Canadian businesses need to reassure customers they are doing enough to protect their personal information at a time when there is growing public concern about identity theft, according to the latest survey conducted by Chartered Professional Accountants of Canada (CPA Canada). Almost three quarters (73 per cent) of survey respondents say they were targeted by scams in the past and 67 per cent are concerned about identity theft.1 Cybercriminals are hurting the bank accounts of Canadians, many who were already left financially unstable because of the COVID-19 pandemic. So far this year, $144 million was lost to fraud compared to $106 million in 2020.2 Despite the massive money loss, Canadians are stepping up efforts to fend off cyberattacks. More than half (62 per cent) of those surveyed are doing more to protect themselves against fraud than they were five years ago.3
Doretta Thompson, CPA Canada’s Financial Literacy Leader, says cybercriminals are always looking for ways to appear legitimate and circumvent security measures to take advantage of Canadians. “With our lives increasingly being lived online due to COVID-19’s new world, it’s more important than ever for Canadians to be diligent, on alert and safeguarding their private information.”
Here are some steps you can take to protect yourself against fraud and identity theft:4
- Be careful when shopping, banking, on sharing personal information online.
- Strengthen and protect your passwords.
- Don’t answer a call or respond to a text message if you don’t recognize the number.
- Monitor your banking transactions.
Identity theft doesn’t just affect individuals, but organizations as well. Here are some ways to protect your business against identity fraud:5
- Rely on encryption to protect personally identifiable information.
- Keep up to date with encryption technology since it’s constantly evolving, and scammers are looking for new ways to get around it.
- Educate employees on how to use encryption technology and to be on alert for any attempts of identity theft.
- Ensure your company has the latest anti-virus and anti-spyware protection.
- Install a firewall to make sure your network is protected.
- Keep software and browsers up to date with security patches.
- Protect employee records: PIPEDA applies to your employee records if you are engaged in interprovincial and international transactions or conduct business within federally regulated sectors. Provincial privacy legislation may also apply.
- Processing personal data across borders: If you plan to transfer personal information to an organization in a foreign country for processing, you must take concrete steps to protect it.
- Customer ID: If you ask for a customer’s identification, you should know what information you can and cannot copy off a driver's licence.
- Determine the appropriate form of consent under PIPEDA: Find out how to get permission to collect, use or disclose someone's personal information depending on how sensitive it is and how it will be used.
- Privacy quiz: Take a quiz to better understand the privacy regulations that affect your business.
- Privacy toolkit: Get detailed information on the rules for the management of personal information in the private sector.
- The EU’s General Data Protection Regulation: If you handle the personal data of EU residents while exporting goods or services to them, these regulations may apply to you.
HSBC also advises you never disclose security details when receiving unsolicited calls, text messages, or emails. If you receive an unsolicited call from HCBC, for example, ask for the caller's contact details then call your HSBC Relationship/Account Manager to validate before calling back. For information about how HSBC protects our customers, visit HSBC Safeguard.