Skip to main content
Login

Help Protect Your Business Against Fraud

Explore the different types of fraud and how to spot them.

Identifying fraud and minimizing its impact

  • Recognize and Reduce Fraud

    While there is no one thing you can do to eliminate fraud, there are many steps you can take to help prevent it.

  • POS Payment Terminal Fraud

    Point-of-Sale (POS) fraud occurs during in-person transaction in your shop or store.

  • Card Testing

    Card Testing commonly targets a merchant's website or mobile app. Help protect your merchant account.

  • Online Payment Fraud

    Help protect your online business. Identify the increasingly sophisticated tactics used by online fraudsters.

Importance of Fraud Prevention

Understanding the impact fraud can have on your business is an important step in preventing it.

  • Every year Canadian businesses lose millions of dollars as a result of fraud
  • According to the Canadian Federation of Independent Business (CFIB), 1 in 5 small businesses were victims of fraud in the last 12 months.
  • Over 80% of businesses reported being targets of payment fraud in 20181.
  • The tools and tactics being used by fraudsters are constantly evolving and becoming even more sophisticated

5 Tips to Help Protect Your Business Against Fraud

  1. Careful Where You Click
    Don’t open attachments or click on links from unknown senders and don't be afraid to pick up the phone to confirm if an email is legitimate.

  2. Regularly Monitor Your Bank Account and Credit Cards
    Don’t wait until the end of the month to review your transactions. Reconcile transactions often and immediately report any unusual transactions to your bank. Treat cheques just as you would cash by locking them in a secure location.

  3. Take Advantage of Security Features
    Implement dual authentication, restrict bill payments, and set appropriate authorization limits for employees if possible.

  1. Use Latest Software and Browser Updates
    Install antivirus protection and implement security patches in your software. Periodically engage an external consultant/provider to review your network and web applications for security vulnerabilities that an attacker could exploit.

  2. Consider Business Continuity or Cyber-Insurance
    Engage an insurance provider to help your business mitigate the risk of a breach and to offset the cost involved with recovery following a cyber event.

How is Fraud Evolving?

Cybercrime Continues to Threaten Canadian businesses

Cybercrime has become a lucrative revenue stream for fraudsters, with organized crime tied to a number of sophisticated cybersecurity attacks across the globe.2

As transactions have increasingly moved to electronic platforms, fraudsters have followed - Cybercrime is swelling with 41% of large businesses surveyed by Statistics Canada identifying as victims of cybercrime.3

Cybercriminals are Resourceful

Cybercriminals are sophisticated and may spend months gathering information before striking and can learn about your business through your website, social media and may even call or email employees.

Fraud by Payment Type

According to the Association of Financial Professionals, cheque fraud continues to be the largest source of payment fraud for businesses. Cheques remain relatively easy to intercept, alter and can be falsified with a high-quality printer and paper.

Fraudulent debit or credit card transactions may be the result of lost, stolen or counterfeit cards.

Cybercrime can include phishing, malware and other scams that target deposit accounts and payment channels available through the online banking platform (bill payments, transfers, email money transfers, wire and EFT (electronic funds transfer) payments.

Common Types of Cybercrime

A scam designed to trick someone into believing they've received an email from a trusted party in order to extract personal or company information that can range from online banking log-in credentials to social insurance numbers.

Similar to phishing, this is a scam where the fraudster will present themselves as representing a legitimate organization in order to extract sensitive information (like credit card data) by telephone.

Smishing is a text message scam where fraudsters impersonate a trustworthy entity to extract sensitive information from your company and clients.

Malicious software that can take many forms including: viruses, worms, Trojan horses, spyware, and adware. Malware can disrupt computer operations, providing fraudsters with access to computers systems, sensitive information and more.

A type of malware that encrypts files and data. Fraudsters then request payment from the victim to unencrypt and return files and data. Malicious attachments and misleading pop-up ads are common entrapment methods.

A scam where a fraudster impersonates a business owner, CEO, vendor or even a lawyer by email. The email requests that a payment be made by wire or electronic funds transfer. The fraudster may even provide a fake invoice or change the payment information on a legitimate invoice in an attempt to misdirect the payment.

Reporting TD Related Phishing or Smishing Attempts

Send the email to phishing@td.com.

If you have responded to a suspicious email, immediately call:

1-866-222-3456

  • EasyWeb

    Contact EasyLine 1-866-222-3456

  • Commercial or Corporate Banking

    Contact your Relationship Manager

  • Web Business Banking

    Contact CMS Support Desk
    1-800-668-7328

Identify and prevent credit card fraud

Fraudulent credit cards can be broadly classified into two groups:

  1. Counterfeit cards, where the card is illegally produced but looks and works like a legitimate card. Be sure to examine credit cards carefully to detect signs of tampering or counterfeiting.
  2. Lost or stolen cards, where the card is legitimate, but the user is not the authorized cardholder.

If you suspect a fraudulent transaction

Trust your instincts – if a transaction feels off and doesn't seem legitimate, you can make a Code 10 call at any time which alerts our authorization centre of the suspected fraudulent transaction, but does not alert the individual presenting the card.

While it's important to report suspected fraudulent transactions, do not perform a Code 10 call if your personal safety is at risk. Instead, complete the transaction and contact TD Merchant Solutions only when it's safe.

When it's time to make a Code 10 call

Call the TD Merchant Solutions Authorization Centre at 1-877-836-7990 and answer a series of yes or no questions to determine the validity of the transaction.

  1. Stay calm and courteous and hold on to the card until you have obtained authorization.

  2. Don’t hang up if your call is transferred.

  3. Respond to the authorizer’s questions with appropriate yes or no answers.

  4. Follow instructions - Either complete the transaction (with the authorization number provided) or retain the card.

  5. Do not try to apprehend or detain the cardholder.

What is payment card skimming?

Skimming refers to the practice of capturing account information from the magnetic stripe of a debit or credit card in order to make a counterfeit card. When debit cards are involved, Personal Identification Numbers (PINs) are also stolen.

It's possible that card skimming could be happening right now at your business, and you wouldn’t even know it. But by taking the precautions shown below, you'll help prevent skimming and protect your customers from falling victim to fraud.

Steps to help prevent skimming

Inspect your POS equipment regularly, including serial numbers, wires and cables. If you find anything unfamiliar, altered or missing notify TD Merchant Solutions.

  1. Check near area around PINpads
    A small camera could be concealed in holes in the ceiling, walls or shelves.

  2. Limit “shoulder surfing”
    Install your debit terminal so customers have enough room to comfortably shield the PINpad.

  3. Redirect your Cameras
    Ensure any security cameras don’t capture the PIN the customer is entering.

  1. Customers & their PIN
    Allow customers to hold the PINpad until the transaction is complete. Never enter a PIN for a customer.

  2. Keep records on file 
    Keep employee schedules and supplier information.

  3. “Protect Your PIN”
    Display the Interac Association’s “Protect Your PIN” decal available from TD Merchant Solutions.

To get in contact with TD Merchant Solutions

Call 1-800-363-1163

About telemarketing fraud

According to the federal government, telemarketing fraud costs Canadians more than $100 million every year. While telemarketing is a legitimate sales tool for many companies, including TD Bank Financial Group, criminals may also use it to deceive you with phony offers. Your best defense is to learn to recognize fraud and take a few simple steps to protect yourself in these scenarios.

  • What is telemarketing fraud?

    It occurs when criminals - posing as legitimate businesses, charities or causes - call people with phony offers in an attempt to defraud them.

  • How does it work?

    A criminal may phone to pressure you into (a) sending money for a special offer, deal, prize or lottery that you have supposedly won, or (b) revealing confidential information like your credit card numbers, account details and so on.

  • How can I help protect myself?

    Think twice about sending cash. According to law enforcement agencies, criminal telemarketers often ask you to send gift cards, cash or a money order, rather than provide a cheque or credit card number. If you're asked to send payment by wire or courier, it could be a scam.

Know who you’re dealing with

  • Verify who the company is, where they're located, etc.
  • Ask questions and get a call-back number. If your questions are being avoided or not answered to your satisfaction, be cautious. Legitimate companies will let you check them out or think about an offer.
  • Never provide your account number, credit card number or other financial information over the phone unless have validated who you're talking to.
  • No merchant or police officer should ever request personal banking information from you over the phone. If anyone asks you for this information, alert the police and your financial institutions immediately.

Don’t rush or be pressured into a decision

Never invest or buy a product or service without fully understanding what it is, and verifying whether it is legitimate.

If the caller is using high-pressure sales tactics, it's a sign that something is probably wrong, especially if you're told to make a decision by the end of the call. The RCMP advises consumers not to be afraid to hang-up the phone – it's not rude, it's smart.

Keep detailed records

Make notes of the call - the name, address and phone number of the person or company. If you do purchase an item, record the date of the transaction and the delivery date that is promised.

Get more information

  1. Phonebusters
    National anti-fraud call centre operated by law enforcement agencies. Call 1-888-495-8501 or visit www.phonebusters.com

  2. Competition Bureau
    Call 1-800-348-5358 or visit www.cb-bc.gc.ca

  3. RCMP
    The RCMP’s website highlights the latest consumer scams and how to deal with them.

  4. Canadian Anti-Fraud Centre (CAFC)
    The CAFC is the central agency in Canada that collects information and criminal intelligence on fraud and identification theft complaints.

Get Started