Canadians targeting their bank accounts, clients must exercise caution when clicking on URLs sent to them. However, even the most eagle-eyed recipient may fall for the use of Punycode to disguise phishing URLs, making them look like legitimate domains.

In this scam method, punycode is what Fraudsters can use to replace “regular” characters in a URL with a different, similar character, directing clients to a phishing site. This can make it very tricky to differentiate between a legitimate and fake URL, since these links may look almost exactly like the real thing at first glance.

See the following example of a smish using punycode:

This may look like the legitimate domain belonging to RBC. Pause and look carefully, you may notice that the ‘r’ in ‘rbc.com’ is underlined and is the character: ‘ṟ ‘. By clicking this link, the scam victim would be directed to a phishing website using the domain “ṟbc”, which is not the same as “rbc.com”.

In this second sample, it seems like the legitimate ‘rbconlinebanking.com’ domain at first. Assess closely and you will notice the dot under the ‘k’, replacing it with a ‘ḳ’ (a ‘k’ with a small dot underneath):

Red Flags to look out for:

• You receive any SMS asking you to log in to your RBC account.
• You receive any SMS stating that there is an issue with your RBC account.
• You receive any SMS with a link to any RBC website, even if it looks legitimate.
• Any kind of password reset is requested.

2. What should you do?

• Don’t click on links in email or text messages. Take care when clicking on any links received from anybody, even if you know the person.
• Don’t click on links from unknown senders. Take care when clicking on any links received from an unknown sender.
• Delete the text message immediately. If you receive a message you suspect to be spam, delete it immediately.
• You can help us by forwarding the phishing email or attaching a screenshot of a fraudulent text message to phishing@rbc.com

RBC will never send an email requesting a password reset if there is a problem with your account.

1. Details of the scam:

RBC clients are seeing an increased number of sophisticated phishing emails impersonating RBC and requesting that the client resets their password due to suspected fraud on their account. When the link is clicked, the client will be redirected to a fraudulent RBC Online Banking site that steals client credentials.

At first glance, these emails may appear very legitimate due to the message’s urgency and formality. Some of the information (like phone numbers and instructions) may even be real, in attempt to further increase the chances of luring a victim. Additionally, legitimate-looking links in the message will hide the true URL behind it, which directs the client to a phishing site.

2. Fraudsters may attempt to use some of the following fake reasons to lure clients into their scams:

• Your account is locked.
• Fraud was detected on your account.
• There is an error with your bank account.
• Your credit/debit card is locked.
• Your account has been compromised.

RBC would never request a password reset for any of the above reasons! If RBC detects fraudulent activity on your account, we will contact you directly via the phone number associated on your account.

Examples

Red Flags to look out for:

• The sender of the email does not end in “rbc.com”.
• Any kind of password reset is requested.

3. What should you do?

• Don’t click on links in email or text messages. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.
• Delete the email or text message immediately. Do not click on any unsolicited links.
• Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is for a genuine website, and not an IP address. Keep in mind that scammers can create very realistic-looking fake websites.
• You can help us by forwarding the phishing email or attaching a screenshot of a fraudulent text message to phishing@rbc.com

Beware of Rental Scams and Fraudulent Renters:

1. Details of the scam:

A Rental Scam is when a fraudster creates a fake advertisement for a room or property rental to steal money from interested renters. In this scam, would-be tenants are tricked into paying an upfront fee or deposit to secure the rental, when the property does not exist, has already been rented out, or has been rented to multiple people at the same time.

On the flip side, Fraudulent Renters target legitimate landlords. There are several ways that fraudulent renters commit scams:

• They pretend to be a renter aiming to get financial or personal information from the landlord.
• They say they are moving in but plan to use it as a rental property to generate income for themselves.
• They send a payment (cheque, e-transfer) in an amount greater than the cost of rent and ask for a partial refund due to over payment.
• The payment is subsequently identified as fraud and debited from the account, leaving the victim responsible for any losses.

2. Red Flags to look out for:

As a Renter:

• Multiple ads for the same property but with different contact information for the landlord.
• The listing is vague or has typos, poor grammar, or excessive punctuation.
• The asking rent seems too good to be true.
• The landlord does not want to meet in person or states that they are out of the country.
• They do not allow you to visit the property before signing the lease.
• They ask for rent or a security deposit before signing the lease.
• There is pressure to sign or make a payment right away.

As a Landlord:

• The renter is not interested in learning more about the property or coming to see it first.
• The renter does not consent to a credit check or are hesitant to provide references.
• The account holder name on the deposit cheque does not match the name on the rental application or lease.

3. What should you do?

As a Renter

• Only rent via reputable websites and sources.
• Schedule a face-to-face meeting and research the landlord, real estate agent or property manager that’s listing the property.
• Whenever possible, visit the property in person and complete a walkthrough.
• Make sure you properly read through the contract before signing a lease to ensure that it is complete and that you are sufficiently protected by the terms and conditions.
• If you are a victim of a rental scam, contact local law enforcement immediately. Ensure that you cancel any pending payment transactions to the landlord and/or put a hold on cheques that have not been cashed.

As a Landlord:

• Offer to have the potential renter come by for a walkthrough of the property.
• Vet rental applicants by verifying ID documents, performing background and credit checks using reputable websites and contacting references.
  If you are the victim of a fraudulent renter, contact local law enforcement immediately. Do not accept any additional payments from the renter or cash any cheques that have been provided. If you have accepted funds from the renter, it is important that you do not withdraw or spend the money. Once the payment has been confirmed fraudulent, the funds will be debited from your account.

Examples 1

Examples 2

Close

Close

Pay Attention to the Website Address (URL) in the Address Bar When Entering Banking Information

1. Details of the scam:

With rapidly evolving technology, events, and social trends, scammers continue to develop creative methods of luring victims into phishing attacks. However, many of these attacks often have commonalities that we can use to easily identify scams.

One easy method of identifying a phishing scam is by paying attention to the website address (URLs) that the Banking site is hosted on and checking if it is an IP Address. You will never be asked by RBC or any other Financial Institution to conduct transactions or enter banking information on websites hosted on IP Addresses.

2. What is an IP Address?

To put it simply, an IP address is a string of numbers (such as 192.168.1.1) that the internet uses to translate the human-readable website addresses we use into computer language. Since words and characters are easier for us to remember, legitimate website owners will use a web address to direct users to their websites (e.g., www.rbcroyalbank.com, www.royalbank.ca, www.rbc.com, etc.)

RBC (or any legitimate organization) will never ask their customers to access their websites via an IP address. However, this is a common practice by scammers as it prevents them from needing to purchase a new phishing web address each time one is identified as a scam.

Examples

(click to enlarge)

(click to enlarge)

Close

Close

Red Flags to look out for:

• The text in the email or text message contains numbers instead of words and letters.
• Your browser’s address bar contains numbers instead of words and letters even though you see RBC content.

3. What should you do?

• Don’t immediately click on links. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.
• Delete the email or text message immediately. Do not click on any unsolicited links.
• Pay attention before and after you click on links. Before entering your password or personal information, verify the URL is for a genuine website and not an IP address. Keep in mind that scammers can create very realistic looking websites.
• You can help us by forwarding the phishing email or attaching a screenshot of a fraudulent text message to phishing@rbc.com

Fraudulent Phone Call Regarding Visa Charge

1. Details of the scam:

A call is received from what is displayed on a caller ID as a toll-free number. A recorded message states the call is from RBC and pertains to a fraud issue however no client name is mentioned.

After a moment which may include hold music, the caller may be transferred to a voicemail and asked to leave their contact information. A scam perpetrator will subsequently call the victim back and attempt to obtain Personal Identifiable Information (PII) and banking information while impersonating a VISA credit card security department representative. The goal being to conduct financial fraud.

2. What should you know:

Always remember that RBC Fraud Prevention representative will never ask a client to divulge banking or personal information on an outbound call. RBC relies on various methods to authenticate transactions and we may send you a SMS with One-Time Passcodes under various circumstances. RBC employee will never ask you to share this code by reading it back to us or by entering it on your phone keypad.

Red Flags to look out for:

• An automated system that calls you to place you on hold right away.
• A supposedly national, large operation call center that relies on a voicemail to compile client call back requests. RBC does not have/use a voicemail to facilitate call backs.
• A caller identifying themselves as an RBC staff asking you to confirm personal and banking information or to read out a code you receive by SMS.

3. What should you do?

• Remember to never disclose any personal information or banking to strangers or unverified persons including PIN, One-Time Passcodes, and answers to digital banking Personal Verification Questions (PVQs)

• If you believe your confidential information may have been stolen or obtained by a fraudulent party either online, by telephone or through any other means, please call us immediately.

  • 1-800-769-2511 (telephone banking)
  • 1-800-769-2555 (online/mobile banking)
  • 1-800-769-2512 (credit cards)
  • 1-800-769-2535 (RBC Express online banking Client Support Centre)
  • RBC Bank (Georgia), N.A.: 1-800-769-2553
  • TDD/TYY: 1-800-661-1275
  • Outside Canada and the U.S.: Reach us using our International Toll-Free Service.
  • If you live in the U.S. please also contact your local authorities as well as the FTC (Federal Trade Commission) at 1-877-438-4338.

• Report the unsolicited fraudulent phone call to:

  • Local police
  • Canadian Anti-Fraud Centre (CAFC) 1-888-495-8501
  • Canadian Radio-Television and Telecommunications Commission (CRTC)
• If you answer the phone and the caller - or a recording - asks you to hit a button to stop getting the calls, hang up. Scammers often use this trick to identify potential targets.
• Do not respond to any questions, especially those that can be answered with "Yes" or "No."

Package Delivery Phishing/Smishing Scams

Use Caution When Opening Links from Package Delivery/Courier Services

1. Details of the scam:

The drastic rise of e-commerce has resulted in an increase of scammers sending fake shipping notices from popular courier services. Scammers are taking advantage of this by sending phishing SMS and emails to trick unsuspecting Canadians into submitting their banking information.

The messages claim that the recipient has a parcel waiting but must pay a customs or rescheduling fee, which needs to be done online via the attached link. This link directs the recipient to a genuine-looking phishing site for the courier service, where they will be tricked into either entering their credit card or banking information.

2. What should you know:

• Unless the customer has signed up for SMS or email notices, popular couriers servicing Canada will inform recipients of missed deliveries by leaving a delivery notice at the customer’s door or in their mailbox.
• Couriers will never complete any transactions via Interac e-Transfer.

Red Flags to look out for:

• You receive an unexpected email or text message claiming to be from a courier service regarding a package.
• The text in the email or text message has spelling or grammatical errors.
• The URL in the message has spelling or grammatical errors. If you are unsure of the genuine URL, use a search engine and go directly to the company’s website.
• The website claiming to be the courier service is requesting some form of payment.

3. What should you do?

• Don’t click on links in email or text messages. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.
• Delete the email or text message immediately. Do not click on any unsolicited links that appear to be from courier services.
• Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.

Examples of Package Delivery Scams

The scam messages sent can range from being good imitations, to primitive or very off-brand:

(click to enlarge)

(click to enlarge)

(click to enlarge)

Close

Close

Close

Fake RBC Facebook Pages

Exercise Care when Interacting on Social Media

1. Details of the scam:

Fraudsters continue to impersonate RBC by creating fake RBC Facebook pages. Unsuspecting clients may interact with the fake pages and provide personal information, assuming that it is a RBC legitimate Facebook page.

2. What should you know:

These fake Facebook pages may look deceivingly close to the legitimate RBC Facebook page (https://www.facebook.com/rbc) as they often copy images, posts, and reactions from the RBC page.

RBC legitimate Facebook page has the blue verified checkmark, which confirms the authenticity of a page.

(click to enlarge)

Close

Red Flags to look out for:

• The fake Facebook pages do not have the blue verified checkmark.
• The fake Facebook pages have no or low follower counts.
• The likes, comments, and reactions are part of the image and you are unable to view users who commented/reacted/liked the post.

3. What should you do?

• Go directly to the official website.
  When in doubt, type www.rbc.com or www.rbcroyalbank.com into your browser, or use an official RBC app. The official RBC website has many resources that will direct you to the product or assistance you need.
• Go directly to the RBC official Facebook page if you prefer to interact on Facebook.
  RBC official Facebook page https://www.facebook.com/rbc has the blue verified checkmark, which confirms the authenticity of a page.
• Example of a fake RBC Facebook page that uses posts, images, and logo from the official RBC Facebook page:
  
  (click to enlarge)

  

  Close

Fake Interac e-Transfer

Use Caution When Accepting Interac e-Transfers

1. Details of the scam:

Scammers are using fake Interac e-Transfer pages to direct clients to phishing sites resembling their bank’s login page, where they will be tricked into entering their login credentials. Once the credentials are entered, the scammers use them to steal money from the client’s bank account.

2. What should you know:

These fake Interac pages look just like the legitimate Interac e-Transfer page, and contain links for the most common Canadian banks, including RBC. Scammers may use reasons such as tax refunds, telecom refunds, and COVID-19 relief to lure clients, allowing fraudsters to target as many Canadians as possible.

Red Flags to look out for:

• You receive an unexpected e-Transfer request from an unknown individual.
• The URL displaying the e-Transfer page is not “etransfer.interac.ca”.
• The URL in the text, email, or e-Transfer page has numbers, dashes, or spelling mistakes.

3. What should you do?

• Sign up for Interac AutoDeposit. By using AutoDeposit, any legitimate e-Transfers will be automatically deposited into your bank account without requiring your interaction. If you are enrolled in AutoDeposit, you can safely determine that any Interac e-Transfer links you receive are fake.
  
  For more information, visit https://www.rbcroyalbank.com/dms/payments/autodeposit/.
• Verify the sender’s identity before clicking on any links in the e-Transfer request. If it is from an unknown phone number or email address, do not accept the e-Transfer.
  
  

  E-Transfer(s) received via SMS:
  Legitimate SMS messages from Interac Corp. regarding e-Transfers will be sent from the number “10001”. However, this number can still be faked by scammers, so continue to be vigilant while clicking links received from “10001”.

  E-Transfer(s) received via Email:
  Verify the origin of the interac e-transfer email before clicking on links. Legitimate interac emails are typically sent from the “payments.interac.ca” domain and include a digital signature. See screenshot for more details on what to look for.

• Check the URL before you click through an Interac e-Transfer page. Legitimate e-Transfers always start with the URL “etransfer.interac.ca”.
• Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.
• Don’t click on links in email or text messages. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.

Fake RBC Advertisements Linking to Phishing Websites (Malvertising)

Exercise Care when Web Searching to Avoid Phishing Scams

1. Details of the scam:

Fraudsters continue to impersonate RBC by creating “genuine looking” phishing websites and scheming new ways to lure clients into clicking malicious links.

Cybercriminals are purchasing advertising space to promote their phishing sites so that they appear at the top of search engine results. Unsuspecting clients may click the first or second link that appears to them, assuming that it is a trustworthy website.

2. What should you know:

These fake advertisement links often look deceivingly close to the legitimate RBC URLs (such as www.rbcroyalbank.com or www.rbc.com). Clicking a malicious link will redirect the victim to a phishing website, which may possibly result in the victim disclosing sensitive information. Red Flags to look out for:

• The URL in the ad has numbers, dashes, or spelling mistakes.
• The ad description has text unrelated to RBC or has spelling mistakes.
• The ad description contains the keywords you are looking for, but clicking the link takes you to a URL that does not belong to RBC.

3. What should you do?

• Go directly to the official website. When in doubt, type www.rbc.com or www.rbcroyalbank.com into your browser, or use an official RBC app. The official RBC website has many resources that will direct you to the product or assistance you need.
• Be careful when clicking “Sponsored” or “Ad” links. Ads typically appear at the top of search results. The first link may not always be the best link to click.
• Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.
• Don’t click on links in email or text messages. Take care when clicking on any link, even those appearing at the top of search engine results. Float a cursor over the URL before you click or enter credentials.

“I’m not a robot” Test

1. Details of the scam:

Fraudsters continue to trick victims into entering credentials onto fake RBC websites. It is now common for phishing sites to be hidden behind a “CAPTCHA”, which is a test to differentiate between humans and robots, commonly known as "I'm not a robot" test.

2. What should you know:

RBC does not use any CAPTCHA services as we use many other tools to identify and authorize you to keep your accounts safe. If you find yourself clicking or tapping on an RBC-related link and are faced with a CAPTCHA, do not go any further, and immediately close the website.

3. What should you do?

• Close the page immediately
• Always go directly to the official website when providing sensitive information. Type the website URL directly into your browser – e.g., www.rbc.com. Or use an official app (e.g., RBC Mobile app)
• Pay attention before and after you click on links. Before entering your passwords or personal information, verify the URL is a genuine website. Keep in mind that scammers can create very realistic-looking fake websites.
• When using a search engine, pay attention to which links are ads and which are genuine search engine results. Ads typically appear first. Also, the first link displayed by a search engine may not always be the best link to click.
• You can help us by forwarding the phishing email or attaching a screenshot of a fraudulent text message to phishing@rbc.com.
• If you accidentally share your banking information, contact us immediately.

To help you spot phishing emails and fake websites, visit our Cyber site.