Intact's Privacy Promise

The Intact Financial Corporation group of companies is committed to protecting your privacy. We will not collect, use or disclose your personal information except as stated in our Privacy Promise. Please visit our Privacy Promise page for more details on how we collect information from you.

How to protect yourself from fraud

Recognizing fraud

Fraud can take many forms, but one of the most common forms is insurance fraud. Some common examples of insurance fraud include the following:

  • Individuals who fabricate insurance claims
  • Auto repair shops who exaggerate the cost of claims
  • Medical clinics that ask claimants to sign blank accident benefit forms and invoice insurers for services never provided
  • Health care clinics that offer unnecessary treatments
  • Drivers who intentionally cause collisions

There are also many scams that are targeting Canadians, and new ones are being invented every day. Scams can come in different forms – text messages, emails, telephone calls and more. We encourage you to check the Canadian Anti-Fraud Centre’s website for a list of common scams.

What to do if you suspect fraud

Please contact your broker immediately or email us at FraudTips@intact.net:

  • If you suspect you have been a victim of fraud or witnessed any potential fraud
  • If you have questions regarding the authenticity of any correspondence sent by Intact Insurance
  • If you have questions regarding the authenticity of any promotions, contests or giveaways solicited over the phone in the name of Intact Insurance
  • If you have received a questionable request for personal information, like bank account details, over the phone

Consumers may wish to verify the status of a brokerage and/or identity of a broker via the Registered Insurance Brokers of Ontario’s directory.

In addition, the Insurance Bureau of Canada (IBC) issues fraud alerts to inform consumers about insurance scams.

Fake policies and non-existent insurance companies can put you and your insured property at risk. If you suspect fraud, you can also contact the IBC TIPS Line at 1-877-IBC-TIPS or the Canadian Anti-Fraud Centre at 1-888-495-8501.

Job applications

Be aware of fraudulent online job postings on popular websites including job recruiting websites. These postings typically offer candidates the opportunity to work from home doing online data entry. The Human Resources person would contact the candidate via email asking them to start a conversation on Google Hangouts with a hiring manager.

Once the interview is complete, and the candidate is deemed successful, they are asked to deposit a cheque from the fraudulent company and provide a deposit slip containing personal banking information.

Intact does not engage in these hiring practices. Intact does not send official correspondence through Gmail accounts and does not send cheques to prospective employees after the fact asking for personal banking information.

If you are unsure if the job application is authentic, always check against Intact’s Career website. The jobs will be posted there as well.

If you have received such correspondence and/or cheque, please report it to your local police agency and send a copy of your police report to Intact at FraudTips@intact.net.

Telemarketers

We would like to warn consumers about a telemarketer scam involving the use of phone numbers associated with Intact Insurance. There have been reports of people receiving calls from various telemarketers that ‘spoof’ internal, unpublished Intact phone numbers as their caller ID.

Typically, the callers employ various tactics to demand money and banking information. Most recently, one such telemarketer offered a fraudulent trip giveaway as a way of luring someone into providing sensitive banking information.

While these phone numbers are associated with Intact and returned calls are connected to Intact’s Auto Attendant, these calls do not originate from Intact Insurance.

Intact Insurance never contacts customers to request banking information over the phone. Additionally, Intact promotions would not be conducted in this manner and are never unsolicited.

Mail fraud

Intact would like to alert the public to a potential mail scam using Intact’s mailing address. Consumers have reported receiving letters with the return address on the envelope indicating Intact’s Toronto office. Typically, there are no other identifiers.

The correspondence does not list Intact Insurance by name and is not on official letterhead or stationery. In some cases, the correspondence refers to "Life Insurance Unclaimed Fixed Deposits", and "Claim Department".

Please note, these letters are not from Intact Insurance.

Intact would not send correspondence in this manner. Official correspondence from Intact would clearly indicate it was from Intact, which includes Intact branding and logos.

If you have questions regarding the authenticity of any correspondence sent by Intact Insurance, please contact your broker or email: FraudTips@intact.net.

Mystery shopper

It has come to Intact’s attention that fraudulent letters and cheques bearing the name and logo of Canadian financial institutions are being sent to consumers as part of a mystery shopper assignment.

The scam typically involves asking the recipient to deposit a cheque, keep $400 in their account as payment and wire a sum of money to another person’s account. However, the cheque will not clear and the recipient will not be able to recover the sum transferred.

Please note that Intact does not send out letters of such nature or cheques to consumers for such programs.

If you have received such a letter and cheque, please report it to your local police agency and send a copy of your police report to Intact at FraudTips@intact.net.

Secure your accounts

Create strong unique passwords

  • Use unique and strong passwords for your online accounts.
  • Don’t reuse passwords or use incremental numbering and consider using a password manager if you need help remembering your passwords.
  • Avoid using information like your name, birthdate, and common words/ phrases.

Multi-Factor Authentication (MFA)

  • When available, MFA is a multi-step account login process that requires more information than just a password (e.g., users might be asked to enter a code sent to their email or mobile device (SMS) or scan a fingerprint in addition to their password).
  • Enabling MFA on your apps/phone provides additional security.

Practice safe emailing

  • Before opening an attachment, verify its source. If you receive an unexpected attachment or if it looks suspicious, do not open it. Instead, contact the sender through a separate communication channel to confirm its authenticity.

Social media

  • Review and adjust the privacy settings of your social media accounts regularly. Limit the amount of personal information visible to the public.
  • Be careful about sharing personal information such as phone number, address, birthdate as this can be used by cybercriminals for phishing and identity theft.
  • Be careful when accepting friend's requests and connections. Verify the identity of the requester before accepting friend requests or connection invitations.

Secure your devices and their connections

Devices

  • Mobile devices, routers, gaming consoles, smart TVs and anything that connects to the internet can require regular updates to ensure proper functionality and security.
  • Most devices and their apps need to be regularly updated for stability, bug fixes, and security. If your device or apps do not automatically update, make sure to manually update when available.
  • Most devices are at risk of being infected and corrupted by malware and/or viruses. Having a proper Antimalware and Antivirus software installed increase your protection against these threats.

Social engineering

  • Psychological manipulation tactics used by cyber criminals to gain control over a computer or mobile device, or to steal personal and financial information. These tactics trick people into making security mistakes or giving sensitive and personal information.
  • A few indicators of an attack, can be: A phone call, text message or email that creates a sense of urgency, uses intimidation or curiosity, causing you to take immediate action.
  • Phishing emails are designed to trick recipients into revealing sensitive information or clicking malicious links. Be cautions with emails that ask for personal information, login credentials or financial information.

Wi-Fi

  • Avoid using public or unsecure wi-fi networks, such as those in cafes, airports, or other public places. Use Virtual Private Network (VPN) software if you need to access sensitive information such as your bank account.

Staying safe online

Internet and browser security

  • Use only well-known browsers and keep them current by applying software updates when notified.
  • Practice safe browsing habits.
  • Use secure and encrypted websites (https://) for online transactions. Look for https:// not http:// in the address bar.
    • Be cautions when clicking on links or downloading files even from websites you trust. Using an antivirus/antimalware software will add a layer of protection.
    • Avoid clicking links included in emails, especially if those emails are unexpected. It is always best to type the web address of the page you need to access into your browser, or bookmark previously trusted websites in your browser.

Data protection and destruction

  • Ensure you securely dispose of printed material that have sensitive or personal information (e.g., bank statements, prescription labels, etc.).
  • Backup your information, using Online Cloud Storage services, external hard drives, or USB drives.
  • When using Cloud Storage services ensure that the security controls are set properly.
  • When using physical storage media like hard drives or USB keys, make sure you store them in a secure place. When possible, use password protection and encryption.