# Visa Statement



## newfoundlander61 (Feb 6, 2011)

Is it safer to get your Visa statement by email or in the mail.


----------



## carverman (Nov 8, 2010)

I don't have visa, but I insist on getting my CC statements in the mail.


----------



## rsyl (Aug 15, 2014)

If someone wanted to get a hold of my personal info, it's probably easier to pluck my physical mail before I got home (home delivery) than it would be to hack into my email.

I get neither though, I only get my statements online, so someone would have to hack into my bank account which I hope is the safest option.


----------



## Fraser19 (Aug 23, 2013)

I get an email saying that my statement is ready to be viewed. Then I log onto my bank and view the statement there. 

When I look at my personal email address under security I see that there are usually 5 - 10 times a day when someone tries to log onto my email address. The locations are usually in Europe. I guess that is what happens when I post stuff on Kijji.
Long story short, very few confidential things come to my personal email address.


----------



## lightcycle (Mar 24, 2012)

Both methods are insecure.

Physical mailboxes can be ransacked in a targeted manner, where the attacker has a lot of other corroborating mail on hand. The concern with this kind of attack is that it will have the attention and focus that someone/something harvesting e-mail accounts won't, and often results in identity theft, not just the acquisition of a credit card number.

The problem with electronic mailboxes is that they are accessible to anyone in the world with Internet access, from the guy down the street to a hacker in Bulgaria or North Korea. Most of these attacks are carried out automatically by programs which don't even run on the hacker's computer, but will drop off their results in a location where the attacker can pick them up undetected and untraced.

Of the two, I'd worry more about the physical, targeted attack.


----------



## brad (May 22, 2009)

Fraser19 said:


> I get an email saying that my statement is ready to be viewed. Then I log onto my bank and view the statement there.


Yes, I think that's the norm. I'd be surprised if any credit card companies actually send you a statement by email. I've never seen that myself and I can't imagine any reputable credit card providers even offering that as an option, since it's so obviously insecure.

I think the safest/most secure approach is to receive notifications by email rather than receiving statements in the physical mail or by email. But if the email provides a link to your online banking site, don't click on it. Instead go to your web browser and log in via your own bookmark. That'll ensure you don't get into the habit of clicking on links in emails, which is what usually gets you in trouble. I almost never click on links in emails, with just a few exceptions, and in those exceptional cases I always hover over it first to see the URL and verify that it's actually going where you think it's going.


----------



## Beaver101 (Nov 14, 2011)

lightcycle said:


> Both methods are insecure.
> 
> ...


 ... +1. But I think the electronic method would be a risker method if your bank account gets hacked. 

Now if the question / poll is asking which method would you prefer to receive your CC statements, I would pick mail for reason simply I pay it on time. There is a greater chance of me missing payments on my CC in an electronic form than by snail mail. I don't see the paper bill, I don't (remember or go seeking the bill) to pay it. :hopelessness:


----------



## fatcat (Nov 11, 2009)

i don't think many banks sends statements by actual email

they have online statements which you read by logging on the to the site

in my case with td you see the statement in pdf and can download it of read it online

this is far safer than email 

statements by mail are *by far* the most insecure


----------



## Userkare (Nov 17, 2014)

What could someone do with your CC statement if they got hold of it? Pay it for you?

Just kidding. Seriously though, if the issue is that they would have your address and CC number, they still wouldn't have the PIN ( chip cards ) or the security code on the back of the card. Any unauthorized usage would be covered by the issuing bank in any case. I'm much more concerned with using a credit card for on-line purchases, or even handing it over to a waiter/waitress who walks away with it. Many restaurants use the portable credit/debit card readers for just that reason.

As for postal mail, in my case, they wouldn't even have to steal it. Our postal person puts mail in the wrong box all the time. I've gotten CC statements for my neighbours on several occasions. Lucky for them I'm honest, and bring the (unopened) envelope to their door.

I don't get a single bill in the mail any more. I also prefer to receive an e-mail reminder for me to sign-in to the company web site to fetch the statement.


----------



## carverman (Nov 8, 2010)

This discussion has opened up another can of worms..which method is safer from email fraud, phishing, hackers, mail theft, identity theft, etc.

There was a story on TV news yesterday of a woman in Calgary that had *her account emptied out of thousands of dollars THREE TIMES in the last few months!*

Apparently RBC claimed that the woman coming in to their branches pretending to be her..had all the right credentials (drivers licence, cards etc), and knew her bank accounts. Stupid bank tellers just handed her the money no questions asked or checked on identity. 
She (the victim) may have divulged too much information on these social media sites like facebook etc.

None of these current methods of notifying how much the current set of charges on your CC are completely safe.

You just takes your chances, and hope that you are protected on your savings by CDIC, and if you see any
suspicious charges, notify your CC companies, they will launch a fraud investigation on any unauthorized use
of your card.
I believe you may still be liable up to $50, but not sure on that.

Safest thing is to not have any CC. Pay cash for everything. Maybe keep some money in your mattress for emergencies.


----------



## Beaver101 (Nov 14, 2011)

^ Saw that news ... hard to believe that the bank would be that stoopid to just hand over the money without checking her account/identity "supposedly" tagged on file. But again, the stoopid RBC would ask for ID on your own issue-check, not surprised here. Sounds like an inside job, only so easy to clean out someone else account. If I recall correctly, one withdrawal was for $7,000 - what did the bank give the fraudster, all loonies?


----------



## Userkare (Nov 17, 2014)

Beaver101 said:


> ^ Saw that news ... hard to believe that the bank would be that stoopid to just hand over the money without checking her account/identity "supposedly" tagged on file. But again, the stoopid RBC would ask for ID on your own issue-check, not surprised here.


I once went into the RBC, and asked the teller for a cash withdrawal. I don't remember the exact amount, but it was not just a few hundred, or I would have used the ABM. When she finished counting out the money, I asked her "So you'll just give my money away to anyone who comes in here and asks for it? Don't you want me to swipe my card and enter a PIN?" I don't go to the tellers often enough for them to actually recognize me, but she said "I know who you are". I asked how she knew who I was, and she replied "If I told you that, we'd have to kill you". All very amusing, but the only thing I could think of was that when I opened the account, they took a snap of the security footage from the cameras, and put it in my profile, so that the teller could covertly verify ID.

I wonder if this is true of every branch, and then if perhaps the woman taking the money closely resembled the account owner.


----------



## kcowan (Jul 1, 2010)

Userkare said:


> What could someone do with your CC statement if they got hold of it? Pay it for you?


ID theft.


----------



## kcowan (Jul 1, 2010)

I have asked for all my statement electronically. I get emails advising when they are ready for download. I do this because I live in Mexico for 6 months. The people that cannot accommodate my request are:

Chase Visa Credit
Industrial Alliance Insurance
CNS House Insurance
Some Mutual Funds (annual reports) and Stocks Shareholder Meetings (some use proxyvote, others insist on mailing, or both)
ICBC

The first 2 have online statements but will not suspend their mailings. But I never click on any links included in emails (except friends who ID themselves). Too much phishing these days!

About 90% of my tax statements come electronically. And, of course, all CRA mailings.


----------



## carverman (Nov 8, 2010)

Userkare said:


> I once went into the RBC, and asked the teller for a cash withdrawal.


Did you have the correct account number on the withdrawal slip? That is usually enough for them to give you the money. The bank tellers these
days are part timers and I don't think they start looking at the video footage first for further identification clues.
I you are "Mr so and so" or Mrs/Ms So and so:, "warm and vertical",that is probably enough for them, if the person you represent has an
account at that branch.

They are not paid to think or be suspicious with each withdrawal unless it's over 10K, then then federal regulations will force them to ask
you for Id. 



> I wonder if this is true of every branch, and then if perhaps the woman taking the money closely resembled the account owner.


They change tellers often enough that most don't know who you are, unless you go into the same branch frequently (more than one a week)
to deposit at a tellers wick, and the tellers serving you have seen you many times and know who you are.

Identity theft, maybe she started to provide a lot of info on her on social media, such as Facebook? Criminals have access to Facebook as well.
If you are careless enough not to keep your id and banking information a complete secret, sooner or later the thieves have ways to relieve you of your money.
I don't know, but that was pretty dumb to set yourself up 3 times at the same Bank, (IMO of course.)
as a victim of identity theft, she has seen her RBC bank accounts looted three times, amounting to tens of thousands of dollars. Why didn't
she change all her account numbers after the first time?

She calls it "an incredibly stressful" situation. 



> Each time, a fraudster walked into an RBC branch during business hours pretending to be <her>, *presented fake ID and was allowed to withdraw money from Johnston's account. *





> The *first time it happened in Toronto in 2012*, <she>was a law student. She was home studying when the call came from RBC telling her she had to get to her branch right away.
> 
> "I found out that somebody had gone into a branch and was impersonating me and had withdrawn quite a large sum of money from my student line of credit," she told Go Public.
> 
> ...





> He says there are sites on what's called "the dark web" where identity thieves can buy and sell identities for as little as 50 cents each. Keenan suspects her identification may have been sold over and over again.


----------



## carverman (Nov 8, 2010)

Beaver101 said:


> ^ Saw that news ... hard to believe that the bank would be that stoopid to just hand over the money without checking her account/identity "supposedly" tagged on file. But again, the stoopid RBC would ask for ID on your own issue-check, not surprised here. Sounds like an inside job, only so easy to clean out someone else account. If I recall correctly, one withdrawal was for $7,000 - what did the bank give the fraudster, all loonies?


Here's what I think. She may have written a check on her student LOC which probably had her name,address and the bank account number.
If that receiver of that check, or someone who took a photocopy of the check, they could use her id and the bank acct info on the check.

Easy as that. False ids such as drivers licence or some other such as citizenship certificates can be reproduced quite easily. 


> the thief used a driver's licence and a citizenship card with her information.


----------



## carverman (Nov 8, 2010)

carverman said:


> I don't have visa, but I insist on getting my CC statements in the mail.


UPDATE: Jan 21
After this discussion, and the sad plight of that RBC customer, I have decided to go paperless as of today.

Even though CP is converting to community mailboxes in my area this fall... I am disabled, and can't always get to my community
mailbox in the winter months..extreme cold and snow storms etc. 
So as of now all my banking, bill paying and CC information is paperless online.

There seems to be more fraud and id theft these days. 
I already shred all my statements and any mail with my name and address .
I only issue personal checks to people that I trust. I guess that's about all I can do to protect myself from ID fraud.


----------



## Eclectic12 (Oct 20, 2010)

carverman said:


> ... If you are careless enough not to keep your id and banking information a complete secret, sooner or later the thieves have ways to relieve you of your money ...


There have been reports of car dealers not keeping careful control of personal information, resulting in identity theft ... so where one is unlucky, one can be careful yet still have it happen.

In the truly painful cases - the credit agencies have it flagged yet CC's are being opened/charged as late as twenty years later.




carverman said:


> ... There seems to be more fraud and id theft these days.


Low risk, high reward and as the financial places streamline their processes to be fast/easy/customer friendly - what little review is being cut back in the name of convenience.


Cheers


----------



## Userkare (Nov 17, 2014)

carverman said:


> Did you have the correct account number on the withdrawal slip? That is usually enough for them to give you the money. The bank tellers these
> days are part timers and I don't think they start looking at the video footage first for further identification clues.
> I you are "Mr so and so" or Mrs/Ms So and so:, "warm and vertical",that is probably enough for them, if the person you represent has an
> account at that branch.
> ...


I should have mentioned that I handed her my client card; it has no picture on it. I didn't fill any withdrawal slips; they don't even have them any more at that branch. I was expecting to be asked to enter a PIN on the keypad right there on the counter, so they would know that it wasn't just someone who found my wallet. I was surprised when I wasn't asked, so I spoke up. Her humourous response probably had a small grain of truth - they don't want you to know that they have covertly taken your photo, and that it appears to the teller when she accesses your account on her computer screen. Would that be so hard to believe? I know they're not paid to be detectives, but how hard would it be to match a photo to a person standing in front of them? How else would she know who I was, as you say, unless I went to that bank at the same time every day.


----------



## carverman (Nov 8, 2010)

Userkare said:


> I know they're not paid to be detectives, but how hard would it be to match a photo to a person standing in front of them? How else would she know who I was, as you say, unless I went to that bank at the same time every day.


Do all branches of every major bank have identity scans that can match the 'customer' against their stored records? I can see perhaps someday a fully digital system that will do a facial recognition scan (like the crime show fingerprint comparison systems) be installed to pick out enough facial detail to determine if the "customer" is the real person that holds the account or a fake.

There are so many things that can be used to disguise the appearance of a person. Wearing glasses for one, changing hair length or hair styles or women colouring their hair and wearing coloured contact lenses to defeat the banks video records.

What is needed to be more foolproof is a retinal scan or fingerprint recognition system.
It's hard to change your fingerprints or your internal eye details and this would stop ID theft in it's tracks..but is society ready for this?

Right now the stigma to have your fingerprints checked is like being hauled down to a police station and being booked.
Someday it may come though. One bank is already experimenting with CC cards that have a heart rate monitor.


----------



## Beaver101 (Nov 14, 2011)

^ What happened to the "*we take this (ID theft) matter very seriously*" response and then allow the incident to happen 3 times! Not once, or twice but 3 times! If we can't entrust our banks to handle such a serious matter the first time around, something is really wrong - with them! Not the customer.


----------



## Beaver101 (Nov 14, 2011)

Userkare said:


> I should have mentioned that I handed her my client card; it has no picture on it. I didn't fill any withdrawal slips; they don't even have them any more at that branch. *I was expecting to be asked to enter a PIN on the keypad right there on the counter, so they would know that it wasn't just someone who found my wallet.* I was surprised when I wasn't asked, so I spoke up. Her humourous response probably had a small grain of truth - they don't want you to know that they have covertly taken your photo, and that it appears to the teller when she accesses your account on her computer screen. Would that be so hard to believe? I know they're not paid to be detectives, but how hard would it be to match a photo to a person standing in front of them? How else would she know who I was, as you say, unless I went to that bank at the same time every day.


 ...the branch you're banking is either laxed or the teller hasn't been trained properly ... the branches I deal with always asked for my client card and to punch in the PIN even I go back to the same teller 5 minutes later ... and if I was deposit a cheque, they would have have the discretion of asking for a picture ID ... and if the amount exceeds $3,000 (at their discretion or authority level) say, they would call the manager to authorize that deposit even. It would seems either there are alot of inconsistencies in bank practices or something else (internally) is going on in that bad-fraud case above.


----------



## carverman (Nov 8, 2010)

Beaver101 said:


> ^ What happened to the "*we take this (ID theft) matter very seriously*" response and then allow the incident to happen 3 times! Not once, or twice but 3 times! If we can't entrust our banks to handle such a serious matter the first time around, something is really wrong - with them! Not the customer.


Customer service..what is that these days? The major banks are no different. Sure they take all the precautions necessary to protect themselves from fraud..as that cuts into their profit margins, but as far as their customers...not so much. 

The onus these days is on the bank customer to protect themselves, be proactive to ensure that fraud, which happens from time to time, doesn't repeat itself like it did in the RBC case. 

Usually, changing the bank accounts is the way to go. Yes, it's a bit more involved when automatic debits and deposits go into the compromised account..but you have to assume that once the account(s) are compromised (even if the bank returns the money through CDIC), it can happen again if nothing is done to prevent it.

In her case, it happened again, and it appears she did nothing about it the first time it happened, so she was a prime target for the second time. She still did nothing about it after the second time, and set herself up for the third time...duh!!!

Even if she was reimbursed by RBC the first time, she should have taken the necessary precautions.
Second time, she should have been switching banks and her accounts.

Now, apparently after the third time, she is switching banks..finally.


----------



## Beaver101 (Nov 14, 2011)

carverman said:


> Customer service..what is that these days? The major banks are no different. Sure they take all the precautions necessary to protect themselves from fraud..as that cuts into their profit margins, but as far as their customers...not so much.
> 
> The onus these days is on the bank customer to protect themselves, be proactive to ensure that fraud, which happens from time to time, doesn't repeat itself like it did in the RBC case.
> 
> ...


 ... yes she did do something - changed her account as per the post above:



> - ... She said the fraudster took $26,000. The bank gave her the money back and launched an investigation. *She had to go through the process of changing all her accounts and her automatic payments, and had to pay the associated fees*.


 ... and the nerve of the bank making her pay all associated fees. The only fault I can see of her is she didn't change the damned bank!


----------



## carverman (Nov 8, 2010)

Beaver101 said:


> ... yes she did do something - changed her account as per the post above:
> 
> ... and the nerve of the bank making her pay all associated fees. The only fault I can see of her is she didn't change the damned bank!


yes, my mistake, apparently according to the article, she did change her accounts after the first time. So it appears that she was a victim of identity theft and the fraud artist knew that she still had an account with RBC. 

There wasn't enough security at these RBC branches to detect a fraudulent withdrawal. 

http://www.cbc.ca/news/canada/briti...-looted-3-times-by-identity-thieves-1.2901012


----------

