E-transfers are safe, but you need to take precautions
A Peterborough, Ont. woman says she's sent dozens of Interact e-transfers without incident — until one day two months ago, when one of her money transfers was intercepted by a thief.
On March 18, Anne Hoover tried to send $1,734 into the account of a friend, Fran Fearnley, to reimburse her for a trip to Mexico they had taken together. But when Fearnley tried to deposit the funds, she found out they had already been deposited.
"She called me, I quickly checked my bank account. The money had left my bank account, and said that a transfer had gone to her," Hoover told CJAD 800's Aaron Rand. "So we immediately called the RBC Royal Bank fraud department."
As a goodwill gesture, the bank reimbursed her half the original amount, but a bank manager essentially told her they've done everything they could do for her in her case.
Hoover says she still hasn't given up trying to recover the other half.
"Now we're going to the Royal Bank ombudsman, which is the next step in the escalation progress," she said. "And then when and if that fails, I guess there's an ombudsman for the ombudsman. Beyond that, I don't know what to do other than move my accounts from the Royal Bank and not use Interac anymore."
E-transfers are typically done by email or text message, and usually require the recipient to answer a security question to access the money.
Use strong passwords and questions
It turns out the account was hacked by a third party, who apparently took advantage of a weak password and security question — in this case, the question was "who is my favorite Beatle?" Of course, a hacker would have one in four chances of getting that right. (Unless the answer was Pete Best or Stuart Sutcliffe. It would take a pretty smart hacker to figure that one out.)
CJAD 800's tech expert Carmi Levy says he can't stress enough the importance of using strong passwords and security questions online — particularly when it comes to financial services programs and apps.
"Overall, there's nothing to suggest that Interac e-transfers are inherently unsafe," he says. "In other words, if you follow appropriate security protocols and best practices, you can be reasonably assured of getting what you want out of the service or the app without undue risk of being hacked."
What's meant by best practices, he says, is to use strong passwords and security questions — things that a determined hacker would have trouble finding out, and not things like the name of a partner or a pet.
Levy also suggests that users of such apps familiarize themselves with the terms and conditions of a particular app — the things that most people never read before they click 'I Agree' — in the event that your personal info does fall into the hands of hackers, so that you know exactly how to go about recovering whatever you've lost, if it ever comes to that.