Phishing and Pharming Email Scams

image of money and wealth management icons


A common way for internet scammers to obtain your personal information is through a method called phishing. Usernames, passwords, banking information and credit card details are phished through email or instant messaging. Phishing works by sending communications, which appear to be from your financial institution, where you are asked to log in to your online banking to verify account information. The fake email instructs you to click on a link that takes you to a non-legitimate version of your online banking site – one that is largely indistinguishable from the legitimate site – where you'll be asked to enter your credentials. Once bad actors obtain these credentials, they can then be used for identity theft.

Tell-tale signs of phishing emails include:

  • Poor spelling or grammar
  • Alarmist content, warning that your account will be closed if you don't provide your banking or personal details immediately
  • Notices that you've won a prize and are required to pay a fee in order to claim it

Never provide personal details or any account details in an email. Electronic messaging is not a secure form of communication. If you receive a message that you are unsure about, please contact us.


Another way for hackers to get their hands on your personal details is by pharming them. Pharming occurs when hackers use a malicious code on your computer which compromises your host file and redirects you to fake websites. The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser. With pharming, the dishonest redirection of URLs happens even when you type correct URLs directly into your browser, making you think that you're on the correct website when you are not. Once there, you are asked to enter your online banking credentials or account information, which hackers take and use for criminal activity.

How to Avoid Phishing and Pharming Scams

  • Never use a link provided in an email to access your online banking.
  • Do not open emails or email attachments from unknown sources.
  • Always type your financial institution's website address directly into your browser and remember to look for confirmation that you are browsing securely. The letter "s" in 'https' indicates you are navigating in a secure site, in comparison to the open and unprotected 'http' URLs.
  • Don't feel panicked when phishing emails caution of immediate account closures if your banking details cannot be verified.
  • Don't believe emails warning that your account has been compromised or that you'll miss out on a great deal if you fail to act immediately.
  • If you are concerned, call or visit one of our customer service representatives.