You are now leaving our website and entering a third-party website over which we have no control.
Protect your business against fraud
Explore the different types of fraud and how to spot them
Identifying fraud and minimizing its' impact
Credit card fraud
Debit card fraud
Code of conduct
Identifying and Reducing Fraud Risk
No matter what type of business you're in, fraud can impact you. Knowing how to recognize and reduce the risk is possible. While there is no one thing you can do to eliminate fraud, there are many steps you can take to help prevent it.
For more information on how to help prevent fraud, download our "Fraud Prevention Brochure" brochure.
Help Protect Your Merchant Account from Card Testing
Card Testing is when fraudsters submit unauthorized transactions to identify valid card information that can be used to perform fraud elsewhere. Card Testing commonly targets a Merchant's website or mobile app. For more information on how to help protect your business, download "Help Protect Your Merchant Account from Card Testing".
Importance of Fraud Prevention
Understanding the impact fraud can have on your business is an important step in preventing it.
- Every year Canadian businesses lose millions of dollars as a result of fraud
- According to the Canadian Federation of Independent Business (CFIB), 1 in 5 small businesses were victims of fraud in the last 12 months.
- Over 80% of businesses reported being targets of payment fraud in 20181.
- The tools and tactics being used by fraudsters are constantly evolving and becoming even more sophisticated
5 Tips to Help Protect Your Business Against Fraud
Careful Where You Click
Don’t open attachments or click on links from unknown senders and don't be afraid to pick up the phone to confirm if an email is legitimate.
Regularly Monitor Your Bank Account and Credit Cards
Don’t wait until the end of the month to review your transactions. Reconcile transactions often and immediately report any unusual transactions to your bank. Treat cheques just as you would cash by locking them in a secure location.
Take Advantage of Security Features
Implement dual authentication, restrict bill payments, and set appropriate authorization limits for employees if possible.
Use Latest Software and Browser Updates
Install antivirus protection and implement security patches in your software. Periodically engage an external consultant/provider to review your network and web applications for security vulnerabilities that an attacker could exploit.
Consider Business Continuity or Cyber-Insurance
Engage an insurance provider to help your business mitigate the risk of a breach and to offset the cost involved with recovery following a cyber event.
How is Fraud Evolving?
Cybercrime Continues to Threaten Canadian businesses
Cybercrime has become a lucrative revenue stream for fraudsters, with organized crime tied to a number of sophisticated cybersecurity attacks across the globe.2
As transactions have increasingly moved to electronic platforms, fraudsters have followed - Cybercrime is swelling with 41% of large businesses surveyed by Statistics Canada identifying as victims of cybercrime.3
Cybercriminals are Resourceful
Cybercriminals are sophisticated and may spend months gathering information before striking and can learn about your business through your website, social media and may even call or email employees.
Fraud by Payment Type
According to the Association of Financial Professionals, cheque fraud continues to be the largest source of payment fraud for businesses. Cheques remain relatively easy to intercept, alter and can be falsified with a high-quality printer and paper.
Fraudulent debit or credit card transactions may be the result of lost, stolen or counterfeit cards.
Cybercrime can include phishing, malware and other scams that target deposit accounts and payment channels available through the online banking platform (bill payments, transfers, email money transfers, wire and EFT (electronic funds transfer) payments.
Common Types of Cybercrime
A scam designed to trick someone into believing they've received an email from a trusted party in order to extract personal or company information that can range from online banking log-in credentials to social insurance numbers.
Similar to phishing, this is a scam where the fraudster will present themselves as representing a legitimate organization in order to extract sensitive information (like credit card data) by telephone.
Smishing is a text message scam where fraudsters impersonate a trustworthy entity to extract sensitive information from your company and clients.
Malicious software that can take many forms including: viruses, worms, Trojan horses, spyware, and adware. Malware can disrupt computer operations, providing fraudsters with access to computers systems, sensitive information and more.
A type of malware that encrypts files and data. Fraudsters then request payment from the victim to unencrypt and return files and data. Malicious attachments and misleading pop-up ads are common entrapment methods.
A scam where a fraudster impersonates a business owner, CEO, vendor or even a lawyer by email. The email requests that a payment be made by wire or electronic funds transfer. The fraudster may even provide a fake invoice or change the payment information on a legitimate invoice in an attempt to misdirect the payment.
Reporting TD Related Phishing or Smishing Attempts
Send the email to email@example.com.
If you have responded to a suspicious email, immediately call:
Identify and prevent credit card fraud
Fraudulent credit cards can be broadly classified into two groups:
- Counterfeit cards, where the card is illegally produced but looks and works like a legitimate card. Be sure to examine credit cards carefully to detect signs of tampering or counterfeiting.
- Lost or stolen cards, where the card is legitimate, but the user is not the authorized cardholder.
If you suspect a fraudulent transaction
Trust your instincts – if a transaction feels off and doesn't seem legitimate, you can make a Code 10 call at any time which alerts our authorization centre of the suspected fraudulent transaction, but does not alert the individual presenting the card.
While it's important to report suspected fraudulent transactions, do not perform a Code 10 call if your personal safety is at risk. Instead, complete the transaction and contact TD Merchant Solutions only when it's safe.
When it's time to make a Code 10 call
Call the TD Merchant Solutions Authorization Centre at 1-877-836-7990 and answer a series of yes or no questions to determine the validity of the transaction.
Stay calm and courteous and hold on to the card until you have obtained authorization.
Don’t hang up if your call is transferred.
Respond to the authorizer’s questions with appropriate yes or no answers.
Follow instructions - Either complete the transaction (with the authorization number provided) or retain the card.
Do not try to apprehend or detain the cardholder.
What is payment card skimming?
Skimming refers to the practice of capturing account information from the magnetic stripe of a debit or credit card in order to make a counterfeit card. When debit cards are involved, Personal Identification Numbers (PINs) are also stolen.
It's possible that card skimming could be happening right now at your business, and you wouldn’t even know it. But by taking the precautions shown below, you'll help prevent skimming and protect your customers from falling victim to fraud.
Steps to help prevent skimming
Inspect your POS equipment regularly, including serial numbers, wires and cables. If you find anything unfamiliar, altered or missing notify TD Merchant Solutions.
Check near area around PINpads
A small camera could be concealed in holes in the ceiling, walls or shelves.
Limit “shoulder surfing”
Install your debit terminal so customers have enough room to comfortably shield the PINpad.
Redirect your Cameras
Ensure any security cameras don’t capture the PIN the customer is entering.
Customers & their PIN
Allow customers to hold the PINpad until the transaction is complete. Never enter a PIN for a customer.
Keep records on file
Keep employee schedules and supplier information.
“Protect Your PIN”
Display the Interac Association’s “Protect Your PIN” decal available from TD Merchant Solutions.
About telemarketing fraud
According to the federal government, telemarketing fraud costs Canadians more than $100 million every year. While telemarketing is a legitimate sales tool for many companies, including TD Bank Financial Group, criminals may also use it to deceive you with phony offers. Your best defense is to learn to recognize fraud and take a few simple steps to protect yourself in these scenarios.
Know who you’re dealing with
- Verify who the company is, where they're located, etc.
- Ask questions and get a call-back number. If your questions are being avoided or not answered to your satisfaction, be cautious. Legitimate companies will let you check them out or think about an offer.
- Never provide your account number, credit card number or other financial information over the phone unless have validated who you're talking to.
- No merchant or police officer should ever request personal banking information from you over the phone. If anyone asks you for this information, alert the police and your financial institutions immediately.
Don’t rush or be pressured into a decision
Never invest or buy a product or service without fully understanding what it is, and verifying whether it is legitimate.
If the caller is using high-pressure sales tactics, it's a sign that something is probably wrong, especially if you're told to make a decision by the end of the call. The RCMP advises consumers not to be afraid to hang-up the phone – it's not rude, it's smart.
Keep detailed records
Make notes of the call - the name, address and phone number of the person or company. If you do purchase an item, record the date of the transaction and the delivery date that is promised.
Get more information
National anti-fraud call centre operated by law enforcement agencies. Call 1-888-495-8501 or visit www.phonebusters.com
Call 1-800-348-5358 or visit www.cb-bc.gc.ca
The RCMP’s website highlights the latest consumer scams and how to deal with them.
Canadian Anti-Fraud Centre (CAFC)
The CAFC is the central agency in Canada that collects information and criminal intelligence on fraud and identification theft complaints.
Five key steps to reducing chargebacks
Is it a valid credit card?
Check the standard identification and security features found on the Visa website.
Ensure the customer signs the sales receipt when required and the signature matches the back of the card.
Always obtain an authorization number, when required, before processing a transaction.
If you process a recurring transaction after it’s cancelled or changed it may be charged back.
Merchant Solutions requests
Ensure all receipts for copy requests are on time and with the correct information.
How the Code of Conduct affects your business
In April 2015, amendments were made to the Code of Conduct for the Credit and Debit Card Industry (the Code), including three new policy elements. We encourage you to view all 13 policy elements.
TD Bank Group continues to support the evolution of the Code, and believes it provides merchants a greater voice in the payments market, while also balancing the interests of the other participants in this industry.
Policy element 13 of the Code of Conduct for Debit and Credit Cards provides merchants with access to a clear dispute resolution process, allowing for an investigation and timely response on complaints pertaining to the Code of Conduct.
Your satisfaction is the basis of our business, and we want to provide you with the best experience we can when you do business with TD Merchant Solutions, by addressing your complaint as quickly and effectively as possible.
Complaints to TD Merchant Solutions
You can provide us with details about your complaint by:
1. Completing the Complaint Form [pdf] and submit it to us by:
- Email: TDMSCODE@td.com
- Mail: TD Merchant Solutions, P.O. Box 300, TD Centre, Toronto, Ontario M5K 1K6
2. Calling us at 1-800-363-1163
To help us understand and review your complaint, we will ask you to provide us with details, including providing us copies of any supporting documentation (i.e. agreements, statements, and correspondence from card payment provider).
Please note that the information you provide may be shared with other parties (i.e. your payment card processor or financial institution) to help us respond to your complaint.
How we follow up on your complaint
You’ll get confirmation that we received your complaint within 5 business days, and you'll receive our final decision in writing within 90 days, which will include:
- A summary of your complaint
- The final result of our investigation
- Explanation of our final decision
- How you can escalate your complaint in the event of an unsatisfactory outcome
If we cannot provide you with a response within 90 days, we will inform you of the reason for the delay and our expected response time.
Financial Consumer Agency of Canada
You can also file your complaint directly with the Financial Consumer Agency of Canada (FCAC) to investigate non-compliance with the Code. FCAC can be reach via:
Mail: Financial Consumer Agency of Canada 6th Floor, Enterprise Building 427 Laurier Ave. West Ottawa, ON K1R 1B9
Please note FCAC is not a dispute-resolution agency for consumers in their individual dealings with payment card network operators or acquirers.