Go to:
  1. Personal
  2. Business
  3. About Us
Search
  1. Security
  2. Fraud Advisory

Recognize it. Report it. Stop it.

Conexus does our best to safeguard your interests, but you should also take precaution to protect your identity and your money. Awareness is security, so familiarize yourself with the tips below to protect yourself.

Tips for safeguarding against fraud

bullet icon

Set up security alerts. You'll get a text or email message when there’s suspicious activity on your Online Banking accounts. 

bullet icon

Be very, very careful with your Social Insurance Number (SIN). It's an important key to your identity, especially in credit reports and computer databases. 

bullet icon

Never disclose your Personal Identification Number (PIN) to anyone. If you do, you could be held liable for losses. Be PIN smart. 

bullet icon

Guard your PIN use. Use your hand as a shield to prevent others from observing you entering your PIN when conducting a transaction by ATM, debit, telephone or computer. 

bullet icon

Choose difficult passwords and change them often. Memorize your passwords and don't write them down and leave them in your wallet, or an equally obvious place. Never share them. 

bullet icon

Check your bank and credit card statements regularly to ensure that all transactions are legitimate. 

Safety precautions for Online Banking 

bullet icon

The easiest way to tell if an email is fraudulent, is to know that we’ll never ask you for your personal passwords, personal information numbers or login information in an email. Legitimate financial institutions do not include links to their web sites in email communications to customers. 

bullet icon

When banking online, check the address of any pages that ask you to enter personal account information. In the toolbar at the top of the page any legitimate Internet banking web site will begin with ‘https’ to indicate that the page is secure. 

bullet icon

Look for the padlock found in the lower right corner of your screen. If the page is legitimate, by clicking on the padlock, you can view the security certificate details for the site. A fraudulent site will not have these details. 

bullet icon

Type in our web address yourself to ensure you’re transacting with our server. 

Fraudulent use of your password?

If you suspect or become aware that there has been misuse or unauthorized use or knowledge of your password, please change the password and notify Conexus as soon as possible.

Contact us

Feb. 23, 2024: UPDATE to CAFT Access Removal

This message is an update to the one sent to you on Friday, February 16. As we work to connect with each of you to resume use of the CAFT system, our ability to keep up with calls volumes has been challenging. Those members with immediate needs to enable critical transactions such as payroll, please continue to reach out as soon as possible by calling your Advisor or Member Contact Centre (MCC) at 1800-667-7477. For other members who do not need to access the CAFT system urgently, please reach out to your regular business representative to make arrangements to reinstate your access. If you have already connected with an Advisor there is no need to do so again.

Feb. 16, 2024: CAFT Access Removal

Effective Monday, February 19 access to CAFT Payments System will be revoked to all CAFT Originators and users
We understand this will cause issues for our members, and as such, this was not a decision we made without careful consideration on the best path forward. In November we alerted business members to the CAFT Spoof website and implemented multifactor authentication (MFA) to enhance security of your account. We are taking additional steps to help keep your money secure from fraudulent transactions.

Revoking access to all CAFT Originators and Users for reinstatement. To reinstate your access to CAFT you must connect with your Advisor or Member Contact Centre (MCC) at 1800-667-7477. As part of reinstating the connection to CAFT members must establish transaction limits, accept a three-day hold on all transactions, and create a new password for the account. Moving forward, Conexus will be required to authorize all transactions. Your Advisor or MCC will assist you with these requirements.

Nov. 3, 2023: CAFT Spoof website alert

We’ve been advised that a CAFT spoof website has been discovered. CAFT is a third-party provider that allows our business members to automate their payment services.

Website spoofing is when an attacker sets up a fraudulent website that looks nearly identical to a legitimate website to attempt to redirect users and steal personal information. I this case, the cyber-criminals created a spoofing website using a fake URL that look similar to the real URL. One example of a fraudulent website they created was using a dash rather than a period. So instead of caft.paymentsanytime.com, they used caft-paymentsanytime.com.

While we have not seen any impacts on our members, as a precaution, any business member who uses CAFT is asked to reset their password immediately. This can be done by accessing ‘manage my password’ on CAFTs website or contacting us at 1-800-667-7477.

January 21 - CAFT Phishing Alert CUPS™  

Payment Services (CUPS) advises that there is a Phishing Scam that appears to come from CAFT. The following is a snippet of the email with comments. This does not originate from CUPS or any CUPS employee, and is an attempt to phish for information. The link is redirecting the customer to a fraudulent site used to collect your CAFT login credentials.  

Should you receive this email: 

  • If you clicked on the link in the email, change your password on the authentic CUPS CAFT website immediately.

  • Or, disregard and delete the email immediately  

December 28 - Online Access SMiShing Text  

The fraudsters are trying to be as slippery as the streets outside. Please be aware fraudsters are sending out SMiShing texts that your online access has been disabled and need to be enabled. The fraudsters are looking for your banking credentials. 

  • DELETE the text immediately.  

  • If you have visited the site they provided and entered your login information, you will need to reset your online banking password immediately.  

  • Please contact our Member Contact Center for assistance 1-800-667-7477. 

November 6 - Online Services SMiShing Text 

The fraudsters are trying to be as slippery as the streets outside. Please be aware fraudsters are sending out SMiShing texts that your online access has been disabled and need to be enabled. The fraudsters are looking for your banking credentials. 

  • DELETE the text immediately.  

  • If you have visited the site they provided and entered your login information, you will need to reset your online banking password immediately.  

  • Please contact our Member Contact Center for assistance 1-800-667-7477. 

November 3 - Enhanced Security Phishing Email 

The fraudsters are trying to be as slippery as the ice outside. Please be aware fraudsters are sending out phishing emails about Enhanced Security being disabled. The fraudsters are looking for your banking credentials. 

  • FORWARD the email to security@conexus.ca then DELETE the email immediately. 

  • If you have visited the site they provided and entered your login information, you will need to reset your online banking password immediately.  

  • Please contact our Member Contact Center for assistance 1-800-667-7477.