Almost one quarter of Canadians report falling victim to a scam, TD EVP explains what the industry can do
Canadians are increasingly afraid of and vulnerable to digital financial fraud. A survey from TD revealed that 75 per cent of Canadians believe advances in AI have made them feel more vulnerable to financial fraud. 82 per cent believe scams are becoming harder to spot. 86 per cent are more concerned about fraud than they were five years ago. Perhaps the most telling number from that survey, though, was that nearly one in four Canadians say they, or a family member, have been a victim of financial fraud in just the past 12 months.
For Sophia Leung, dealing with these threats is a daily responsibility. Leung is the Executive Vice President of the Protect Platform at TD, the bank’s security and digital monitoring arm. She explained how we arrived at a place where Canadians are so worried about fraud and cybercrime. She shared how she thinks financial institutions, dealers, and financial advisors can act to help protect and reassure their clients now.
“There’s a global epidemic of crime and with technology and the pervasive use of digital and mobile platforms, threats are boundaryless,” Leung says. “As the ease of cybercrime increases, we believe that these threats will continue to grow, which is why defenses including user education are really critical to protection.”
That education is so important, Leung says, as 52 per cent of the Canadians polled by the survey admitted to behaviours that could compromise their cybersecurity. That includes the use of public Wi-Fi to access personal or financial accounts (18 per cent), opening email attachments from unknown senders (15 per cent), and clicking links in texts or emails before verifying the sender (15 per cent). The rise of AI has only made these threats more commonplace and sophisticated.
AI, tax season, and cybersecurity risk
Stressing that “technology is a double-edged sword,” Leung explains that AI has lowered the barriers to entry for many digital scams. Fraudsters are also able to use generative AI technology like deepfakes and voice mimicry to fool individuals. She notes that this time of year is especially sensitive for Canadians’ digital security risks.
The rapid approach of tax filing deadlines at this time of year creates a sense of urgency that fraudsters look to exploit. Documents are often flying around and, in the case of individuals with layered finances, may involve some complexity to navigate. Documents may be demanded as email attachments, or requests may come through unverified links. Fraudsters often seek to create urgency as a way to make individuals less naturally sceptical, and when the season itself is urgent the fraudsters have an easier time of it.
Advisors’, dealers’, and platforms’ roles in protection
Leung says that in the face of all these threats at an intense time of year, the whole financial services industry needs to act to ensure safety and security. That begins with education around phishing scams, highlighting what fraudsters may ask for and what financial services providers will use for the secure transfer of information and documents. Discipline around email is especially important so clients know not to trust channels outside of secured platforms.
Advisors also need to be aware of these threats themselves, acknowledging that they are human and prone to the same mistakes. Their expertise does not make them invulnerable, Leung notes, and when lapses or errors do occur they should be willing and able to talk about it. Getting scammed can be embarrassing, especially for a professional, but by reporting honestly when something has occurred the damage can be limited.
As much as people can be coached into vigilance, Leung also believes that platform providers need to hold to the principle of “making the secure path the easier path.” She notes that at TD they have striven to make their app more user-friendly and broadly capable of deploying things like notifications, rather than using text messages. An easy to use platform will innately incentivize individuals to use it, rather than less-secure platforms, and help safeguard them. Conversely, a clunky app may make people share documents on unsecured channels.
For those institutions reliant on third-party platform providers, Leung says they still need to emphasize both security and ease of use as ways of addressing these cybersecurity threats and risks. Leung explained that the approach to cybersecurity at TD will continue to evolve, both through what they build in house and what they call on third parties to provide.
“The tactics that fraudsters use will continue to evolve. We have organizations that are always monitoring emerging threats. So we understand how AI deepfakes are being used, how real it is, in what scenarios, and we continue to invest in the controls that can mitigate those risks,” Leung says. “So really, monitoring emerging threats on a regular basis and adjusting our safeguards accordingly. Again, we have safeguards in place to prevent unauthorized access to customer information. And again, we monitor ourselves against industry intelligence to make sure that people who are monitoring what's happening with criminals and things like that, to make sure we're always adjusting that. That's 24‑7 for us.”
