Ellen Roseman

Toronto Star August 9^th 2006

I'm not a customer of MBNA Canada, but I received four identical emails within minutes Sunday afternoon asking me to update my account information.

So did a lot of other people at the Toronto Star.

In this scam known as "phishing" — because the fraudulent emails cast a wide net — you’re told to go to your bank's website to supply key information about yourself.

But if you follow the link, you’ll be handing over closely guarded secrets about your credit cards and personal identification numbers to an imposter.

Phishing attacks have been around for a few years. But they're still going strong in Canada and can cause a lot of economic damage.

All of the 11 Canadian banks and insurance companies that took part in a global security survey reported experiencing security breaches in the past year, according to Deloitte Touche Tohmatsu.

Phishing and "pharming" accounted for more than half of the security breaches in Canada. That was in line with global results.

Pharming is where fraudsters manipulate the settings on a computer - so that even if you type in a legitimate Web address yourself, you’re redirected to a fake website.

"It is becoming clear to us that there is a shift," Deloitte Canada partner Adel Melek said about the survey results released in June.

Professional hackers and organized crime are moving into a domain once ruled by amateurs, he emphasized. .

The good news? These security breaches don't yet constitute. an alarming situation, given the size of the operations of Canadian financial institutions.

The Anti-Phishing Working Group is a US. industry association. Its goal is to eliminate fraud and identity theft arising from email spoofing.

The group received more than 20,000 separate phishing reports in May - the most ever recorded. You can submit your own examples to reportphishing@antiphisMng.org.

Financial services was the sector most commonly targeted, accounting for more than 90per cent of all phishing attacks in May, the group reported.

Is there much difference between Canada and the US. in terms of online security?

Not a great deal, Consumer Reports magazine says in a special

report in its September issue.

"The Internet doesn’t recognize or respect national borders, so why would Canada be spared the viruses, spyware, spam and phishing schemes that plague the US.?" the magazine asks.

Almost one in four Canadian (24 per cent) said they had received an email purporting to be a bank or financial institution according to a survey published list year by Ipsos Reid, a market research firm in Toronto.

Fourteen percent of the Ipso-Reid survey said they had fallen victim to such a scheme. That compare to 8 per cent of US users who submitted personal data to phisher (according to a Consumer Reports survey).

"Given the extent of the problem, it's no wonder 77 per cent of Canadians say they are concerned they could become the victim of identity theft scam," the magazine concludes.

Canada may be slightly safer because we have fewer targets with only five major banks compared to hundreds in United States.

Also, Canadian banks have put great effort into online security. You can find copious warnings - and examples of email spoofs - at their websites.

Several banks provide an on-line banking security guarantee. You're reimbursed 100% for losses to your account if you report suspicious activity you keep your passwords confidential.

And some banks offer a free al of antivirus software for a few months. Afterward, clients buy the software at a discounted price.

If you want to find the most dependable antivirus software check out the test results from Consumer Report.

For excellent detection at a low price, the magazine picked Bit-Defender and ZoneAlarm. Both programs recognized viruses they had never seen, unlike other programs that couldn't detect new viruses until remedies were distributed.

Kasperky Lab's was a more expensive program, but rated high for both detection and ease of use. And Alwil, a free program with no annual fee for updating was said to be "useful. for protecting multiple computers on a tight budget."

The magazine also tested and rated anti-spyware programs and anti-spam software in its September issue, which should be on the newsstands shortly.