Skip to main content
Join Now
 

DUCA’s dedicated fraud team works to prevent, detect, and investigate fraud. Our daily business activities and due diligence practices include these security measures:

  • Regularly updating fraud detection and prevention systems and measures;

  • Ensuring our monitoring systems, controls, and security technologies are up-to-date and complemented by rigorous security procedures;

  • Proactive communications with Members to ensure transactions are legitimate.

DUCA’s online banking system is built upon a robust security framework so Members’ accounts and information are kept safe from unauthorized access. The following are some of the measures in place for online protection:

  • 2-Step Verification: 2-Step Verification is the new heightened industry standard for account protection. It means that when you log in to your online banking profile with your Member Card and Password, prior to gaining access to your account, you will receive a verification code sent by text, voice call and/or email.  You then have 10 minutes to enter that code to access your online profile. Failure to correctly enter the verification code after a few tries shuts out the user from further attempts and access is denied until re-instated by DUCA.

  • Encryption through SSL Technology: Secure Socket Layer (SSL) technology encrypts information as it moves from a Member’s computer or device to our online banking system ensuring a secure connection between a user and our banking site.

  • Account Alerts: Members may choose to receive alerts by email or text whenever their account is accessed. For example, when log-in information is changed, if an additional payee or e-transfer recipient is added, and more. Alerts exist to ensure Members are aware of changes and can react quickly if they are not the one who initiated the change.

  • Multiple Levels of Security: Firewalls and multiple levels of server security are in place, internally and externally, to protect our online environment.

  • Password: A password is required for online banking. (This is different from your debit card PIN number) 

    • Use a strong, unique password that you don’t use for other accounts

    • Make your password long and hard to guess (avoid names, birthdays, or common words)

    • Never share your password with anyone

    • Change your password regularly

Fraudsters often create urgency and ask you to act quickly. If something feels off, stop and verify before taking action.

Bank Investigator Scam
A fraudster contacts you claiming to be from your financial institution’s fraud or investigation team. They may say your account has been compromised and ask for your help in an “investigation.” To gain your trust, they might ask you to share account details, move money, or follow specific instructions to “protect” your funds. In some cases, they may even tell you not to contact your branch. The goal is to trick you into giving them access to your money or personal information.

What to do: Do not share information or move money. Hang up and contact your financial institution directly using a trusted phone number.

Fake Website Scam
Fraudsters create a website that looks almost identical to your financial institution’s real website. You may be directed there through a link in a fraudulent email, text message, or online ad. The site may look legitimate, but it is designed to capture your login details, passwords, and personal information. Once entered, this information can be used to access your accounts and steal your money.

What to do: Always access online banking by typing www.duca.com directly into your browser—never use links in emails or texts.

Tech Support Scam
Someone calls, emails, or shows a pop-up claiming your computer has a virus. They may ask for payment or access to your device, but their goal is to steal your information or money.

What to do: Do not interact—close the message and do not allow access to your device.

CRA Scam
Fraudsters pretend to be from the Canada Revenue Agency and say you owe money or must act immediately. They may threaten fines or legal action.

What to do: Do not respond. Contact the CRA directly using an official phone number.

Charity / Fundraiser Scam
Scammers pose as charities and ask for donations, often after disasters or during the holidays. The charity may not be real.

What to do: Only donate to verified charities you trust.

Emergency / “Grandparent” Scam
Someone pretends to be a family member or friend in trouble and asks for urgent money. They rely on panic and emotion to pressure you.

What to do: Hang up and contact your family member directly using a known number.

Credit Card Scam
A caller claims your card is compromised and asks for personal information or tells you to take certain actions to “fix” it.

What to do: Hang up and call the number on the back of your card.

Lottery / Sweepstakes Scam
You’re told you’ve won a prize you never entered and must pay fees or taxes to claim it.

What to do: Do not send money—legitimate winnings do not require upfront payment.

Overpayment Scam
Someone sends you more money than expected—often by cheque or e-transfer after buying something from you (for example, through an online marketplace). They then ask you to send back the extra amount. Later, you find out the original payment was fraudulent and has been reversed, leaving you responsible for the money you sent.

What to do: Do not send money back. Always confirm the original payment is legitimate and fully cleared.

Work-from-Home Scam
You’re offered a job (such as a mystery shopper or account manager) and sent money in advance. You’re then asked to send some of it back or use it for tasks. The original payment is fake, and you’re left out of pocket for anything you send.

What to do: Do not send money. Legitimate employers will never ask you to move or return funds.

Investment Scam
You’re promised high returns with little or no risk. After you send money or pay fees, the investment turns out to be fake.

What to do: Always research and verify before investing.

Inheritance Scam
You’re told you’ve inherited money from someone you don’t know and must pay fees to receive it.

What to do: Do not send money or share personal information.

Death Benefit Scam
You receive a message saying you’re entitled to a payout or benefit and are asked for personal details or payment to access it.

What to do: Do not respond. Verify the claim through a trusted source.

Scammers Rush You

Scammers create fear or urgency, so you don’t have time to think or verify. They may say:

  • “This is urgent”
  • “It’s an emergency"
  • "You owe money and must pay now”

Scammers Ask for Payment in Unusual Ways

Scammers often request payment methods that are hard to trace or recover. Be cautious if asked to pay with:

  • Gift cards
  • Bitcoin or cryptocurrency
  • Wire transfers
  • Cash sent by mail

Scammers Ask for Personal Information

Scammers try to access your accounts by asking for information you should never share. This includes:

  • PINs, passwords, one-time passcodes, verification codes
  • Credit card numbers
  • Debit card numbers
  • Social Insurance Number

Scammers Offer Deals That Are “too good to be true”

Scammers lure people in with offers that sound exciting but unrealistic. They may say:

  • “You’ve won a prize!”
  • “Get concert tickets for 80% off”
  • “Get a 1-year GIC for 12%”

Scammers Impersonate Loved Ones — Sometimes Using AI Voices

Scammers pretend to be a family member or close contact, sometimes using AI‑generated voices to sound real. They often claim an emergency and pressure you to act quickly. They may say:

  • “It’s your favourite grandkid. I’m in trouble.”
  • “I’ve been in an accident and need money right away.”
  • “Please don’t tell anyone — I’m scared.”

Scammers Pretend to Be Trusted Organizations

Scammers pose as banks, government agencies, or companies to gain credibility and collect information or money. They may say:

  • “This is the fraud department. We need to verify your account. Please read the number on your card.”
  • “Your package is on hold. Click this link to reschedule delivery.”
  • “This is tech support. We’ve detected an issue with your computer. Please install this software to let us take a look.”
  • “This is the police department. There is a warrant in your name due to unpaid fines.”

Scammers Send Messages with Errors

Fraudulent messages often look slightly “off” if you look closely. Watch for:

  • Poor spelling or grammar
  • Strange email addresses or phone numbers
  • Website links that look unusual
  • Messages that don’t match past communications

Scammers Create Fake Problems

Scammers contact you unexpectedly and claim something is wrong to get your attention and trigger panic. They may say:

  • “There’s a problem with your delivery”
  • “Your account has been locked”
  • “Unusual activity has been detected”
  • “Your computer or phone has been hacked”

 Scammers Tell You to Keep It Secret

Scammers try to isolate you so no one can warn you. They may say:

  • “Don’t tell anyone”
  • “This is confidential”
  • “You are the chosen one”

Scammers Make Messages Look Real

Scammers use technology and AI to disguise who they are and make emails, texts, and phone calls appear trustworthy.

  • AI can write professional‑looking emails and texts that sound convincing
  • Caller ID can be spoofed to display the name or number of a real organization
  • Audio from social media can be used to create AI‑generated voice impersonations
  • Scammers may use real names or locations to sound believable and personal
Protecting your identity is a shared responsibility. While we have safeguards in place, you play an important role in keeping your personal information safe.
  • Shred documents with your personal information.
  • Use strong, unique passwords.
  • Update your software regularly. 
  • Enable Two-Factor Authentication.
  • Never click on unsolicited links.
  • Set up account alerts.
  • Monitor your accounts regularly.
  • Use caution when posting any personal information online.
  • Never share personal information with anyone – in person, over the phone, or online.
  • Do not carry your Social Insurance Number card in your wallet unless it is necessary.
  • If your wallet or purse is lost or stolen, contact DUCA immediately at 1-866-900-3822 to block your accounts and cards from use.
  • At least once each year, check the accuracy of your credit report. Contact Equifax or Transunion.
  • Protect your Personal Identification Number (PIN) by blocking the view as you enter your PIN. 


Call DUCA: 1-866-900-3822.

Call the Canadian Anti Fraud Centre: 1-888-495-8501

Call Equifax: 1-800-465-7166

Click here to read DUCA's Privacy Statement.

     

      

   

    


Need help?

Call Member Connect

1-866-900-3822

Email us

duca.info@duca.com

Join us

Rates & Fees

Careers

Contact us

FSRA

Site map

Online Banking

FAQ

Collabria Visa

Legal

Security & Privacy

Corporate reports

DUCA on the go

Follow us

Working to not only be the best in the world, but also be the best for the world.

 

 

 

Eligible deposits in registered accounts have unlimited coverage through the Financial Services Regulatory Authority (FSRA). Eligible deposits (not in registered accounts) are insured up to $250,000 through the Financial Services Regulatory Authority. Visit FSRA.
FSRA Deposit Insurance Brochure