Online Fraud is something we take very seriously at TD Bank Financial Group. We have extensive security systems and practices in place to help protect you and let you conduct your financial affairs in a safe, private manner. While we do our best to safeguard your interests, there are additional precautions you can take to protect yourself and your finances. Please review our Safe Computing page for more information.

Be aware of Phishing and Brand Spoofing

Phishing or Brand Spoofing is a scam where a perpetrator sends authentic-looking emails, appearing to come from legitimate companies, in an effort to phish (pronounced "fish") for personal and financial information. These phish emails direct recipients to click on links that re-direct them to fraudulent or "spoofed" websites. These sites are designed to fool customers into believing that they are actually visiting a legitimate company website. Once on the fraudulent site, the email recipient is asked to enter personal and/or financial information that is later used to commit fraud.

If you receive one of these emails, delete it immediately and do not respond or action it.

What to Look for - Fraudulent Emails

Phishing emails can be deceiving. Fraudsters are increasingly learning how to create persuasive messages designed to fool recipients into divulging personal information. Effectively, the fraudsters hijack brand names of legitimate companies in hopes that the recipient will respond.

Tips and Hints:

• Do not click on links in emails. If you need to log in to any online service that we offer you should always type the URL directly into the Address/Location bar of your browser or use a favourite that you have set up. The fraudsters rely on unsuspecting individuals to fall for their scam or 'take the bait'.
• Do not be tricked by offers of money or threats of legal action. TD Bank Financial Group will never contact you electronically for such matters.
• Do not be tricked by claims of 'Security Compromises' or 'Security Threats'. Instilling fear is a key factor in any fraud scam, fraudsters will often make claims of a security compromise or threat in hopes that people will freely disclose their personal information to quickly resolve the supposed threat.

What to Look for - Login Page

The second part of any phishing scam is fooling individuals into thinking that they are visiting a legitimate login page or website. If you believe that you have navigated to a page that is not authentic - don't do anything.

Tips and Hints:

• Look for the secure transaction symbol on your screen before entering any personal information. This will look like a key or a padlock on the very bottom of your browser. Do not enter personal information without seeing that symbol.
• You should verify the validity of the digital certificate and that it was issued from a trusted Certificate Authority such as Verisign. This can help you identify spoofed websites. Double-click on the padlock icon to view details about the digital certificate.
• Look at your browser's Address/Location bar. Verify that the login page that you are visiting is in fact legitimate by verifying that the URL is correct - For example, the EasyWeb login page is located at the following address: https://easyweb.tdcanadatrust.com.
• If you have chosen to use the 'Remember my Access Card and Description' or 'Remember my Connect ID' feature, your Access card number and/or your Connect ID will appear when you navigate to the EasyWeb login page, the WebBroker login page, or the Web Business banking login page provided that you have not recently deleted your cookies. This feature is unique to the legitimate login pages and cannot be duplicated.

Tips for Email Safety

• Do not provide personal or financial information to anyone in an email.
• Be suspicious of email attachments from unknown sources. If you do not know or recognize the sender of the email, do not open the attachment.
• Do not set your email program to "auto-run" attachments. Always check that emails you have received do not contain viruses by running your anti-virus software.