Learn how to identify fraudulent or phishing emails. Phishing emails are typically sent to obtain personal and private financial information. They ask for confidential information such as your account username, account number, and email password.
If you think you've received a phishing or scam email, see How to Report Spam and Adjust the Webmail Spam Filter for additional information on reporting it.
This article will provide insight into:
What is phishing?
In recent years, phishing scams have become more frequent, more sophisticated and more difficult to detect. Phishing is a technique that uses fraudulent websites and falsified emails to trick you into providing personal information—such as login credentials and credit card information. Perpetrators can gain this information by:
- Sending you links to websites that appear trustworthy and steal your information when you fill out the login field
- Persuading you to reply to the email with personal information
- Adding a trigger to the email that will download malicious software to obtain data, encrypt your files for ransom money, or other malicious practices
Related: Internet Security FAQs
Back to top
How to identify a phishing scam
To help you detect more sophisticated phishing attempts, below are a few tips on how to best protect yourself from malicious attacks.
- Be cautious of emails that:
- come from an unknown sender and ask you to provide personal information
- apply emotional pressure to persuade you into providing personal information
- require that you take action on a matter that you don’t recognize and/or don’t expect
- use poor spelling and/or poor grammar
- appear to come from a reputable business; however, the sender’s email address is not a corporate address
- Report emails asking for personal information, especially sensitive information such as login credentials, government issued ID numbers or any financial information. Shaw and other legitimate institutions will never request credentials, credit card information or other sensitive information via email.
- Verify that the link provided in the email links to a legitimate website by hovering your mouse over the hyperlink. If the URL displayed looks suspicious, or if you are unsure, forward the email as an attachment to the company it claims to come from for investigation.
- Double-check the sender. Emails from Shaw will end in @shaw.ca, @marketing.shaw.ca, @shaw.sjrb.ca, @sjrb.ca or @shawdirect.ca.
- There are times when Shaw may ask you to fill out a form, such as a DocuSign form, as part of the customer service process. These forms will always be sent to you by a trusted Shaw source, who you should already be familiar with as part of the customer service process. If you receive such an email and are not familiar with the sender, contact us to confirm its legitimacy before opening any links or attachments.
Back to top
What to do if you believe your personal information is at risk
If you feel that your Shaw account or banking information may be at risk after opening or responding to a phishing email:
- Change your username and password for any account that may have been compromised
- Contact Shaw to report an incident related to your Shaw account
- Inform your bank if you feel your banking information may have been compromised
- Contact local law enforcement to open an investigation if you believe you were the victim of a targeted attack
You should always be cautious of phishing scams. Below are some examples of known phishing scams we are aware of and combating:
*Click each image to enlarge
Back to top
Still have questions? Chat with us on social media.
It's fast, easy and convenient, and it's totally a new way to connect with us.