Be cautious of e-mail and Web sites pretending to represent a legitimate company that ask you to provide confidential and financial information
RBC Centura Bank has a dedicated team of professionals and specialized technology working around the clock to help prevent, detect, and investigate instances of fraud.
Please be aware that RBC Centura Bank will never ask you to provide confidential information through regular e-mail. If you receive an e-mail that asks you to provide confidential information such as your account numbers, PIN or password, do not respond and contact us immediately at email@example.com. We take any unauthorized or fraudulent activity very seriously and will engage in a full investigation if we feel a client has been victimized.
In addition, we want you to be aware of the more common techniques that are being used to steal personal and financial information.
What is Phishing?
Phishing is a type of fraud that is designed to trick individuals into disclosing confidential and financial information for the purpose of identity theft.
How it Works
- You receive an unsolicited e-mail appearing to be from a legitimate and reputable company, like RBC Centura Bank.
- The e-mail may raise concerns that your account information is out of date or that you have received money. There is usually a sense of urgency and there may be a consequence associated with the request. For example, you are asked to validate your account information in order to prevent it from being suspended or terminated.
- You are asked to take action by following instructions that usually involve having you click on a link that takes you to a fake Web site. The fake Web site appears valid, often complete with a legitimate company's brand name and logo. Often the link and the URL address of the fake Web site look very similar to the URL address used by the real Company that is being imitated.
- You are asked to provide or update your personal and financial information by completing an online form or by responding to the e-mail directly. You may be asked to provide a variety of information such as credit card numbers, account numbers, passwords, date of birth, drivers license number, and social insurance or social security numbers.
- Once provided to the fraudster, the information may be used to gain access to your accounts or to steal your identity.
Tips to Help You Spot and Avoid a Phishing Scheme
As a general rule you should not provide your confidential and financial information over the Internet in response to unsolicited requests you receive. At RBC, we will never ask you to provide us with sensitive information such as your account numbers, PINs, passwords, Social Security number or Social Insurance number through regular e-mail. We will also never send you an e-mail requesting that you visit a Web site to provide us with that information. If you receive such a request, do not respond and forward the e-mail to firstname.lastname@example.org immediately.
Here are some additional tips to help you spot and avoid a potential phishing scheme:
- If you don't know the source of an e-mail or if it looks suspicious in any way, do not open it and delete it immediately. This is the best preventative measure to avoid falling victim to a phishing scheme.
- Just because an e-mail or Web site appears to be from a legitimate company doesn't mean it is. Phishing schemes are designed to look real and fraudsters will often use logos, trademarks, or even the entire look and feel of a valid Web page to trick users into believing that it is genuine. Inspect any trademarks or logos that are used in the e-mail or Web site. If the image appears to be different or distorted, the e-mail or Web site is likely a fake.
- Phishing schemes sometimes contain misspelled words. Look for these either in the message or in the hyperlink if one is provided.
- Avoid responding to an unexpected Web page or pop-up window appearing to be from a legitimate company that requests that you provide confidential information for a purpose that seems legitimate, e.g. to prevent a security threat or to validate an account, as it is likely a fake.
- Never click on a link contained in an e-mail that you suspect might be fraudulent. The link could take you to a fake Web site or initiate the installation of unwanted software onto your computer.
- If you have a relationship with the company mentioned in a suspect e-mail and you wish to call them to verify the request, do not use any telephone numbers provided in the e-mail message, as they may be fake as well.
- Always be suspicious of Web pages containing forms that collect confidential information, and do not use standard security features such as SSL encryption. Whenever you submit confidential or financial information online, always ensure that the Web site you are communicating with is secure. You can check the security of a Web page by looking for a security symbol such as a closed padlock in your browser screen. You can also check the URL in the browser address bar. It should start with "https:" rather than just "http" as this signifies that the session is encrypted.
How to Report a Suspicious E-mail or Web site Fraud
For the latest information on Identity Theft and related topics, visit or call the Federal Trade Commission, at www.ftc.gov or 1-877-FTC-HELP.
If you are suspicious of any e-mails you receive, that appear to have been sent by any of the RBC Centura Bank or RBC Financial Group companies, please contact us immediately by e-mail or phone.
Reporting to RBC Centura by E-mail
Open the suspected e-mail and forward it in its entirety to email@example.com. Avoid changing or retyping any part of the original message, as this may interfere with our investigation. If you have additional information that you feel will assist us in our investigation, please include it in your e-mail. However, do not include any personal or financial information in that additional correspondence. Once you have forwarded the suspected e-mail to us, please delete it from your inbox.
Reporting to RBC Centura by Phone
Call us Toll Free at 1-800-CENTURA (1-800-236-8872). Please have all information about the Web site or suspected e-mail available. The agent will need these details in order to proceed with the investigation.