Rogers Mastercard Email - Possible phishing attempt?
Over the past couple of weeks, I've received numerous "Please verify your Rogers Bank online account" emails that were definitely not initiated by me, as they usually come through in the early morning - anywhere between midnight and 8am, a few times around 3-4am in the morning. In several cases, I hadn't even logged into the Rogers Mastercard account the day before, so it wouldn't likely have been a delayed email from an earlier attempt by me either. And even when I did attempt a login, I've usually received the email within a minute or two, so I've never really had an issue of being unable to get in myself.
I've changed my password a couple times since this started happening, using the maximum 20 completely random characters including numbers and symbols, yet it has still happened after the password change. My password is created via a password generator, and saved offline only in my password manager app, so it's not an issue of the same password having been used elsewhere either. And I haven't had any issues with any other accounts, so it's not likely an issue with my password manager.
I tried calling the Rogers Bank Customer Service number, but they were of little help as they could only confirm that there had been no unauthorized transactions on the account, but they could not confirm where these access attempts were being initiated.
So my concern here is:
(1) whether there have been unauthorized access attempts on my online account?
(2) whether they have somehow been able to get through the first step of getting the password right (even after a password change), and therefore, initiating the 2FA email?
(3) in general, I'd just like to get some feedback as to whether other users have seen similar activity, or whether it's been just me.
Thanks everyone, as your insight would be appreciated.
Re: Rogers Mastercard Email - Possible phishing attempt?
Ahhhh, I think you've hit the nail on the head!! I think it may be Ampli.. as I've noticed that the card keeps getting unlinked there. I guess RBC hasn't figured out a way to get around 2FA yet, even though the account has been validated.
Thank you so much for the reminder, as I had completely forgotten about that one. Have a great rest of your day!