by Heather Cournoyer | Jun 19, 2026 | Claims, Crime, Cyber Insurance, Uncategorized
Identity theft rarely begins with a dramatic cyberattack.
More often, it starts during ordinary daily activities.
Checking a text message. Answering a phone call. Accepting a friend request. Selling something online.
It seems harmless enough.
Yet, many of today’s most common identity theft scams are designed to blend into our daily routines. Criminals have become very good at making scams look legitimate. Their goal is simple: gain trust long enough to collect personal or financial information.
The good news is that understanding how these scams work is one of the best ways to protect yourself.
Here are five of the most common identity theft scams affecting Canadians today.
1. The “Urgent Delivery” Text
You receive a text message saying there’s a problem delivering your package. You’re asked to click a link to confirm shipping details or pay a small fee.
The message looks legitimate, so you respond quickly.
Unfortunately, the link may lead to a fake website designed to steal passwords, credit card information, or banking details.
Protect yourself:
Never click links in unsolicited text messages. Instead, go directly to the company’s official website or app to verify delivery information.
2. AI Voice Fraud
This scam is one of the most disturbing because it feels incredibly real.
A parent or grandparent receives a frantic phone call that sounds exactly like a loved one asking for money immediately because of an emergency.
The voice may have been created using artificial intelligence from short audio clips found online.
These scams rely on panic, urgency, and emotion.
Protect yourself:
Create a family “safe word” that only close family members know. If you receive an urgent request, ask for the safe word before taking action.
3. Cloned Social Media Profiles
A familiar face sends you a friend request. The profile looks authentic, so you accept.
Soon after, they begin asking questions, sending links, or encouraging you to continue the conversation elsewhere.
The problem? The account is fake.
Criminals often duplicate legitimate profiles to build trust and gather personal information.
Protect yourself:
Double-check connection requests, especially if you believe you are already connected to that person. When in doubt, verify directly with them.
4. Workplace Email Scams
An employee receives an urgent request appearing to come from management asking for payroll records, banking details, or a wire transfer.
Because the request feels legitimate and time-sensitive, the employee responds quickly.
Only later does the organization discover the request was fraudulent.
These scams can affect not only businesses, but employees personally if sensitive information is exposed.
Protect yourself:
Always verify requests for sensitive information through a separate trusted channel before responding.
5. Online Marketplace Fraud
You list an item online for sale. A buyer immediately offers payment and sends a link to complete the transaction.
The process appears professional, but the link is actually designed to collect banking or personal information.
Protect yourself:
Use trusted platforms and avoid sharing unnecessary personal information. Be cautious of buyers who pressure you to act quickly or move conversations off the platform.
The Common Thread: Trust
The common thread in all of these identity theft scams is not technology. It’s trust.
Scammers succeed because they create urgency, familiarity, and emotional pressure that cause people to react before thinking.
The good news is that slowing down, verifying information, and staying cautious can dramatically reduce your risk.
When something feels urgent, unexpected, or too good to be true, take a moment to pause and verify before responding.
That small pause can prevent enormous damage.
Coming Next
This is Part 2 of our 4-part series on Privacy and Identity Theft.
In our next blog, we’ll explore why cybersecurity tools alone are not enough and discuss five simple habits that can help protect both businesses and families from identity theft.
Missed Part 1? – Read: Protect Yourself fro Identity Theft – It Starts with You!
About the Author
Marlene Lane is the Principal Consultant at LANEiQ Consulting, based in Sherwood Park, Alberta. LANEiQ Consulting helps small and mid-sized businesses and non-profit organizations build privacy practices and people systems that protect trust from the inside out. Because when people and privacy are aligned, organizations function better; and the people within them feel it.
Connect with Marlene on LinkedIn
by Heather Cournoyer | Jun 2, 2026 | Crime, Cyber Insurance, Personal Insurance
When most people think about identity theft, they picture sophisticated hackers breaking into computer systems from dark rooms halfway around the world. It’s important that you protect yourself from identity theft.
While cybercrime certainly exists, the reality is often much simpler — and much closer to home.Many cases of identity theft don’t begin with advanced technology at all.
They begin with people.
- A clicked link.
- A rushed decision.
- A reused password.
- A fake text message that looks legitimate.
That’s all it can take.
Today, our personal information lives almost everywhere:
• online shopping accounts
• banking apps
• payroll systems
• healthcare records
• insurance files
• social media platforms
The convenience of digital life has made everyday tasks easier, but it has also created more opportunities for criminals to gather information piece by piece.
According to the Canadian Anti-Fraud Centre, Canadians reported more than 112,000 fraud cases in 2025, with losses exceeding $704 million. And experts believe many more incidents go unreported.
What’s especially concerning is that identity theft often starts with information we don’t think twice about sharing:
• birthdates
• addresses
• employment details
• usernames
• phone numbers
Individually, these details may seem harmless. Together, they can be used to impersonate someone, access accounts, or commit fraud.
One of the most common examples today is the fake delivery text scam.
You receive a text message that appears to come from a shipping company asking you to confirm delivery details. The message looks professional, so you click the link and enter your information. Days later, unauthorized charges appear on your account.
Another growing threat happens in the workplace.
An employee receives what appears to be an urgent email from a manager requesting payroll information or a wire transfer. The request feels legitimate and time-sensitive, so it gets processed quickly — only to later discover it was fraudulent.
These scams succeed because they rely on human behaviour:
• trust
• urgency
• distraction
• fear of making mistakes
That’s why identity theft is not just a technology issue. It’s a people issue.
Technology can help protect systems, but awareness protects trust.
One of the best habits anyone can develop is simple:
Pause before reacting.
If something feels urgent, emotional, or unusual:
• stop
• verify
• confirm through another channel
That small pause can prevent enormous damage.
For more helpful security tips check out – Cyber Crime – How to Protect Yourself.
In our next blog, we’ll look at five everyday scams Canadians are falling for right now — including AI voice fraud, cloned social media accounts, and online marketplace scams — and what you can do to protect yourself before it happens.
This is part one of a three part series authored by Marlene Lane, MBA, CIAPP-P
About the Author
Marlene Lane is the Principal Consultant at LANEiQ Consulting, based in Sherwood Park, Alberta. LANEiQ helps small and mid-sized businesses and organizations build privacy practices and people systems that protect trust from the inside out, because when people and privacy are aligned, organizations function better, and the people within them feel it.
Connect with Marlene on LinkedIn
by Heather Cournoyer | Dec 13, 2024 | Claims, Cyber Insurance
As cyberattacks become more frequent and severe, it is increasingly essential for organizations to practice good cyber hygiene to minimize their risk exposure. Cyber hygiene refers to habitual practices ensuring critical data and connected devices are handled safely. Here are some helpful tips for you.
Daily routines, good behaviors and occasional checkups can make all the difference in ensuring an organization’s cyber health is in optimal condition. The following are essential parts of cyber hygiene:
• Passwords—The use of strong and complex passwords—containing at least 12 characters and a mix of upper- and lower-case letters plus symbols and numbers—that are changed regularly is an essential cyber hygiene practice. Users should avoid sharing passwords or repeatedly using them across different accounts.
• Multifactor authentication—Important accounts, including email, social media, and banking apps, should require multifactor authentication to limit the opportunity for cybercriminals to steal data.
• Data backups—Essential files should be backed up separately, such as on an external hard drive or in the cloud. Remember, having your data stored in the cloud does not mean it is secure. You still need a regular backup of that data!
• Firewalls—A network firewall prevents unauthorized users from accessing company websites, email servers, and other sources of information accessed through the Internet.
• Security software—High-quality antivirus software can perform automatic device scans to detect and remove malicious software and protect against various online threats and security breaches.
• Software Updates –Always immediately apply all updates and patches for relevant software.
• Employee education—Employees are one of an organization’s most significant cybersecurity vulnerabilities. Workforce cybersecurity education is essential to teaching employees to identify phishing attacks, social engineering, and other cyberthreats.
• Social Engineering
1. Verify all payment changes by phone. Use a trusted phone number already on file—not one provided on the invoice or email. This step is a condition or warranty of your policy coverage.
2. Secure your email accounts. Use Multi-Factor Authentication (MFA) and remind employees to approve MFA requests only when they initiate them.
3. Communicate with your partners and clients. Let them know that you will always confirm banking changes by phone and encourage them to adopt similar protocols.
4. Test small transactions first. Send a small test payment to confirm new or updated banking details before transferring larger amounts.
For more information on how Cyber Privacy and Crime Insurance can provide additional protection, contact Heather at 587-597-5478 or heather@thorinsurance.ca
by Heather Cournoyer | Jan 17, 2024 | Business Insurance, Cyber Insurance
Did you know cybercrime is now considered the new ‘fire’ in the business world? Protecting your company is crucial, especially with over 72 percent of businesses affected by ransomware attacks in 2023. Here are some eye-opening facts:
- You are nine times more likely to have a cyber attack than a property claim.
- 60% of companies go out of business after a cyber-attack.
The costs of a cyber claim can be devastating!!
- Loss from operational disruption
- Remediation and recovery expenses
- Legal fees
- Hiring of expert teams
- Regulatory fines
- Ransom payment, if you choose to pay it
- Reputational harm
- Loss of customer loyalty
Enter Cyber Insurance
This is crucial in safeguarding your business from fraud, system shutdowns, and lockouts. CFC Underwriting, a Lloyd’s of London Syndicate and market leader in cyber insurance, offers a comprehensive Three-Pillar Solution.
Through vulnerability scanning, threat monitoring, and claims data, they are used to identify risks. They provide instant support through their Response app, eliminating threats before they develop. “Kindly take a look at these tips as well!”
A qualified world-class team of experts who jump in to help you – available 24/7, responding within 15 minutes to triage incidents, contain threats, and get businesses back online.
That’s the insurance piece where that provides the coverage for breaches, attacks, and the cost of recovering your data, plus additional costs to re-create data and applications.
Cyber insurance is a supplement, not a replacement for your existing IT teams. It’s like adding sprinklers and fire alarms to your building – essential for comprehensive protection.
The Costs
Your current protection levels, business size, and employee count influence premiums. Considering the average cost of a privacy breach exceeds $200 per customer, investing in cyber insurance is an investment in your company’s long-term viability. Moreover, the cost of cyber insurance protection could be as low as $100 per month!
What’s Next?
Let’s discuss how we can tailor Cyber Privacy and Crime insurance options for your business. Get in touch to discuss securing your company’s future.
Please email me at heather@thorinsurance.ca or phone at 587-597-5478
by Heather Cournoyer | Feb 18, 2023 | Business Insurance, Claims, Coinsurance, Commercial Liability, Commercial Property, Cyber Insurance, Deductibles, Premiums
Why on earth would someone spend time writing a “primer” for business owners on commercial insurance?
I mean, think about it. What do we usually hear about insurance?
-
“Insurance is like marriage. You pay, pay, pay, and you never get anything back.” Al Bundy
- Or,
“It’s a rip-off, and insurance companies are just out to make money.”
And finally,
-
“The wordings are so confusing and full of fine print.”
Every one of those statements does hold some truth. Sometimes you do pay and never get anything back. That makes some sense. The whole premise of insurance is that “the premiums of the many go to pay the losses of the few.” You may go through your lifetime and never have a claim. You didn’t receive any money from the insurer. However, the insurer was there for you in case you did. Is that different from paying Employment Insurance all your life and never being out of a job?
As for insurance companies, out to make money that makes sense too. Aren’t you in business for the same reason?
The last statement about confusion is almost bang on. The contracts can be confusing, so you must understand the wording of that policy. It’s a contract between you and the insurer. You pay a premium to transfer some business risks to the insurance company.
There is no doubt that insurance can be confusing, and therein lies the reason why you need to take some time and learn more about how you can protect your business.
Help is here!
Join me once a month to keep pace with news and views about protecting your business. Sign up for the newsletter and then download your free copy of “Taking the Mystery out of Commercial Insurance.” Oh, and I promise I won’t be spamming your inbox.
by Heather Cournoyer | Jun 12, 2020 | Cyber Insurance
Many insurance companies are including limited cyber coverage in some commercial package policies on the market today. You need to be aware that this coverage is not intended to provide the higher levels of protection required to cover the varied cyber incidents occurring these days.
Just as you secure your premises to attempt to avoid having a loss, it’s just important to secure your IT systems. In the event you do suffer a cyber-attack, having a solid cyber insurance policy can provide coverage for both first party and third-party losses.
First Party losses are costs that must be born by you, the insured. This can include:
- Breach Costs
- Data Damage
- Network Failure and resultant Business Interruption
- Outside provider/cloud service provider failure
- Cyber extortion and ransomware
- Customer attrition
- e-Theft
Third Party losses are those costs that you will be liable for as a result of the cyber breach:
- (Network) Privacy and confidentiality liability
- Privacy and network security liability
- Multimedia Liability
- Technology Errors &Omissions
- Payment Card Industry Data Security Standard losses (PCI DSS
Additional costs for such expenses incurred in crisis management, fraud response, public relations and forensic and legal may also be included in the protection depending on the insurance product purchased.
Premiums will be determined based on a number of factors including:
- Type and amounts of coverage required
- Industry and business type
- Size of the business
- Type of data stored on the network
- Risk mitigation and security measures taken by your company
- History of cyber-attacks
- Privacy policies
An insured loss whether it be to your physical property, a third-party liability claim or a malicious cyber event can put you out of business.
For more information about commercial insurance in Sherwood Park, feel free to contact Heather Cournoyer at heather@thinkinsure.ca or 587-597-5478. My business is protecting yours!
