Skip to main content

Privacy and Security

We are committed to protecting your privacy and safeguarding your personal and financial information. While the Internet is revolutionizing the way that we do business — providing convenient access to financial services from your home or office — we also recognize that it may bring legitimate concerns about privacy and security.
Please refer to our Privacy Code to learn about our commitment to your privacy. To learn more about your privacy and this website, please refer to the Privacy Online page.

This code outlines the principles Kootenay Savings applies when protecting members' privacy. We believe that ensuring the accuracy, confidentiality, and security of the information we hold about you is more than simply a legal requirement, it is an ethical obligation.

This code is based on the Canadian Standards Association (CSA) Model Code for the protection of personal Information (CAN/CSA-Q830-96) and the Federal Personal Information Protection and Electronic Documents Act (PIPAEDA). Based on these models, we have tailored our own ten privacy principles to meet the specific needs and expectations of our membership.


This code applies to Kootenay Savings. It outlines the principles and commitments we make to you, our member, to protect the privacy of your personal information.

This code does not apply to the information collected, used or disclosed with respect to corporate or commercial entities that are members. However, Kootenay Savings exercises the same care and diligence in protecting the confidentiality of this information.

  • "Kootenay Savings" - means Kootenay Savings Credit Union and the Kootenay Savings Group of Companies: Kootenay Savings Group of Companies means all subsidiaries and affiliates of Kootenay Savings from time to time including Kootenay Savings Insurance Ltd. and Kootenay Savings MoneyWorks Ltd.
  • "Collection" - the act of gathering, acquiring, or obtaining personal information from any source, including third parties, by any means.
  • "Consent" - involves voluntary agreement with what is being done or proposed. Consent may be expressed or implied. Express consent can be given orally or in writing, it is unequivocal, and does not require any inference on the part of Kootenay Savings. Implied consent exists when Kootenay Savings can reasonably infer consent based upon the action or inaction of the member.
  • "Member" - is any individual who uses, or applies to use, financial services with Kootenay Savings.
  • "Disclosure" - the act of making personal information available to others outside of Kootenay Savings.
  • "Use" - the treatment and handling of personal information by and within Kootenay Savings.
  • "Personal Information" - information about an identifiable individual that is recorded in any form; excluding the individual's name, business title, business address and business phone number.
  • "Third-Party" - an individual or organization other than Kootenay Savings and the member.

1.0 Kootenay Savings is accountable for the protection of members' personal information. While senior management is ultimately accountable for the protection of personal information, the day-to-day monitoring for compliance may be delegated to other staff.

1.1 The overall responsibility for the protection of personal information, and compliance with this code rests with Kootenay Savings' Privacy Officer.

1.2  Kootenay Savings is committed to ensuring that the appropriate security measures are employed in the transfer of sensitive information. However, when using e-mail or wireless communication, Kootenay Savings advises members that complete confidentiality and security are not assured.

1.3 Kootenay Savings is not accountable for any damages suffered when a member transmits personal information through e-mail or wireless communication or when Kootenay Savings transmits information at the request of the member.

1.4 Kootenay Savings has developed policies and procedures to: protect personal information; receive and respond to complaints and inquiries; train staff regarding the policies and procedures; communicate the policies and procedures to our members.

2.0 Kootenay Savings will communicate the purposes for which information is being collected, either orally or in writing.

2.1 Kootenay Savings collects member personal information for the following reasons only:

  • To understand the member's needs.
  • To determine the suitability of the products or services for the member or the eligibility of the member for products and services.
  • To develop, offer and manage products and services to meet the member's needs.
  • To provide ongoing service.
  • To detect and prevent fraud, and to help safeguard the financial interests of the Credit Union and its members.
  • To meet legal and regulatory requirements.
  • To meet personal requirements.
  • To verify the member's identity.

3.0 Kootenay Savings will obtain member consent to collect, use or disclose any personal information except where detailed in this code. Kootenay Savings will make reasonable efforts to ensure that members understand how their personal information will be used and disclosed.

3.1 A member's consent can be express, implied, or given through an authorized representative such as a lawyer, agent or broker. A member can withdraw consent at anytime, with certain exceptions (see section 3.3). Kootenay Savings, however, may collect, use or disclose personal information without the member's knowledge or consent in exceptional circumstances:

  • When such collection, use or disclosure is permitted or required by law
  • When use of information is for acting in an emergency that threatens an individual's life, health, or personal security
  • When certain information is publicly available
  • When we require legal advice from a lawyer
  • When we need to collect a debt from a member
  • When we need to deal with an anticipated breach of law

3.2 Consent may be given orally, in writing, or electronically. For example, depending on the sensitivity of the information, consent can be expressed over the telephone when information is being collected; electronically when submitting an agreement, application, or other information; in writing when signing an agreement or application form; when using a product or service; when indicating by means of a check-off box whether or not consent is granted.

3.3 Subject to contractual or legal arrangements, members may withdraw or refuse consent provided that Kootenay Savings is given reasonable notice. Refusal or withdrawal of consent may prevent Kootenay Savings from providing a product or service to the member as in the case where a member is applying for credit and will not provide relevant credit information. Kootenay Savings will not unreasonably withhold products or services from members who refuse or withdraw consent, but if information is required by law or required to operate banking systems, Kootenay Savings may decline to deal with a member or person who will not consent to the use of such information.

4.0 Kootenay Savings will only collect personal information for the purposes identified. Kootenay Savings will use methods that are lawful and will not collect information indiscriminately.

5.0 Member information will only be used or disclosed for the purpose for which it was collected. Kootenay Savings will not use personal information for any additional purpose unless Kootenay Savings seeks member consent to do so.

5.1 Kootenay Savings will not sell member lists or personal information to Third Parties.

5.2 Kootenay Savings may periodically use member personal information to conduct member surveys in order to enhance our provision of financial services. If an outside body is employed to conduct research on behalf of Kootenay Savings, or provide other services that require access to member information, Kootenay Savings will ensure that appropriate security undertakings, such as confidentiality clauses in contractual arrangements, are employed to protect the transfer and use of personal information.

5.3 Subject to applicable law, each member of the Kootenay Savings Group of Companies may transfer information between each other.

5.4 Kootenay Savings will retain member personal information only as long as necessary or expected to be necessary for the identified purposes, or as required by legislation.

5.5 Kootenay Savings may disclose personal information related to a financial asset of Kootenay Savings along with transfer of the financial asset.

6.0 Kootenay Savings will make reasonable efforts to ensure that member personal information is as accurate, complete, and current as required for the purposes for which it was collected. In some cases, Kootenay Savings relies on its members to ensure that certain information, such as the member's address or telephone number, is current, complete, and accurate.

6.1 Kootenay Savings will not routinely update information unless it is necessary to fulfill the purposes for which it was collected or if it is required to maintain an active account.

6.2 Members may request amendments to the records at Kootenay Savings in order to ensure the accuracy and completeness of their personal information. If the amendment request pertains to information that remains in dispute, Kootenay Savings will note the member's opinion in the file.

7.0 Kootenay Savings is committed to the safekeeping of member personal information in order to prevent its loss, theft, unauthorized access, disclosure, duplication, use, or modification.

7.1 Depending on the sensitivity of the information, Kootenay Savings will employ appropriate security measures to protect the information. The measures may include, for example, the physical security of offices and data centres, and electronic security measures such as passwords, encryption, and personal identification numbers.

7.2 Kootenay Savings will use appropriate security measures when disposing of member personal information.

7.3 The development of Kootenay Savings' policies and procedures for the protection of personal information is an ongoing process. Changes in technology necessitate that Kootenay Savings continually develops, updates, and reviews information protection guidelines and controls to ensure ongoing information security.

8.0 Kootenay Savings is open about the policies and procedures it uses to protect member personal information. Information about these policies and procedures will be made available to members either electronically or in written format in plain language. However, to ensure the integrity of our security procedures and business methods, Kootenay Savings may refuse to publicly disclose certain information.

8.1 Kootenay Savings will make the following information available:

  • The name, title and address of the person accountable for the policies and procedures and to whom complaints or inquiries can be forwarded;
  • A description of the type of personal information held by Kootenay Savings, including a general account of its use;
  • A copy of any brochures or other information that explain the policies and procedures; and
  • An explanation of what personal information is made available to related organizations such as affiliated companies.

9.0 Members have a right to access their personal information held by Kootenay Savings. Upon request, Kootenay Savings will, within a reasonable time period, tell the member what personal information it has, what it is being used for, and to whom it has been disclosed if applicable and within the time period for which records are available. The information will be made available in an appropriate format for members with a sensory disability.

9.1 Members may be asked to be specific about the information they would like to access and to submit their request in writing to their contact at any Kootenay Savings branch.

9.2 Members will be required to provide personal information to identify themselves to enable Kootenay Savings to provide an account of the existence, use, and disclosure of personal information.

9.3 Kootenay Savings will make the information available within 30 days, or provide written notice of extension where additional time is required to fulfill the request.

When information is not provided within 30 days of the request, Kootenay Savings will, no later than 30 days after the date of the request, send a notice of extension to the member, advising of the new time limit, the reasons for extending the time limit and of the right of the member to make a complaint to the Commissioner regarding the extension.

9.4 The information will be made available at a cost that will vary with the type and amount of information requested. Where a cost will be incurred by the member, Kootenay Savings will inform the member of the cost and request further direction from the member on whether or not Kootenay Savings should proceed with the request.

9.5 When reporting to members to whom their information has been disclosed, Kootenay Savings will not document information transfers necessary for the daily provision of products and services to members. For example, transfers to organizations that process debit card purchases, cheque clearing, credit card transactions, and automated banking transactions will not be documented. Upon request, Kootenay Savings will provide a list of organizations where member personal information may have been sent.

9.6 If a request is refused, Kootenay Savings will notify the member in writing, documenting the reasons for refusal and resources for redress available to the member.

9.7 In certain situations, Kootenay Savings may not be able to provide access to any or all personal information about a member. In such cases, Kootenay Savings will explain the reasons it will not provide the requested information, and identify resources for recourse available to the member. The reasons for not providing information may include that it is unreasonably costly to provide, information that would threaten the life or security of another individual, information generated in a formal dispute resolution process, information that contains references to other individuals, information that cannot be disclosed for legal, security, or commercial proprietary reasons, and information that is subject to solicitor-client or litigation privilege.

9.8 If the information is demonstrated to be inaccurate or incomplete, Kootenay Savings will amend the information as required. Where appropriate, Kootenay Savings will transmit the amended information to Third Parties having access to the information in question.

10.0 Members are to direct any complaints, concerns or questions regarding this privacy code in writing to the Privacy Officer. If the Privacy Officer is unable to    address the member's concerns, the issue can be referred to the office of the CEO. At any point in this process the member may also write to the Privacy Commissioner.

10.1 Contact Information:

Kootenay Savings Credit Union

Suite 220 - 1101 Dewdney Avenue

Trail, B.C. V1R 4T1

Attention:  The Privacy Officer.


This information page describes in general terms how your personal information is collected and used within the online banking section of our site. The online banking area of the site is the area of our website that requires you to use your Member ID and Personal Access Code (PAC) to enter.

Controlled Access to your Information

To ensure that you are the only person accessing your personal financial information, we restrict access to the online banking section of the site by requiring that you enter your Member ID and PAC to login. Only you know your PAC. Our employees do not have access to your PAC, and they will not ask you to reveal it. If someone does ask you to provide your PAC to them, we ask that you refuse to do so and contact us immediately.

Transactional Services

By nature, our Internet banking site has many transactional functions such as transfers between accounts and bill payment functions. These transactions are all logged to ensure that your accounts are debited or credited appropriately, and a history of each transaction is available to verify your account information. We store and use your transactional information in the same fashion as if you performed the transaction at a branch or through any other service channel.

We may also use transactional information for servicing your account — for example, billing you for the particular transactions that you perform, or for the services that you use.

Creating a Secure Channel

We create a secure channel between your browser and our server to protect your information when you use the site. To learn more about how we do this, please review our information on Internet Security.

Application Forms

To provide you with a convenient method for applying for loans and mortgages, or for purchasing other financial services products such as Registered Savings Plans, we may provide secure online application forms. These forms capture personal information that we use to provide you with the products and services you request. This information is processed in a similar way to application forms received through our other channels .

Website Usage Statistics

To continually improve our site, we often collect statistics about how our members are using it. These usage statistics are only viewed in the aggregate and are not associated with you as an individual. We use this information for purposes such as improving the pages where our members are having difficulties.

The information collected may include your IP address, your browser type and your operating system, as well as data such as the number and types of pages visited, and the length of time spent per page and on the site overall.

Our use of Cookies

We also use a key web technology called cookies. A cookie is a small information token that sits on your computer. As you use this site, cookies are passed back and forth between our server and your browser.

Specifically, we use two kinds of cookies — session cookies and persistent cookies. A session cookie exists only for the length of your browsing session and is deleted when you close your browser. A persistent cookie is a cookie that stays on your computer after you close your browser. A persistent cookie may or may not expire on a given date.

We use a session cookie to maintain the integrity of your online banking session. With each page that you visit, the cookie is passed back and forth between our server and your browser. We use the cookie to distinguish your session from the many others that may be happening at the same time. Our session cookies never store any personal information, such as your name, or date of birth, or financial information, such as your accounts and balances.

We may use persistent cookies to (i) provide you with a customized experience by recording your preferences; (ii) gather statistical information such as average time spent on a page; and (iii) to show you targeted marketing information about us when you visit other websites. The data gathered provides us with information on how we can improve the design, content and navigation of our website.

Most recent browser versions allow you to set some level of control over which cookies are accepted and how your browser uses them. For example, it may be set to notify you when it is receiving a cookie so that you accept cookies from only known, reliable sites such as this one. If you are concerned about cookies, we encourage you to upgrade your browser to a recent version and review the Help section of your browser to learn more about its specific control features.

Memorized Accounts Feature

We use a persistent cookie to store information to help you personalize the site and to make it easier to use. For example, we allow you to make the login easier by remembering your login information within our Memorized Accounts feature. Since the Memorized Accounts feature is optional, this cookie only contains information that you have entered into it. We never store your Personal Access Code (PAC) in a cookie.

Logout Button

To ensure that no-one else can access your personal information, always use the logout button to end an online banking session. It is located at the top of every page. When you exit using the logout button, we delete your session cookie so that your session cannot be resumed unless your Member ID and PAC are re-entered.

Automatic Session Time-outs

In the event that you leave your computer without logging out, the online banking feature of this site has been designed to end your session automatically if our system detects that you haven't provided any instructions or used the browser buttons to navigate for several minutes. To restart the session, you will need to provide your PAC again.


To communicate with us electronically, we strongly recommend that you use our Contact Us feature. This feature provides a secure channel for sending us comments, questions or instructions.

General email is not secure since it passes through many points on its route from you to us. If you are using general email to communicate with us, we strongly recommend that you do not include personal financial information (such as account numbers) within the email as we cannot guarantee its confidentiality en route to us.

When you email us your comments, questions or instructions, you provide us your email address and we use it to correspond with you. We then store your email and our replies to you in case we correspond further.

Links to Other Sites

Our site may also contain links to other websites or Internet resources. As an example, from time-to-time we may provide links to Microsoft or Netscape to assist you in upgrading your Internet browser. However, we have no control over these other websites or Internet resources and do not control their collection, use and disclosure of your personal information. Always review the Privacy Statements of the sites that you are viewing.

Contact Us

We welcome any questions or concerns about your privacy relating to use of our website. Please use the Contact Us form to submit your questions or comments.

As we continue to expand our online banking service to serve you better, and as new Internet technologies become available, we may update the information on this page at any time, to reflect changes.


Staying Safe on the Internet

Online banking makes managing your finances easy and convenient. However, there are measures you should take, and best practices you should follow, whenever you go online to access your accounts. Because your online security is our priority, we have compiled suggestions and tips for safe browsing to help you avoid falling victim to Internet threats.


Our online banking system is safeguarded with the best security available in a commercial environment, ensuring that your information is protected while data is transmitted between your computer and our banking server.


Internet encryption protects your information while it is in transit between your computer and our systems. Encryption ensures that data cannot be read or altered because the information is scrambled. Our online banking website uses a 128-bit SSL, encrypting both request and response transactions, through a secure connection. To establish a secure connection, verify that the prefix of our website address in your browser reads 'https' (and not simply 'http'). All the browsers we support meet this requirement - Windows Edge, Google Chrome and Mozilla Firefox. If yours doesn't, please download the appropriate encryption support from your browser's supplier.

Controlled Access to Your Accounts

Your accounts can only be accessed by providing the correct login credentials and Password, which only you know. Our employees never know these details and will never ask you to provide them with this information.

2-Step Verification & Forgot Password

Two-Step Verification is a more secure means of verifying identity than security questions. Two-Step Verification requires the member to enter something they know (their password) and verify it with something they have (like their mobile phone or email). Hackers are less likely to be able to obtain both, and therefore the login is more secure. 

2-Step Verification Guide

You must already be enrolled in 2-Step Verification to use the ‘Forgot Password’ tool. If you are registered for 2-Step Verification, but you’ve entered an incorrect birthdate or last three digits of the Social Insurance Number for the member first named on the account more than three times, you’ll be unable to use the ‘Forgot Password’ tool for 24 hours. If, after 24 hours you have three more failed attempts, you’ll be unable to use the tool for 1 week. If, after 24 hours you have three more failed attempts, you’ll be unable to use the tool for 1 month. If you’ve forgotten your password, visit your branch or call us at 1.800.665.5728 – we’ll help you reset it.

Forgot Password Guide

FAQs 2-Step Verification and Forgot Password

When visiting a branch, you can feel confident that your money is safe and secure, with the premises adorned by vaults, locked doors, security and surveillance. We are keeping you just as safe when you bank online but once your information reaches your computer, you have a responsibility to protect it.


Online credentials can be numerous as they are needed for email accounts, social networking sites, online newspapers and shopping websites. That's a lot of usernames and passwords – and it can be tempting to use the same combination for everything. But this makes it far too easy for hackers because once they have one password, they can access all your sites. Login credentials are the keys to your accounts so don't leave those keys around for anyone to find. For online banking, the key is your Password. We recommend you:

Choose a Password that is easy for you to remember but difficult for others to guess. Avoid using current phone numbers, dates of birth, or social insurance numbers.

Be smart and don't save a list of your credentials on your PC. If you have to write them down, keep these details locked away somewhere only you can access or consider using password-management software, which secures and encrypts usernames and passwords and allows you to use a single master password.

Do not share your Password with anyone, especially online. Employees of our financial institution will never call, email, write or ask you to provide your online banking credentials. Ever.

Don't authorize browsers to memorize your credentials. Saving these on your computer allows anyone using your PC to gain access to your login-protected sites.

Consider changing your Passwords every 90 days for optimum security.

Personal Details

When you move, it is important to notify us of your change of address. If your mailing information isn't up-to-date, statements or letters that contain personal information will continue to be sent to your former address.


You may prefer to eliminate paper statements altogether, avoiding any possibility of mail theft. Eliminate paper documents, go electronic and be secure while doing it. Our e-Statements are a digital archive of your monthly banking activity than can be downloaded as a PDF from our secure online banking site.


Our e-Documents allow you quick and convenient online access to your financial documents: anytime, anywhere. Open the documents as PDFs and print your T5s, mortgage receipts or transaction receipts only as needed, while creating a safe and secure digital archive.

Logging In and Out

When you are finished with your banking session, always log out by clicking the "Log Out" button, as opposed to simply closing the browser window. To help protect your information, your online banking session will end automatically if there has been no activity for 20 minutes or if your visit lasts longer than 60 minutes. If your session has timed out, no further transactions can be made until you log in again. This time-out feature helps protect your accounts from unauthorized access if your PC is left unattended or if you have forgotten to log out.

Firefox Users
  • Click on the 'History' tab (or use the 'Ctrl-Shift-Delete' shortcut)
  • Select 'Show All History' and/or
  • Choose the time frame you wish to erase and click 'Delete'
Safari Users
  • Click on the 'History' tab
  • Select 'Show all History'
  • Choose the period you wish to erase and click 'Clear History'
Chrome Users
Delete all your data:
  • In the top-right corner of Chrome, click the Chrome menu.
  • Select More tools > Clear browsing data.
  • In the dialog that appears, select the checkboxes for the types of information that you want to remove.
  • Use the menu at the top to select the amount of data that you want to delete. Select beginning of time to delete everything.
  • Click Clear browsing data.

Delete specific items from your browsing data: Instead of deleting entire categories of your browsing data, you can pick specific items to delete.

Private Browsing

Some web browsers have a feature that allows you to browse the Internet without the browser storing information, such as the sites you visit, the images you see and videos you watch. This feature is sometimes used by people who share the same computer. Private browsing is a temporary option and must be selected in order for it to be activated. Private browsing, however, does not give you immunity to spyware or make you anonymous. It is still possible for your Internet service provider, employer or the websites you visit to track your online activity.

Monitoring Your Accounts

Frequently reviewing your paper and/or electronic account statements and/or registering for our transaction alert system ensures that you spot any incorrect or fraudulent transactions as soon as they occur. If your card has been skimmed (when the card's magnetic stripe and PIN are fraudulently copied by embedded devices at ATMs or point-of-sale devices) or unauthorized transactions have been made, you will want to catch this as soon as possible. Every time you receive an account statement, verify you made all the transactions or let us notify you whenever there has been movement in your accounts (with the transaction alert system).

Transaction Alert System

With this feature, you select what types of account activity you want to be notified about, and we'll alert you through text message or email. These alerts allow you to monitor your accounts effortlessly and detect suspicious activity immediately.

While our alert messages provide balances and account activity, they will never ask for, or contain, your personal details, account numbers, login credentials or any other type of confidential information. Also, our notifications will never include any links or instructions to click or download anything.

We have created a secure channel to communicate with our customers, but you need to do your part by maintaining your computer up-to-date and virus-free.

Operating Systems

Your computer's operating system needs to be up-to-date in order to defend itself from viruses and malicious software (malware). If one part of your operating system develops a virus, it leaves holes in your PC's security defences and compromises the safety of the information contained in your computer.

Keeping your software up-to-date is one of the most important ways of staying safe online because it is much harder for viruses to infect an updated operating system and software. Hackers are targeting operating systems with new viruses all the time and software companies combat these efforts with security patches. You should always download the latest security patch as soon as it becomes available.

Your operating system lets you know when updates are available by notifying you there are new security features to download. You can also upgrade your operating system to the latest version available from the manufacturer; however, you should ensure your computer has sufficient hardware capacity to support an upgrade.

Remember to back up your data. To fully eliminate a virus that has infected your machine, the re-installation of your operating system may be required. Protect yourself against the permanent loss of important data by frequently backing up your files on an external hard drive so you'll have the data should you ever have a problem with your operating system.


Web browsers are the gateways to the Internet. Similar to having an up-to-date operating system, upgraded browsers provide more features, stability and security. Whether you use Firefox, Safari, Chrome or something else, stay safe online by using the latest version available.

The latest versions of web browsers have security features that can identify and block harmful and fake websites and pop-ups, and warn you if a site is flagged as unsafe. Some browsers also have a 'Private Browsing' feature, which conceals your browsing history from others.

We suggest you update your browser. Now.


A firewall protects your computer and home network from harmful websites and hackers. It sits between your computer and the Internet, scanning information that is being transmitted. It allows for safe browsing, while blocking unauthorized intrusions. Even though you may think you have no information of value on your PC, firewalls also stop your computer from being used by hackers to send malicious software to other computers.

Most computers now come with a firewall as part of the standard operating system. However, you can get the maximum protection for your computer by installing additional firewalls and ensuring they are kept up-to-date.

Protecting Your Smartphone

Browsing the web has never been easier – it's all at your fingertips. Smartphones let you surf, shop or bank wherever you are. Make sure your information stays secure while you're on the move by following these smartphone-safe browsing tips:

  1. Activate your phone's password feature, which locks the screen and prevents anyone but you from accessing your phone. Set up the password feature on your phone with a code that only you know.
  2. Don't connect to unknown networks through Wi-Fi hotspots to make financial transactions.
  3. Beware of smishing – that's phishing on phones through text messages. Never download media or images, or click on text-message links that come from unrecognizable people or phone numbers. Never provide personal details or any account details using any form of electronic messaging because this is not a secure form of communication. If you are unsure, please contact us.
  4. Download apps exclusively from the official source for your smartphone's platform, such as the Android, Apple or BlackBerry stores.
  5. Install anti-virus software for your smartphone when available and update it frequently.
  6. Install location finding applications, which work with your phone's built-in GPS. These applications allow you to locate and/or remotely erase (or "wipe") data in your phone if it is lost or stolen.
  7. Update your smartphone's operating system as soon as newer versions are available.

These days, everyone is on the go and it's not uncommon to access Wi-Fi at coffee shops, hotels, restaurants or airports. Using wireless networks to access information is convenient, but not risk-free. Be smart when you surf. Protect yourself from threats by:

  • Using only a trusted computer to access your online banking. Don't use shared library or café computers.
  • Managing your online banking only from secure networks. We recommend that you don't use unsecured public networks for anything sensitive.
  • Connecting only to password-protected networks. If there are several networks available, ask employees of the organization which network they operate.
  • Never leaving your computer unattended, especially if you are logged into your online banking.
  • Using different Passwordss and security questions as login credentials. If someone obtains your credentials for one site, such as a social networking site, you don't want them to be able to access your other ones.
  • Ensuring you log out before you close your browsers.

Shopping Online

Online shopping is the epitome of convenience. There are no lines and no crowds, but it can also be a haven for fraudsters. Consider the following tips when using your credit cards online to ensure your information stays secure:

  • Make sure that you are shopping at a trusted retailer when you enter your credit card details online.
  • Provide retailers with only the necessary details to complete the transaction. These include your credit card number, expiry date, the security code on the back of the credit card and the card's billing address. Never provide your social insurance number, account details or your mother's maiden name. For shopping sites that require you to register with a username and password, we recommend you do not use your online banking PAC.
  • Use your credit cards only on e-commerce websites that use secure browsing technology on the screens where you enter your card information. Ensure the web address begins with 'https' (as opposed to 'http') and has a closed padlock icon on the screen.
  • Ensure that smaller retailers requesting credit card details have reputable contact details, a physical address and you feel comfortable with providing them your card information.
  • Never give your account or credit card details to anyone on

While pickpockets can only target a few people each day, Internet fraudsters cast their nets much wider, using the anonymity and reach of mass emails and fake websites. You can protect yourself from these situations by knowing how to identify and avoid these scams.


A common way for Internet scammers to obtain your personal information is through a method called phishing. Usernames, passwords, banking information and credit card details are phished through email or instant messaging. Phishing works by sending communications, which appear to be from your financial institution, but they are not. You are asked, supposedly by your financial institution, to log in to your online banking to verify account information. Often some type of security concern is cited as the issue. The fake email instructs you to click on a link that takes you to a non-legitimate version of your online banking site – one that is largely indistinguishable from the legitimate site – and you'll be asked to enter your credentials.

Phishing emails may include:

  • Warnings about account closures
  • Requests to update your information
  • Offers to register for a new service
  • Offers for pre-approved credit cards
  • Free virus-protection programs

Once you click on the link, which directs you to a phishing website, you'll be prompted to enter personal or banking information. Phishing scams seek personal details, such as your address, social security number or mother's maiden name. The details obtained will then be used for identity theft.

Scam emails purporting to be from your credit card company or financial institution often have some telling signs, including:

  • Poor spelling or grammar
  • Alarmist content, warning that your account will be closed if you don't provide your banking or personal details immediately
  • Notices that you've won a prize and are required to pay a fee in order to claim it

Never provide personal details or any account details in an email. Electronic messaging is not a secure form of communication. If you receive a message that you are unsure about, please contact us.


Another way for hackers to get their hands on your personals details is by pharming them. Pharming occurs when hackers use a malicious code on your PC, which compromises your computer's host file and redirects you to fake websites. The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser. With pharming, the dishonest redirection of URLs happens even when you type correct URLs directly into your browser, making you think that you're on the correct website when you are not. Once there, you are asked to enter your online banking credentials or account information, which hackers take and use for criminal activity.

How to Avoid Phishing and Pharming Scams

We will never send you emails or communications asking you to verify or provide your online banking details. The best way to protect yourself is to never use a link provided in an email to access your online banking (because we don't send those; scammers do). Do not open emails or email attachments from unknown sources. Scan email through your anti-virus software.

Always type your financial institution's website address directly into your browser and remember to look for confirmation that you are browsing securely. The letter "s" in 'https' indicates you are navigating in a secure site, in comparison to the open and unprotected 'http' URLs. Look for the 'https' when online shopping, too.

Don't feel panicked when phishing emails caution of immediate account closures if your banking details cannot be verified. Don't believe emails warning that your account has been compromised or that you'll miss out on a great deal if you fail to act immediately. If you are concerned, call or visit one of our customer service representatives.

Anti-Virus Software

Install anti-virus software on your computer to protect your information, money and privacy. Such software detects viruses and cleans your computer so that harmful viruses do not spread. Set up your anti-virus to run frequent scans and update the software as soon as it is required. Ensure you have real-time scanning of every email and every file you download.


Malicious software (malware), spyware, worms and Trojans are the same class of destructive viruses; just with different names. Nobody wants a computer virus. They can steal your personal information, take over your PC and use your computer to attack other people's computers. Your PC can become infected through email attachments, downloading infected content or visiting harmful websites.


Spyware is exactly what it sounds like – tracking software that is downloaded to your computer (without your knowledge) when you visit certain Internet sites. Secretly, it gathers information about you and your browsing habits. This information can be trivial or it can include passwords and personal data that you wouldn't want criminals to get their hands on. It can also interfere with user controls and disable legitimate anti-virus programs.

The best way to protect your computer against spyware is smart browsing. Stay away from sites that look unsafe and avoid streaming or downloading content from untrustworthy sources. Many anti-virus products offer targeted spyware solutions that inspect your operating system, installed programs, downloads and files.


One of the most common viruses to watch out for is known as scareware. These scams pop-up on your screen and display alarmist warnings, telling you a virus has invaded your computer. Scareware prompts you to download (and often pay for) fake anti-virus software to remove the non-existent viruses. Scareware is a scam that tries to trick you into paying money in exchange for nothing.

You can protect against scareware by keeping your anti-virus software up-to-date and by being judicious about what you choose to download to your computer. You should also familiarize yourself with the interface of your legitimate anti-virus program, so you won't be fooled if one of these pop-ups appears.