How do e-Transfers work?
As long as you’re already signed up for online banking, it’s trivial to send money to anyone with a Canadian bank account.
You only need the recipient’s email address or mobile phone number. Then log on to your financial institution’s website or app and follow the steps on screen:
- Choose the amount you want to send.
- Pick the account you want the funds withdrawn from.
- Select the recipient, or add a new one to your list.
- Enter a security question that only the recipient knows the answer to.
When confirmed, the funds are instantly pulled from your account and are available to the recipient as soon as they accept the transfer. Only the notification is sent through email; the actual funds are settled through secure fund transfer networks.
It’s always free to receive e-Transfers, and if you use the right banking setup — like Scotiabank's Preferred Package or EQ Bank's Savings Plus Account — it’s also free to send. There will be a limit to the amount you can send, which will be based on your daily access limit.
You can also sign up to receive e-Transfers through auto deposit, which removes the need to check your email and answer the secret code.
Transfers are typically time-sensitive, so the recipient won’t be able to deposit the funds after the window closes. You can also cancel your e-Transfer, as long as you do it before it’s been accepted.
How to protect yourself against e-Transfer scams
Sending money with Interac e-Transfers is safe but not foolproof.
Even though money isn’t actually sent via email, there have been instances of transfers being intercepted and rerouted.
Here are five ways to keep your e-Transfers safe and secure.
1. Transfer with those you know
Stick with sending e-Transfers only to people or businesses you trust.
Transfers are like cash payments, and it’s very hard to dispute or reverse them once the recipient deposits the money.
The same advice goes for receiving e-Transfers. An Ontario student lost $1,000 in August 2020 when an e-Transfer he accepted for an online sale turned out to be fraudulent.
Be extra suspicious if the transfer is unexpected. If it comes from someone you don’t know, or you aren’t owed any money, don’t reply or click any links. Fraudsters will go to great lengths to try to legitimize their emails, even using company logos and similar addresses.
If the message comes from someone you know and trust, contact them in a different way to confirm the transfer is real.
2. Use a secure internet connection
If you’re banking on the go, use your cellular data instead of public Wi-Fi, which might leave you susceptible to hackers.
You should also avoid sending e-Transfers on shared computers — even a friend or family member’s computer or phone. They may not have adequate security settings or be prudently guarding against fraudsters.
3. Create strong security questions
You wouldn’t leave a safe unlocked, so don’t leave your digital cash unsecured with a poor password. Avoid common words, passwords you use for other websites or answers that are easy to guess.
Last year, a Peterborough, Ont. woman had her e-Transfer intercepted by a thief when she used the question, “Who is my favourite Beatle?”
Instead, use a challenging question that only you and the recipient would know the answer to. Otherwise, create a unique string of characters and numbers, but be careful sharing the answer. Don’t send it over email or give hints through the e-Transfer itself.
4. Try out auto-deposit
You can also guard against email fraud by signing up for auto-deposit. That way, transactions sent to your email address will automatically be deposited into your bank account.
It’s also more convenient, as you can skip the steps that require you to enter a password or answer a security question.
That means that even if fraudsters gain access to your email account, they can’t try to intercept the transfer.
5. Practice internet safety
The best chance fraudsters have to access your e-Transfer is by gaining access to your email account.
Be careful about the information you share online, including any personal information that hackers could use to access your accounts. You may want to consider using two-factor authentication for your email account.
You should also stay vigilant against phishing attacks, where thieves will try to target you with fraudulent emails that look legitimate in order to steal your personal data.