Security

How we protect you

Online banking provides convenient access to information and the ability to perform transactions from any internet connection. G&F Financial Group maintains a secure and monitored environment, we continually take steps to improve our systems to safeguard the personal information of our members.

Online banking alerts Expand/Collapse

Alerts allow you to receive email and/or text message notifications when various activities occur in your accounts.  While balance and account information can be viewed on the Alerts message, no personal information, account numbers or any data that could be used to identify accounts or members can be retrieved, which ensures a high level of protection.

  • Security Alertsprovide an additional layer of protection by allowing you to detect possible fraud quickly and take appropriate action
  • Balance and Activity Alertscan help you to better manage your finances and budget

There is no fee to sign up for Alerts, and no fee to receive them. However, your wireless carrier may charge you for receiving text messages and for data usage.

Get started today

  1. Login to online banking.
  2. Click on Messages and Alertsin the shortcuts menu on the left side of the page.
  3. Click on Get Started Todayor Manage Alerts in the shortcuts menu on the left side of page.  Follow the steps as outlined.

Controlled access to your accounts - passwords Expand/Collapse

To protect our members we enforce strong Personal Access Codes (PAC). Characteristics of an effective strong PAC include an alphanumeric combination, with a combination of upper and lower case letters, and special characters. Phrases that are extended in length but easy for you to remember would create a stronger PAC. A good example may be: My2dogshave5brownspots!!

 

Avoid using keyboard strings (qwerty), repetitive letters or numbers, dates, common words (e.g. password, winter, etc.), personal information (e.g. name, date of birth, phone number, city names, etc).

Automatic session time-outs Expand/Collapse

To help you protect your information, your online banking session will end automatically if there has been no activity for 20 minutes.

Access to our databases is strictly managed and systems are in place to ensure security is not breached, including the physical security of our computer hardware and communications.

For more information on the specific policies and practices that we use to safeguard your personal and financial information, please view our Privacy Policy.

How you protect yourself

Security is everyone’s responsibility, and there are many things you can do to minimize the risks to you and your money.

If you ever suspect your personal information may be compromised – or you think you may be a victim of fraud – it’s your responsibility to get in touch with us immediately at 604-419-8888 or contact your G&F branch.

Protect your password Expand/Collapse

Just as the key to your home protects unwanted entry, the online banking ‘key’—your Personal Access Code (PAC)—ensures that only you can access your accounts. It is your responsibility to ensure that your ‘key’ to the online banking section of this website is protected. Please observe the following security practices:

  • Select a PAC that is easy for you to remember but difficult for others to guess
  • Do not use a part of your bank or debit card PIN or another password
  • Keep your PAC confidential and do not share it with anyone
  • Do not write your PAC down or store it in a file on your computer. A secure password keeper tool may be a good option.
  • Never disclose your PAC in a voice or email, and do not disclose it over the phone
  • Ensure no one observes you typing in your PAC
  • Change your PAC on a regular basis, we suggest every 90–120 days
  • Your PAC should not be the same as other online website passwords

Phishing and smishing attempts are getting more sophisticated Expand/Collapse

We take phishing and smishing attempts on our members very seriously. If you receive a correspondence that you think may not be from G&F, please report it to us by sending the e-mail to inquiries@gffg.com or calling us at 604-419-8888 .

  1. Phishingis the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication – ie: email.
  2. Smishing the fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers

G&F will never send you an unsolicited email or text message that asks you to provide sensitive personal information like your social security number, bank account number, and credit card information, ID questions like your mother's maiden name or your password. If you receive a suspicious email, report it immediately.

Safety precautions for online banking Expand/Collapse

  1. Don’t click or open anything you weren’t expecting to get without being certain of its safety - including being skeptical of links or attachments from friends or family. An e-mail FROM addresses can easily be spoofed and look like it’s from a friend.
  2. Deactivate autoplay - autoplay allows applications to open digital media instantly and ransomware can exploit this and trick computers into running a program.
  3. Stay up to date - accept and install updates to your computer’s operating systems, browsers and plug-ins when received from a legitimate and recognized source.
  4. Check your bank and credit card statements regularly to ensure that all transactions are legitimate
  5. Ensure your home PC is running up to date anti-virus software.

Intercepted e-Transfers Expand/Collapse

There has been a recent spike in an attack vector called “intercepted e-Transfers".  

What is an Intercepted e-Transfer you wonder?

This occurs when a legitimate customer sends an e-Transfer to someone they know. Criminals seize the opportunity to deposit the funds to a mule account before the intended recipient has the chance.  The interception is not caused by a vulnerability at G&F Financial or the Interac e-Transfer product, but rather because the recipient’s email account was accessed by a criminal. Once in that account, criminals can “see” the notification from Interac and use the deposit link to redirect funds into a different account by answering the security question.

Here are some tips to help you protect yourselves. Members should:  

  • Not communicate the answer to the security question via email.  Call and/or text the recipient with the password.
  • Select a question and answer that is not easy for a third party to guess.  If the notification is intercepted, it will be harder for a criminal to answer and steal the funds. 
  • Be cautious not to click on any phishing links and ensure that they are only transacting with trusted websites, vendors and people.
  • Immediately notify their financial institution if they sense anything suspicious about their transaction.