Skip to main content Home | Contact Us | Find Us | Français | Asian Banking | Site MapCIBC Websites
 
Personal Banking Business Services About CIBC
 
How CIBC Protects You
Online Banking Guarantee
Browser Security
Online Banking Security
Using Your Information
CIBC Cookies
CIBC Privacy Policy
How You Can Protect Yourself
What You Can Do
Safe Computing Practices
Clear Your Browser's Cache
Be Aware of Fraud
Debit Card Skimming
Cheque Fraud
Identity Fraud
E-mail & Text Msg. Fraud
E-mail & Text Msg. Fraud Examples
Credit Card Fraud
Accounts Payable Fraud
Moving Money for Strangers
Internet Stock Fraud
Spyware
Telephone Fraud

E-mail and Text Message Fraud

What is phishing?

Phishing (also referred to as brand spoofing) is a type of scheme that uses fraudulent e-mail, web pages and text messages to gather personal, financial and sensitive information for the purpose of identity theft. Most commonly, users receive spam e-mail (mass e-mail messaging), text messages and pop-up windows that appear to come from legitimate businesses. People have been tricked by these deceptive solicitations into sharing passwords and social insurance, credit card and bank account numbers.

If you ever doubt the legitimacy of an e-mail or text message claiming to originate from CIBC, or if you feel your Online Banking security has been compromised, please call CIBC Online Banking at 1-888-872-2422.


How does phishing work?

Phishing e-mails and text messages are often sent out as spam to numerous recipients and appear to come from legitimate businesses, sometimes even duplicating legitimate logos and text. Within a phishing e-mail, you may be requested to click on a link that takes you to a fraudulent site or pop-up window where you are asked to submit personal and financial information. A phishing text message may request that you send personal information back to the sender through text message or call a phone number.

Messages may imply a sense of urgency or an immediate risk to bank accounts or credit cards if you fail to answer, in order to increase the chances of a response. Special offers and prizes may also be promoted as incentives.

View examples of fraudulent e-mails and text messages sent to CIBC customers.

What phishers do with your personal information

Phishers can access your accounts using your passwords and other information to withdraw money or make purchases. Personal information can also be used by phishers to open new bank or credit card accounts in your name.

What should I look for in a valid message from CIBC?

The message below illustrates some of the e-mail components that are acceptable in an e-mail coming from CIBC. CIBC will never send you an e-mail or text message asking you for personal or financial information.

A valid CIBC message:

A valid CIBC message


Signs that your message may be a phishing e-mail

The message below illustrates some of the e-mail components that are not acceptable in a CIBC e-mail. In this example, phishers used a valid e-mail name "CIBC Thanks you", but the actual e-mail address did not belong to CIBC.

You can verify e-mail addresses by viewing the properties of the address.

How do I view the properties?

  • Your e-mail application will often show the actual address in brackets in the "From" field; for example, with this e-mail address: CIBC Thanks You < abc@abc.org >, the actual e-mail is from abc.org and not CIBC
  • Alternatively, you can right click on the address and select "Properties" to determine the actual address of the sender

Signs that your message may be a phishing e-mail


How CIBC protects you

CIBC is continuously working to ensure your security against phishing schemes.

Any unsolicited e-mail that appears to be from CIBC or any organization with which you do business including a request that you click a link and re-enter your personal information or password, should prompt you to contact the company directly. Type www.cibc.com or the business' website address directly into your browser instead of clicking the link in the e-mail. If you are unsure of the authenticity of an e-mail, delete it.

If you receive a text message that appears to be from CIBC with any requests to you send personal information, do not respond to it. Instead forward it to fraud@cibc.com.

At CIBC, we go to great lengths to protect your personal information and ensure CIBC Online Banking is secure. If you ever doubt the legitimacy of any e-mail or text message claiming to originate from CIBC, please call CIBC Online Banking at 1-888-872-2422.

CIBC e-mail best practices

CIBC sends:

  • Solicited e-mails that respond to customer requests
  • Welcome e-mails
  • E-mails that have live links to other CIBC marketing content, but only written URLs (non-live links) to a website

CIBC does not send e-mails:

  • Asking customers to provide, confirm or update personal records
  • From a third party address or link to a third party site
  • Containing no information about why a customer is receiving e-mail
  • Requiring an urgent response

What you can do

CIBC wants to help you stay informed. By knowing how to protect yourself, you can avoid becoming a victim of online and mobile phone scams. Learn more

Canada's Department of Public Safety and Emergency Preparedness and the United States Department of Justice recommend these 3 steps to defend against phishing schemes: Recognize it, Report it and Stop it.
Find out more