Security & privacy

Gulf & Fraser’s alert messages provide balances and account activity. We will never use an alert to ask for, or send, your personal details, account numbers, login credentials or any other type of confidential information. Our notifications will never include any links or instructions to click or download anything.

If you receive a correspondence that you think may not be from Gulf & Fraser, please report it to us by sending the email to inquiry@gulfandfraser.com or calling us at 604-419-8888.

If you happen to be out of range or experiencing service interruptions when an Alert is sent, you can still view your Alerts history for the past 30 days under the Alerts History page through online banking.

Alerts cannot be guaranteed simply because we cannot guarantee the stability of the wireless and internet networks being used. Service interruptions to networks or being out of the service range, can cause a delay in receiving text messages. You can check the Alerts sent to you on the Alerts History page of online banking—there you'll find all the Alerts sent to you within the last 30 days.

For Alerts on multiple accounts, if account 1 has a Chequing 0 and account 2 has a Chequing 0, both will default to the same name. To change this, click Manage Alerts Contacts and Mobile Nicknames, click Edit Nickname and rename the applicable account with a new nickname.

Some discount carriers do not offer short code program functionality on their mobile phones. Unfortunately this is out of our control and is limited by the carrier.

When you spend time on the internet, your browser stores information, such as the websites you visit, the images and files you view, and your personal information, including passwords and login details. This data is held on your computer's hard drive and is known as a 'cache.' Even though you may have logged out and closed your browser, this information may remain accessible. You can protect your data by clearing your browsing history regularly. This can be done in a few easy steps:

Internet Explorer users

1. Click on the Tools icon in the upper right corner (or use the Ctrl-Shift-Delete shortcut)

2. Select Delete Browsing History

3. Choose the options you wish to erase and click Delete

​​Firefox users

1. Click on the History tab (or use the Ctrl-Shift-Delete shortcut)

2. Select Show All History

3. Choose the time frame you wish to erase and click Delete

​Safari users

1. Click on the History tab

2. Select Show all History

3. Choose the period you wish to erase and click Clear History

​Chrome users

1. In the top-right corner of Chrome, click the Chrome menu.

2. Select More tools > Clear browsing data.

3. In the dialog that appears, select the checkboxes for the types of information that you want to remove.

4. Use the menu at the top to select the amount of data that you want to delete. Select beginning of time to delete everything.

5. Click Clear browsing data.

6. Delete specific items from your browsing data. Instead of deleting entire categories of your browsing data, you can pick specific items to delete.

You can find free Wi-Fi at coffee shops, hotels, restaurants, malls, and airports. Using wireless networks to access information is convenient, but not risk-free.

Be smart and protect yourself from threats by following these tips:

• Using only a trusted computer to access your online banking. Don't use shared library or café computers for banking.

• Managing your online banking only from secure networks. We recommend that you don't use unsecured public networks for anything sensitive.

• Connecting only to password-protected networks. If there are several networks available, ask employees of the organization which network they operate.

• Never leaving your computer unattended, especially if you are logged into your online banking.

• Using different PACs and security questions as login credentials. If someone obtains your credentials for one site, such as a social networking site, you don't want them to be able to access your other ones.

• Ensuring you log out and close your access to the Wi-Fi connection before you close your internet browser.

Online shopping is very convenient. There are no lines and no crowds, but it can also be a haven for fraudsters.

Consider the following tips when using your credit cards online to ensure your information stays secure:

• Make sure that you are shopping at a trusted retailer when you enter your credit card details online.

• Provide retailers with only the necessary details to complete the transaction. These include your credit card number, expiry date, the security code on the back of the credit card and the card's billing address. Never provide your social insurance number, account details or your mother's maiden name. For shopping sites that require you to register with a username and password, we recommend you do not use your online banking PAC.

• Use your credit cards only on e-commerce websites that use secure browsing technology on the screens where you enter your card information. Ensure the web address begins with 'https' (as opposed to 'http') and has a closed padlock icon on the screen.

• Ensure that smaller retailers requesting credit card details have reputable contact details, a physical address and you feel comfortable with providing them your card information.

• Never give your account or credit card details to anyone on eBay, Craigslist, or any other public “buy and sell” website.

Make sure your information stays secure while you're on the move by following these safe browsing tips for your phone:

1. Activate your phone's password feature, which locks the screen and prevents anyone but you from accessing your phone. Set up the password feature on your phone with a code that only you know.
2. Don't connect to unknown networks through Wi-Fi hotspots to make financial transactions.
3. Beware of phishing messages you may receive on your phone. Never download media or images, or click on text-message links that come from unrecognizable people or phone numbers. Never provide personal details or any account details using any form of electronic messaging because this is not a secure form of communication. If you are unsure, please contact us.
4. Download apps exclusively from the official source for your phone's platform, such as from Google Play for Android phones or the App Store for iPhones.
5. Install anti-virus software for your smartphone when available and update it frequently.
6. Install location finding applications, which work with your phone's built-in GPS. These applications allow you to locate and/or remotely erase (or "wipe") data in your phone if it is lost or stolen.
7. Update your phone's operating system as soon as newer versions are available.

Your computer's operating system needs to be up-to-date in order to defend itself from viruses and malicious software (malware). If one part of your operating system develops a virus, it leaves holes in your computer's security defenses and compromises the safety of the information contained in your computer.

Keeping your software up-to-date is one of the most important ways of staying safe online because it is much harder for viruses to infect an updated operating system and software. Hackers are targeting operating systems with new viruses all the time and software companies combat these efforts with security patches. You should always download the latest security patch as soon as it becomes available.

Your operating system lets you know when updates are available by notifying you there are new security features to download. You can also upgrade your operating system to the latest version available from the manufacturer; however, you should ensure your computer has sufficient hardware capacity to support an upgrade.

Back up your data

To fully eliminate a virus that has infected your machine, the re-installation of your operating system may be required. Protect yourself against the permanent loss of important data by frequently backing up your files on an external hard drive so you'll have the data should you ever have a problem with your operating system.

Install anti-virus software on your computer

Install anti-virus software on your computer to protect your information, money and privacy. Such software detects viruses and cleans your computer so that harmful viruses do not spread. Set up your anti-virus to run frequent scans and update the software as soon as it is required. Ensure you have real-time scanning of every email and every file you download.

Use a firewall on your computer

A firewall protects your computer and home network from harmful websites and hackers. It sits between your computer and the Internet, scanning information that is being transmitted. It allows for safe browsing, while blocking unauthorized intrusions. Even though you may think you have no information of value on your computer, firewalls also stop your computer from being used by hackers to send malicious software to other computers.

Most computers come with a firewall as part of the standard operating system. However, you can get the maximum protection for your computer by installing additional firewalls and ensuring they are kept up to date.

Look for the 's' in the website address: https://examplewebsite.com. 

Fraudsters have been known to set up websites that look nearly identical to websites belonging to legitimate financial institutions. Make sure you are at the correct website. Always type your financial institution's website address directly into your browser and remember to look for confirmation that you are browsing securely. 

The letter "s" in 'https' indicates you are navigating in a secure site, in comparison to the open and unprotected 'http' URLs. Look for the 'https' when online shopping, too. Don't feel panicked when phishing emails caution of immediate account closures if your banking details cannot be verified. Don't believe emails warning that your account has been compromised or that you'll miss out on a great deal if you fail to act immediately. 

Pharming is another way for hackers to get their hands on your personals details. Pharming occurs when hackers use a malicious code on your PC, which compromises your computer's host file and redirects you to fake websites. The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser. With pharming, the dishonest redirection of URLs happens even when you type correct URLs directly into your browser, making you think that you're on the correct website when you are not. Once there, you are asked to enter your online banking credentials or account information, which hackers take and use for criminal activity.

A common way for internet scammers to obtain your personal information is through a method called phishing.

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication – i.e., email.

Smishing is similar to phishing in that it is a fraudulent attempt to obtain sensitive information. Smishing is done using text messages purporting to be from reputable companies.

Phishing and smishing messages may appear to be from your financial institution, but they are not. You may be asked, supposedly by your financial institution, to log in to your online banking to verify account information. Often some type of security concern is cited as the issue. The fake email or text message instructs you to click on a link that takes you to a non-legitimate version of your online banking site – one that may look a lot like the legitimate site – and you'll be asked to enter your credentials.

How to spot a suspicious email or text message

Phishing and smishing messages may include:

• Warnings about account closures
• Requests to update your information
• Offers to register for a new service
• Offers for pre-approved credit cards
• Free virus-protection programs

Once you click on the link, which directs you to a phishing website, you'll be prompted to enter personal or banking information. Phishing scams seek personal details, such as your address, social security number or mother's maiden name. The details obtained will then be used for identity theft.

How to know it's not your bank writing you

Scam emails purporting to be from your credit card company or financial institution often have some telling signs, including:

• Poor spelling or grammar
• Alarmist content, warning that your account will be closed if you don't provide your banking or personal details immediately
• Notices that you've won a prize and are required to pay a fee in order to claim it

Remember: Gulf & Fraser will never send you an unsolicited email or text message that asks you to provide sensitive personal information. 

We take attempts to defraud our members very seriously. If you receive correspondence that you think may not be from Gulf & Fraser, please report it to us by emailing inquiry@gulfandfraser.com or calling us at 604-419-8888.

Spyware

Spyware is exactly what it sounds like – tracking software that is downloaded to your computer (without your knowledge) when you visit certain internet sites. Secretly, it gathers information about you and your browsing habits. This information can be trivial or it can include passwords and personal data that you wouldn't want criminals to get their hands on. It can also interfere with user controls and disable legitimate anti-virus programs.

The best way to protect your computer against spyware is smart browsing. Stay away from sites that look unsafe and avoid streaming or downloading content from untrustworthy sources. Many anti-virus products offer targeted spyware solutions that inspect your operating system, installed programs, downloads and files.

Malware

Malicious software (malware), spyware, worms and Trojans are the same class of destructive viruses; just with different names. Nobody wants a computer virus. They can steal your personal information, take over your PC and use your computer to attack other people's computers. Your PC can become infected through email attachments, downloading infected content or visiting harmful websites.

Scareware

Scareware scams pop-up on your screen and display alarmist warnings, telling you a virus has invaded your computer. Scareware prompts you to download (and often pay for) fake anti-virus software to remove the non-existent viruses. Scareware is a scam that tries to trick you into paying money in exchange for nothing.

You can protect against scareware by keeping your anti-virus program up to date and by being careful about what you choose to download to your computer. You should also get familiar with your anti-virus program so you won't be fooled if a scareware pop-up appears.

Alerts allow you to receive email and/or text message notifications when various activities occur in your accounts. While balance and account information can be viewed in the Alerts message, no personal information, account numbers or any data that could be used to identify accounts or members can be retrieved, which ensures a high level of protection.

• Security Alerts provide an additional layer of protection by allowing you to detect possible fraud quickly and take appropriate action

• Balance and Activity Alerts can help you to better manage your finances and budget. There is no fee to sign up for Alerts and no fee to receive them. However, your mobile phone service provider may charge you for receiving text messages and for data usage

Your accounts can only be accessed by providing the correct login credentials and Personal Access Code (PAC), which only you know. Our employees never know these details and will never ask you to provide them with this information.

For security reasons, we track the number of login attempts used to access your online banking. After you make a number of incorrect attempts to enter the correct PAC or answer security questions, your online access will be disabled. To regain access, please call us at 604-419-8888.

To help you protect your information, your online banking session will end automatically if there has been no activity for 20 minutes. Access to our databases is strictly managed and systems are in place to ensure security is not breached, including the physical security of our computer hardware and communications.

Internet encryption protects your information while it is in transit between your computer and our systems. Encryption ensures that data cannot be read or altered because the information is scrambled. Our online banking website uses a 128-bit SSL, encrypting both request and response transactions, through a secure connection. To establish a secure connection, verify that the prefix of our website address in your browser reads 'https' (and not simply 'http').

All the browsers we support meet this requirement. 

We take phishing and smishing attempts on our members very seriously. If you receive correspondence that you think may not be from Gulf & Fraser, please report it to us by emailing inquiry@gulfandfraser.com or calling us at 604-419-8888.

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication – i.e., email.

Smishing is the fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.

e-Statements

You may prefer to eliminate paper statements altogether, avoiding any possibility of mail theft. Gulf & Fraser’s e-Statements are a digital archive of your monthly banking activity than can be downloaded as a PDF from our secure online banking site.

e-Documents

Gulf & Fraser’s e-Documents allow you quick and convenient online access to your financial documents: anytime, anywhere. Open the documents as PDFs and print your T5s, mortgage receipts or transaction receipts only as needed, while creating a safe and secure digital archive.

Debit card use has given way to a type of fraud called “card skimming”. This occurs when criminals copy the data of a MemberCard debit card to make counterfeit cards and obtain a member’s PIN through hidden electronic devices, thus gaining access to the member’s account through the counterfeit card.

To combat this type of criminal activity, Gulf & Fraser continues to review existing procedures and establish new security measures to lower the risk of card skimming.

The following measures are just a few examples of our ongoing efforts to protect our members:

• Monitoring large and frequent ATM and point of sale (POS) transactions which could indicate fraudulent use.

• Changing daily ATM and POS transaction limits to reduce unnecessary exposure to accounts.

• Investing in long-term solutions to make our ATMs and MemberCards more secure.

• Monitoring all our ATMs for suspicious activity 24 hours a day, seven days a week.

More importantly, you are responsible for protecting your PIN and following MemberCard safety tips in order to minimize the risk of card skimming. If you suspect that your account or PIN has been compromised, or if your MemberCard is lost or stolen, please call 1-888-277-1043 (within Canada or the continental USA). If you are outside Canada or the continental USA, please call 1-306-566-1276 collect. 

You can also contact our Member Hub for assistance: 604-419-8888 (local). If you are travelling, call 1-866-736-4334 (toll-free). You'll find these and other helpful numbers listed on our Contact page.