Tangerine Risk Management Fake E-Mail
How the scam works:
There is an e-mail going around from crooks impersonating Tangerine Bank representatives asking recipients to keep their account active and in good standing. For that, the message lures the victims into believing that they need to get a authentication certificate in order to avoid suspicious activity on their account. However, the call to action and the end result are the same: the recipients need to click on a provided link.
If you click the link, you are redirected to an official-looking website with the bank’s logo. You'll be asked to login by entering your account number and password.
Below is the latest scam e-mail circulating now, coming from e-mail addresses such as: email@example.com or firstname.lastname@example.org. Subject titles might be: “Important Information-Sign-In Now” or “Urgent Letter – Please Review”, while the name of the sender could be Risk Management/Tangerine or Help/Tangerine:
The information in this electronic mail message is private and confidential, and only intended for the addressee.
Authorized Addresse: [your e-mail address]
You have not signed-in to your account for a long period of time. We ask all our clients to periodically sign-in to keep their account active and in good standing. You have until [a very close date], to sign-in to your account thru our new certificate authentication or your account will be deactivated and frozen.
In order to keep your account active, please follow the steps below:
1. Download the attached security certificate and open it.
2. Follow the remaining on-screen instructions.
3. Your account will be migrated and activated under our new platform.
Thank you for your cooperation, we greatly appreciate your business.
Tangerine, Forward Banking
Tangerine is a trademark of The Bank of Nova Scotia, used under licence.
How to avoid:
Keep in mind that the scammers could use the name of any bank, including yours. These type of emails became so common nowadays that it should be easier to figure out that they're not from your actual bank. However, there are still a lot of people who click on the links without giving a second thought.Ignore these messages, especially if they refer to you as “Dear Customer”, instead of addressing you by your full name. Banks never email clients about any sensitive information unless the client has signed up for it. Delete, you'll get another one next week!
Make your friends and family aware of this scam by sharing it, using the buttons provided.