This occurs when a legitimate member sends an e-Transfer to someone they know. Criminals seize the opportunity to deposit the funds to a mule account before the intended recipient has the chance. The interception is not caused by a vulnerability in MemberDirect or the Interac e-Transfer product, but rather because the recipient’s email account was accessed by a criminal. Once in that account, criminals can “see” the notification from Interac and use the deposit link to redirect funds into a different account by answering the security question.
Here are some tips to help protect yourself:
- Not communicate the answer to the security question via email. Call and/or text the recipient with the password.
- Select a question and answer that is not easy for a third party to guess. If the notification is intercepted, it will be harder for a criminal to answer and steal the funds.
- Be cautious not to click on any phishing links and ensure that they are only transacting with trusted websites, vendors and people.
- Immediately notify their financial institution if they sense anything suspicious about their transaction.
- Register for Autodeposit, this will make sending money on the e-Transfer service more secure!