View our basic tips to help you stay safe online, check current fraud scams that you should be aware of, and see an outline of what you should expect from us as a company.
Watch out for online contact from fraudsters who are offering victims the opportunity to take part in ‘get rich quick schemes’ by trading in financial instruments.
How a typical scam works:
If you have made a direct payment to someone who operates a social media account with the above characteristics and have suffered a financial loss, you may be a victim of online fraud.
You are advised to contact your local police and to report the incident to the Canadian Anti-Fraud Centre at 1-888-495-8501. For more information please visit antifraudcentre-centreantifraude.ca/report-signalez-eng.htm
When reporting, it’s helpful to have the following available:
Please note, CMC Markets employees will never:
If you choose to trade in financial instruments you should use an IIROC regulated firm. If you use an unauthorised firm you will be more at risk of a scam and your funds are not protected should things go wrong.
Be wary of advertisements online and on social media promising high returns for trading in financial instruments. If you have already invested in a scam, fraudsters are likely to target you again or sell your details to other criminals. The follow-up scam may be completely separate or related to the previous fraud, such as an offer to get your money back or to buy back the investment after you pay a fee.
It’s extremely important that you remain vigilant to security threats when online, and report anything to us that you feel may be suspicious.
See our 7 tips to stay safe:
Using passwords sensibly helps keep you safe and protects your online activity.
Keep passwords safe
Choose a good password
Consider a passphrase: instead of creating a string of letters, numbers and symbols, use words that tell a story. It can be easier to remember, while also making it difficult to guess. Learn more in this article.
We endeavour to adopt the latest technology and practices to maintain the security of your data and your account. This includes the protection of your data and ensuring secure access to your accounts and the trading platform.
Security is built into our products and platform, and we subject them to regular penetration testing by independent security experts to ensure any new features or releases meet our high standards. Any identified security issues are reviewed and quickly resolved.
Protecting your data
We appreciate that when you open an account and share your data with us, you trust us to handle your information with care. We’re committed to protecting the privacy of all personal information that we obtain from you, and fully comply with the standards introduced by Office of the Privacy Commissioner of Canada, known as the Personal Information Protection and Electronic Document Act (PIPEDA), which took effect on April 13, 2000.
Two-factor authentication, or 2FA, is an added layer of security that requires you to enter a verification code, as well as your password, every time you log in to your online account. You’ll receive a 'one-time password' (OTP) and then enter it when prompted, when logging into your account. You can choose to receive OTPs either through your mobile app, which will typically involve scanning a QR code on screen, or by SMS. Once you've switched on 2FA for your account, it will become a mandatory step in the login process every time you access your account, through our online trading platform and mobile apps. Learn how to set up 2FA here. Enabling this option protects your account so even if someone discovers your password, they can’t log in without the code, which is sent to your phone.
Security is a key priority for us – we have dedicated resources around the world to monitor for threats and respond to incidents.
Employee training and awareness
All our employees undertake a rigorous training programme on an ongoing basis, including regular reviews of all our policy documents, with assessments to prove understanding and awareness.
Third-party risk assessments
All our third-party providers are assessed before we engage with them, and any critical suppliers are reviewed on a regular basis to ensure they meet our standards and regulatory requirements.