The rest is up to you

At UFile, we have taken strong measures to ensure the security and the confidentiality of your tax information. However, it is equally important that you, the user take precautions to help keep your information safe and secure.

This document summarizes the main risks involved in using the Internet and the steps you can take to minimize these risks. While it includes links to Web sites that can offer more detailed information as well as useful products, please keep in mind that these links are provided for your convenience only. The products available have not been tested by, and are not endorsed by our company.

Safe Computing

Expand all

Use anti-virus software
You should always use up-to-date anti-virus software that is capable of scanning files and email messages for viruses, malware and Trojan horses. This can prevent your files from being corrupted or lost, and save you hours of frustration as you try to restore an infected computer system.

See also:
- Help protect your PC with Microsoft Security Essentials
- Microsoft Safety and Security Center
Use personal firewalls
Any computer or device connected to the Internet that is not properly protected is vulnerable to a variety of malicious intrusions and attacks.

A personal firewall will help protect you from such intrusion. Firewalls create a barrier between your computer and the Internet. A firewall can be a hardware device, a software application, or a combination of the two. Firewalls can prevent malicious attacks and block certain types of data from entering your computer or private network. They can also be set up to alert you if anyone attempts to access your system.

See also:
- Personal Internet Firewalls that really work!
- Microsoft; How to choose a firewall
Use strong passwords
Passwords are used by computer systems and websites to verify your identity. When you log in to a secure website using a password, you are granted appropriate access to available services and resources. If someone else knows or guesses your password, they can access the same resources under your identity. In other words, whatever you can do when logged into an Internet site, they can do just as easily.

Always choose unique passwords that include letters and numbers. Longer passwords that consist of eight or more characters and a mix of letters, numbers and special characters are much more difficult for an intruder to figure out than shorter, more straightforward passwords. You should also avoid choosing obvious passwords such as the names of family members or pets, birth dates, etc., which might be easy for others to guess.

Don't use the same password for everything. Cybercriminals steal passwords on websites with very little security, and then they try to use that same password and user name in more secure environments.

To protect you further, we will lock your account temporarily after a number of failed login attempts. We will also send notifications to the email address on file after certain account modifications, which could be evidence of a security problem.

See also:
- Microsoft Tips for creating Strong passwords
Keep your software up-to-date

Because the software you use and the Internet itself can impact the security of your online activities, you should watch for security bulletins that warn you about various security holes or bugs, which can harm the software you are using including your Web browser.

It is imperative that you visit the websites of your operating system and Web browser vendors periodically for software patches and updates. Some operating systems and other software can be configured to check for new updates automatically and/or provide for email notification of new security updates.

To access current Microsoft patches, please visit the Windows Update website.
Remember to log off and clear your cache
Once you have finished conducting online transactions or visiting secure websites, remember to properly log off and close your browser window. This will ensure that any information that is cached or stored on your computer or in your browser is erased. It will also prevent others from subsequently being able to view this information. This is especially important if you are sharing a computer with other people.

If you choose to leave your computer running after completing activities in an encrypted area of a website, you should still take the time to clear your cache, then quit and restart your browser in order to eliminate copies of Web pages that may have been stored automatically on your computer's hard drive. To protect you further, your online session will end after a period of inactivity (session timeout).

For more information on clearing or deleting your cache, please refer to the Help feature of your Web browser.

Avoid paying bills, banking, and shopping on a public computer (library or cybercafé), or on any device (such as a laptop or mobile phone) over a public wireless network (WiFi).

See also:
- Using public computers and wireless devices more safely
Protect yourself from fraud

When you read email or surf the Internet, you should be wary of scams that try to steal your personal information (identity theft), your money, or both. Many of these scams are known as "phishing scams" because they "fish" for your information.

Beware of email and web scams

Beware of phishing scams

Beware of fraudulent communications
Deal with reputable businesses and websites
Look for signs that the business is legitimate and that you are at the correct website. Companies can put third party seals on their sites if they abide by a set of rigorous standards including: site identification, malware scans, how personal information can be used and their compliance with the payment card industry data security standards (PCI DSS). Some seals to look for include: VeriSign, Norton Secure, BBB Online, McAfee Secure, TrustE and Trustwave seals.

Look for signs that your information is safe. Make sure the website uses SSL encryption (https 128bit+) and strong security authentication, such as VeriSign. Always look for "https://" and the padlock icon on websites that require personal information.

Make sure any secure website you use is undergoing regular vulnerability and malware scans and that your credit card information is also securely handled (PCI and DSS compliance). Do not let the site store your credit card information.

Read the privacy policy statement to make sure the company is dedicated to safeguarding your personal information.

See also:
- How to shop online more safely by Microsoft
Secure your downloaded tax information
The program enables you to download your tax return in the form of a ".pdf" file, which you can view and print using the Adobe Acrobat program installed on your computer.

Also available for downloading is your ".tax" file, which enables you to submit your federal tax return to the CRA via their NETFILE service. Quebec taxpayers may also download their ".mrq" file to submit their Quebec tax return to Revenu Québec via NetFile Quebec.

Because these downloads (.pdf, .tax and .mrq) contain your tax information as well as some of your personal data, you should take the necessary precautions to safeguard them should your computer system become compromised. If you are unable to remember where you saved these files, use the Search or Find feature from your Start menu to locate them on your computer. Their default names are "return02*.pdf", "net02*.tax" and "net02*.mrq" respectively.

Consider following these recommendations for safeguarding your .pdf, .tax and .mrq files:
- Save or move these files from your personal computer onto removable media such as a USB flash drive. Label and store this media securely along with your other confidential information. You may be required to produce these files again later on in the event of a dispute over the filing of your return.
  
  The program will continue to safely store your tax information online and you can return with your username and password to generate these files again, if need be. If you prefer, however, you can delete your files from the program servers by using the delete feature.
- You may want to use some of the tools available on the market to help secure your confidential data further. For instance:
  - Compressing your files into a password-protected ZIP file provides a measure of protection against casual users who do not have the password and are trying to determine the contents of your files. Some compression tools like 7-Zip now include strong encryption.
  - Encryption programs are available which allow you to encrypt and password-protect specific files or entire directories which contain all your confidential files. Some of these tools use strong encryption which can thwart more than casual hackers.
    
    For file compression and encryption software, see:
Beware of P2P file sharing networks
While facilitating file sharing and searching for multimedia files (.mpeg or .mp3), services like BitTorrent, Kazaa, Bearshare, Imesh and others do a poor job of preventing you from compromising potentially sensitive files (.doc, .xls, etc.). Users who appreciate the simplicity of downloading files provided by a P2P network can inadvertently allow access to their private data files such as email, tax reports, work-related spreadsheets, and other private documents. It is important that you review your file sharing settings when using such applications. These systems are often installed by children or young adults on the family's computer without any regard for the risk of exposing their parents' files to the rest of the world.
Test your computer for security vulnerabilities
If you are running any version of Windows, you probably share files and printers. The "NetBIOS file sharing port" is the single largest security hole for Windows workstations running on a network. For potential intruders, the payoff from finding open Windows shares is so important that many scanning programs have been written specifically for the purpose of finding open ports such as this one. Closing it should be a high priority for you.

There are several tools currently available on the Web that you can use to test your computer system for security vulnerabilities. For more information, see:
Additional resources
- Microsoft: Security and Privacy Basics for Home Users
- Staying Safe Online - Canadian Bankers Association
- Privacy & Identity Protection - Canada's Office of Consumer Affairs (OCA)
- Identity Theft: What it is and what you can do about it - Office of the Privacy Commissioner of Canada
- The CRA and Internet security
- Internet Safety Royal Canadian Mounted Police and other partners provide a collection of safety tips for kids and parents

Product Tour
Online | Windows
Which version is right for me?
Product Comparison
Need help?
Ask UFile
UFileFREE
More free returns
than any other
online tax program

The rest is up to you

Safe Computing

Products

News

Why UFile?

Tips & Tools

Help & Support