What types of banking fraud are most common in Canada?

Phishing emails/texts (pretending to be your bank), debit card skimming, SIM swap fraud, cheque fraud, authorized push payment (APP) scams, and identity theft. E-transfer interception is also growing as Canadians use Interac e-Transfer for more transactions.

Am I liable for unauthorized transactions on my bank account in Canada?

Generally no. Under the Canadian Code of Practice for Consumer Debit Card Services, you are not liable for unauthorized transactions if you did not contribute to the loss (i.e., did not share your PIN or leave your card unsecured). However, if the bank proves negligence, liability can shift to you.

What should I do if my bank account is compromised?

Call your bank immediately to freeze accounts. Change online banking passwords. Report to the Canadian Anti-Fraud Centre (1-888-495-8501). Check credit reports at Equifax and TransUnion. File a police report. Monitor accounts for 6-12 months afterward.

Can someone steal money from my e-transfer?

Yes, if you use security-question-based e-transfers (the recipient has not set up Autodeposit). The most common method is email interception where a fraudster answers the security question. Always use Autodeposit, which eliminates the security question and sends funds directly to the registered account.

How to Protect Yourself From Banking Fraud in Canada 2026

Common Banking Fraud Types

Phishing (Email, Text, Phone)

Feature	Details
How it works	Fake email/text/call pretending to be your bank
Goal	Get your login credentials, card number, or SIN
Red flags	Urgent language, suspicious links, asking for PIN/password
Volume	60%+ of all banking fraud starts with phishing
Example	“Your account has been locked. Click here to verify.”

Debit/Credit Card Fraud

Type	How It Works	Prevention
Skimming	Device on ATM/POS copies card data	Use tap, cover PIN, use bank ATMs
Card-not-present	Stolen card number used online	Use virtual cards, monitor statements
Lost/stolen card	Physical card used in person	Report immediately, freeze via app
Counterfeit card	Cloned card from stolen data	Chip + tap makes this harder

E-Transfer Fraud

Type	How It Works	Prevention
Email interception	Hacker intercepts email, answers security question	Use Autodeposit (no question needed)
Phishing request	Scammer sends e-transfer request pretending to be someone	Verify requests independently
SIM swap	Hacker takes over your phone number to intercept codes	Use authenticator apps, not SMS

Identity Theft

Method	Details
Data breaches	Your info leaked from a company hack
Mail theft	Physical mail with banking/tax info stolen
Social engineering	Scammer tricks you into revealing personal info
Dark web purchase	Your info bought on dark web
SIN theft	Used to open accounts in your name

Authorized Push Payment (APP) Scams

Feature	Details
How it works	Scammer tricks you into willingly sending money
Common types	Romance scams, fake invoices, “CRA owes you”
Why it works	You authorize the payment, so bank may not refund
Growing trend	Fastest-growing fraud type in Canada
Prevention	Never send money to someone you haven’t met/verified

How to Protect Yourself

Online Banking Security

Protection	How to Implement
Strong, unique password	12+ characters, mix of upper/lower/number/symbol
Two-factor authentication (2FA)	Enable on all banking apps
Use authenticator app (not SMS)	Google Authenticator, Microsoft Authenticator
Biometric login	Face ID / fingerprint when available
Don’t bank on public Wi-Fi	Use mobile data or VPN
Log out after sessions	Don’t stay logged in on shared devices
Update devices regularly	Security patches prevent exploits
Use official bank apps	Download from App Store / Google Play only
Monitor account alerts	Set up text/email notifications for all transactions

Card Protection

Protection	How to Implement
Use tap/digital wallet	Avoids handing over physical card
Cover PIN at ATMs	Even when no one seems nearby
Use bank-owned ATMs	Avoid standalone ATMs at convenience stores
Set transaction alerts	Get notified for every purchase
Lock card in app	Lock debit/credit card when not in use
Virtual card numbers	Use for online shopping (available at some banks)
Review statements monthly	Flag unfamiliar charges

E-Transfer Protection

Protection	How to Implement
Enable Autodeposit	Most important step — no security question needed
Don’t use obvious security questions	Avoid answers findable on social media
Verify requests independently	Call/text sender separately to confirm
Don’t send to unknown recipients	Verify identity first
Use strong email password	If email is hacked, e-transfers are exposed

Identity Protection

Protection	How to Implement
Check credit reports	Free from Equifax + TransUnion (annually at minimum)
Credit monitoring	Free via Borrowell, Credit Karma
Fraud alert on credit files	Free — notifies you of new account applications
Credit freeze	Prevents new accounts from being opened
Shred documents	Tax forms, bank statements, anything with SIN
Secure your mail	Locked mailbox or PO box
Protect your SIN	Never carry it in your wallet

Signs Your Account May Be Compromised

Warning Sign	What It Means
Transactions you don’t recognize	Possible unauthorized access
Login notifications from unknown devices	Someone else is accessing your account
Password reset emails you didn’t request	Attempted takeover
New accounts you didn’t open	Identity theft
Missing mail	Mail may have been redirected
Calls from “your bank” asking for info	Likely phishing (banks don’t call asking for passwords)
Credit score drop	Possible fraudulent accounts
Declined transactions	Possible card compromise and bank freeze

What to Do If You’re a Victim

Immediate Steps (Within 24 Hours)

Step	Action	Contact
1	Call your bank’s fraud department	Bank’s 24/7 fraud hotline
2	Freeze affected accounts/cards	Through bank app or phone
3	Change all banking passwords	All accounts, not just the compromised one
4	Enable/change 2FA	Switch to authenticator app
5	Report to Canadian Anti-Fraud Centre	1-888-495-8501 or antifraudcentre.ca
6	File a police report	Local police (get report number)

Within 1 Week

Step	Action
7	Check credit reports at Equifax and TransUnion
8	Place fraud alerts on credit files
9	Review all bank and credit card statements
10	Change passwords for email and other financial accounts
11	Update security questions everywhere
12	Document all unauthorized transactions

Ongoing Monitoring

Action	Frequency
Monitor bank accounts	Daily for 3 months
Check credit reports	Monthly for 12 months
Review credit card statements	Monthly
Watch for phishing (you’re a target now)	Ongoing
Consider credit monitoring service	For 12+ months

Your Rights in Canada

Protection	Details
Zero-liability for credit card fraud	You pay $0 for unauthorized credit card transactions
Debit card protection	Not liable if PIN was secure and you reported promptly
Bank complaint process	Internal complaints → Ombudsman → OBSI or ADR Chambers
Reporting timeline	Report within 30 days of statement for best protection
FCAC oversight	Financial Consumer Agency of Canada regulates bank conduct
Credit bureau correction	Right to dispute and correct fraudulent entries on credit report

Bank Fraud Hotlines

Bank	Fraud Hotline
RBC	1-800-769-2511
TD	1-888-751-9000
BMO	1-844-837-9228
Scotiabank	1-866-625-0561
CIBC	1-888-872-2422
National Bank	1-888-835-6281
Desjardins	1-800-224-7737
Tangerine	1-888-826-4374
EQ Bank	1-844-437-2265
Canadian Anti-Fraud Centre	1-888-495-8501

Banking Fraud Statistics in Canada

Metric	Amount
Annual fraud losses	$500+ million reported
Unreported (estimated)	$1-2+ billion
Most common method	Phishing/social engineering
Fastest growing	Authorized push payment scams
Average loss per victim	$7,000-$15,000
Recovery rate	~50-70% (banks often reimburse)
Fraud reports to CAFC	90,000+ annually