Phishing Scams

We’re committed to keeping your account information safe and secure. That’s why Scotiabank will never:

  • Send you unsolicited emails or text messages asking for confidential information, such as your password, PIN, access code, credit card and account numbers.

  • Ask you to validate or restore your account access through an email or text message.

Trust your instincts. If you think you’ve been targeted by cybercriminals or notice something odd the next time you’re banking, please call us immediately at 1-800-4-SCOTIA (1-800-472-6842). Don’t wait until the next business day.

“Phishing” is a type of identity theft. Cybercriminals create emails, texts, social media messages and pop-up windows that look legitimate. They use them to try and trick you into sharing confidential information like: PINs, passwords and account numbers. Once they have your information, they can use it to commit fraud and take your money.

Spotting a scam

Let’s say you get an email, text, or online message and you’re trying to decide if it’s legitimate. Start by asking yourself:

  • Do I know the sender? – If you haven’t communicated with this person or company before and you didn’t sign up to receive communication, it could be a scam.
  • Are there spelling and grammar mistakes? – Sometimes the email is just poorly written. Other times the mistakes are intentional to get through spam filters.
  • Do the colours or design look odd? – Perhaps the colours, text size or format are different than the legitimate company usually uses. This might be a scam.

Criminals want you to act without thinking. That’s why phishing scams often use language that makes you feel worried or afraid. For instance some scams may:

  • Threaten to close or suspend your accounts if you don’t provide or verify personal information.
  • Claim your account has been compromised or that there has been fraudulent activity on your account. They’ll ask you to enter or confirm your account information.
  • Tell you that there are unauthorized charges on your account and ask for your account information.
  • Claim that your bank has lost important security information and request that you update your information online.

Other times phishing scams may simply:

  • Request that you enter your personal information including your card number, password, access code or account numbers into an email, pop-up window, form or non-secure webpage.
  • Ask you to confirm, validate, verify, or refresh your account, credit card, or financial information.


  • Do be suspicious of any email message that asks for personal or financial information.
  • Do use passwords that are hard to guess.
  • Do memorize your passwords. If you absolutely have to keep them written down, make sure you store such records in a safe location.
  • Do consider using software password managers to secure your online banking and other sensitive passwords.
  • Do be cautious of telephone calls asking for your password or PIN.
  • Do be suspicious of unusual and high-pressure telephone calls appearing to come from Scotiabank. If this happens, hang up and call us at 1-800-4SCOTIA (1-800-472-6842) to report it.
  • Do shred confidential documents that are no longer required.


  • Don’t open attachments or click on hyperlinks in emails or text messages sent by unknown senders.
  • Don’t call any number that appears on an email you think is fraudulent.
  • Don’t share your banking passwords with anyone.
  • Don’t use storage media devices like jump drives or USB memory keys that you’ve found in a public place or received as a “free gift”.
  • Don’t leave your computer, tablet or mobile device unattended when you’re logged into online banking.
  • Don’t just close the browser when you’ve finished banking online. Instead, always log off.
  • Don’t click on a link in an email or pop-up window to go to a site. Instead type the web address yourself in a new browser window to ensure you’re connecting with the legitimate company.

If you receive a phishing email

Report it by forwarding the email to Please do not remove the original subject line, or change the email in any way when you forward it.

If you clicked a link or shared personal information

If you’ve entered personal information after clicking on a link or suspect fraudulent behaviour, please call us immediately at 1-800-4SCOTIA (1-800-472-6842). We’ll take steps to protect your account and safeguard your personal information.

Online Security Guarantee

We will fully reimburse you in the unlikely event that you suffer direct financial losses due to unauthorized activity1 in your accounts through Scotia OnLine Financial Services2 or through Mobile Banking, provided you have met your security responsibilities.