Member notice: Important changes are coming to your personal financial statements with Prospera. Notably, we'll be changing the method of distributing T5 slips, followed by enhancements to your account statements. Click here for more details.
Skip to main content

Security learning centre

    Protecting your information is our #1 priority

    Being security concious is important to help protect your personal and financial information. By learning more about security, you can take proactive measures to keep your information safe. Click one of the icons below to learn more about how to protect yourself from online and offline from threats.
    Online security
    • Recent online scams
    • Secure browsing
    • e-Transfer fraud
    • Phishing
    • Cyber-security tips
    Protecting your information
    • Using your information
    • Password security
    • Identity theft
    • Alerts
    • Security technology
    Offline security
    • Recent offline scams
    • Card safety
    • Cheque fraud
    • Smishing
    • Ofline-security tips

    Don't want to read the fine print? Learn from our security videos:

    Practicing the four cornerstones of internet safety
    Protect yourself against a personal cyber attack
     
    2 Factor Authentication

    2 factor authentication

    Two-Factor Authentication (2FA) works by adding an additional layer of security to your online accounts.

    It requires an additional login credential – beyond just the username and password – to gain account access, and getting that second credential requires access to something that belongs to you.

    Five important tips to keep your online banking and personal information safe



    1. Create strong and unique passwords

    2. Never share your login information with anyone

    3. Avoid banking on public Wi-Fi as these networks are not secure

    4. Make sure your financial institution takes security seriously, and invests in technology designed to protect your account

    5. Keep a close eye on your accounts and report suspicious activity

    Security Alerts

    Online banking alerts

    There are three types of alerts you can set up:
    1. Account Alerts
    2. Transaction Alerts
    3. Investment Alerts

    Ready to enable alerts? Follow these four steps:

    1. When you sign onto online banking, click 'Messages and Alerts' in the menu at the left.
    2. Click 'Manage Alerts'.
    3. Under 'Security Alerts', select the alert you want from the choices offered and then click 'Get Started'.
    4. Follow the prompts provided to activate the security alert on your account.
     

    How Prospera protects you

    Alerts
    Alerts
    We have 3 categories and 16 different types of alerts you can enable to help secure your account. Once set-up, you'll get notified via email or text message.
    Security & Encryption
    Security & Encryption
    We use state of the art encryption technology, controlled account access, automatic session time-outs, reCAPTCHA, and enhanced login procedures like 2 step authentication.
    24 hour support
    24/7 Tech Support
    Whether you need help with your account or fear you may have been hacked, we have a knowledgeable team at the ready to help you whenever you need it, 24/7.
    Fraud Detection
    Fraud detection
    We use advanced fraud protection measures to detect and prevent unauthorized access and activity on all of our members' accounts.
     

    Commonly asked security questions

    If you suspect that your bank account has been hacked, there are several immediate steps you should take to protect your finances:

    1. Contact Prospera immediately: Call the Prospera Member Service Centre at 1 888 440 4480 or visit a branch as soon as possible to report the incident. Our reps can advise you on the steps to take and may be able to freeze your account to prevent further damage.

    2. Change your passwords: Change the passwords for all of your online accounts, including your online banking account. Use a strong, unique password that includes a mix of upper and lowercase letters, numbers, and special characters.

    3. Monitor your account: Keep an eye on your bank account and credit card statements for any unusual transactions. Report any unauthorized transactions to Prospera immediately.

    4. Check your credit report: Order a copy of your credit report to make sure there are no unauthorized accounts or loans opened in your name.

    5. File a police report: If you suspect that your account has been hacked, file a police report. This can help you to document the incident and provide evidence if you need to dispute any fraudulent transactions.

    6. Consider adding extra security measures: Activate two-factor authentication for when you log in or account alerts for unusual transactions.

    Remember, it's important to act quickly if you suspect your account has been hacked. By taking immediate action, you can help to limit the damage and prevent further fraudulent activity.

    Debit card missing? Contact Prospera immediately.

    Report online

    1. Log in to online banking.
    2. Click “account services.”
    3. Click “lost/stolen debit card.”
    4. Fill out the required information.


    Report by phone

    Call the Member Service Centre at 1 888 440 4480 during business hours
    (Monday to Friday 8 am – 8 pm, and Saturday 9 am – 5 pm).

    For more information, click here.

    At Prospera we take many precautions to keep your information safe and secure. Here are some of the ways we protect your information:

    1. Strong authentication: We require strong passwords be created and updated regularly along with multi-factor authenticiation to verify your identity. This means you will need to use your password and a one-time code that is texted to your phone to login.

    2. Encryption: We use encryption technology to protect your data when it is transmitted over the internet or stored on our servers. Encryption makes it much more difficult for unauthorized individuals to intercept and access the data.

    3. Firewalls and antivirus software: We use firewalls and antivirus software to protect our systems from unauthorized access and malware.

    4. Regular security assessments: We regularly conduct security assessments to identify vulnerabilities and strengthen their defenses against cyber attacks.

    5. Training and awareness: We provide regular training and awareness programs to our staff and members on cybersecurity best practices, such as creating strong passwords, recognizing phishing emails, and avoiding public Wi-Fi networks.

    6. Compliance with regulations: We are subject to strict regulatory requirements that mandate the protection of member information.

    By implementing these and other security measures, we work hard to protect your information and prevent data breaches and other security incidents.

    There are several ways to determine whether a website or email is safe:

    1. Look for the padlock symbol: Check for a padlock symbol in the address bar of your web browser. This indicates that the website is using a secure connection and encrypting data sent between your computer and the website.

    2. Check the URL: Make sure the URL of the website starts with "https://" instead of "http://". The "s" stands for secure and indicates that the website is using a secure connection.

    3. Verify the sender's email address: Check the sender's email address to make sure it is from a legitimate source. Beware of emails that use generic salutations, contain spelling or grammar errors, or come from suspicious or unknown sources.

    4. Be cautious of unsolicited emails: Be wary of emails that you did not expect or did not request. Avoid clicking on links or downloading attachments from unsolicited emails.

    5. Use anti-virus software: Use anti-virus software to protect your computer from malware and viruses.

    6. Check reviews and reputation: Check the reputation of the website or company by reading reviews or searching for information about them online.

    7. Trust your instincts: If something seems suspicious or too good to be true, it probably is. Trust your instincts and be cautious of websites or emails that seem suspicious or untrustworthy.

    By following these guidelines, you can help to protect yourself from scams and cyber attacks and ensure that you are using safe websites and emails.

    Phishing is a type of online scam in which a cybercriminal creates a fake website or sends a fraudulent email in an attempt to trick individuals into revealing sensitive information such as usernames, passwords, and credit card details. The goal of a phishing attack is to steal the victim's personal and financial information for financial gain or other malicious purposes.

    Phishing scams often take the form of official-looking emails or websites that appear to be from legitimate sources, such as a bank or an online retailer. The email or website may ask the victim to provide personal information or click on a link that will download malware onto their computer. The email or website may also contain urgent or threatening language to create a sense of urgency and convince the victim to act quickly.

    To avoid falling victim to a phishing attack, it's important to be wary of any email or website that asks for sensitive information or contains suspicious links. Always verify the sender's email address or the website's URL before entering any personal information, and make sure your computer and web browser are up-to-date with the latest security patches and anti-malware software.

    Smishing is a type of cyber attack that involves the use of text messages (SMS) or multimedia messages (MMS) to trick individuals into disclosing sensitive information or downloading malicious software onto their device. Smishing attacks are similar to phishing attacks, but instead of using email, the attacker uses SMS or MMS messages to deliver the malicious content.

    A typical smishing attack involves the victim receiving a text message that appears to be from a legitimate source, such as a bank, a retailer, or a social media platform. The message may contain a link or a phone number that the victim is asked to click on or call to provide personal information such as account numbers, passwords, or credit card details. Alternatively, the message may contain a malicious link that, when clicked, installs malware onto the victim's device.

    To protect yourself from smishing attacks, it's important to be cautious of unsolicited text messages or messages that contain suspicious links or requests for personal information. Do not click on links or call phone numbers in messages from unknown sources or that look suspicious, and never provide sensitive information to unsolicited requests. Always verify the sender's identity before taking any action and use anti-malware software on your device to protect against smishing and other types of cyber attacks.

    Think of a mobile wallet on your phone like a digital pocket for your money. It's designed to keep your money and personal information safe, just like a real wallet in your pocket.

    Password Protection: Just like you need a key to open a real wallet, you need a password, PIN, fingerprint, or face recognition to access your mobile wallet. This keeps unauthorized people from getting in.

    Encryption: Your mobile wallet uses a special code to turn your sensitive information into a jumble of letters and numbers. Only your phone knows how to decode it, making it hard for hackers to understand your data.

    Secure Storage: Your mobile wallet stores information in a safe part of your phone's memory. It's like a hidden, locked vault that's difficult for outsiders to break into.

    Two-Factor Authentication: Some mobile wallets use an extra layer of security. After you put in your password, they might send a code to your phone. This means even if someone knows your password, they can't get in without your phone.

    Remote Wipe: If you lose your phone, many mobile wallets let you remotely erase your payment information. This way, even if someone finds your phone, they won't find your financial details.

    Regular Updates: Developers behind mobile wallets often release updates to fix any security weaknesses they discover. Keeping your mobile wallet app updated helps to keep it safe from new threats.

    Trusted Sources: Only download mobile wallet apps from official app stores like Apple's App Store or the Google Play Store. These stores check apps for security before they're allowed in.

    Secure Transactions: When you use your mobile wallet to pay for things, it uses special codes and encryption to make sure your payment information is sent safely to the seller.

    Remember, while mobile wallets are generally safe, it's important to be cautious. Don't share your passwords or let anyone else access your phone without your permission. And always keep an eye out for any unusual or suspicious activity on your mobile wallet app.
     
     

    Want to learn more about online banking safety?

    The Government of Canada has developed information regarding secure use of online banking as a part of their Canadian Centre for Cyber Security. Check out their resources to learn more about keeping your information safe.

    Learn more

    How to reach us

    Call our Member Service Centre

    Toll free
    1 888 440 4480

    Monday to Friday
    8 am - 8 pm

    Saturday 9 am - 5 pm

    Contact tech support
    Send us an email