Below is a vivid case on Phishing e-mail disguised as an official notice from Bank of America.
Types of online fraud listed by Bank of America
Phishing and spoofing
Sometimes criminals may send you email that looks like it has come from Bank of America. These phony emails ask you to go to a Website that also looks like Bank of America and provide your personal account information. These emails may even ask you to call a phone number and provide account information. But the Website is a fake. See an example of a fraudulent email.Opens new window
- Asking for personal information should raise a flag since Bank of America emails will never ask you to reply in an email with any personal information, such as your Social Security number, ATM or Debit Card PIN.
- Urgent appeals claim that your account may be closed if you fail to confirm, verify or authenticate your personal information. Bank of America will not ask you to verify information in this way.
- Messages about system and security updates claim that the bank needs to confirm important information due to upgrades and state that you must update your information online. Bank of America will not ask you to verify information in this way.
- Offers that sound too good to be true often are. You may be asked to fill out a short customer service survey in exchange for money being credited to your account, and you are then asked to provide your account number for proper routing of the supposed credit. Bank of America will not request your information in this way.
- Typos and other errors are often the mark of fraudulent emails or websites. Be on the lookout for typos or grammatical errors, awkward writing and poor visual design.
To protect against phishing and spoofing:
- Always look for your SiteKey® when you sign in to Online Banking.
- Make sure you are at Bank of America’s Website when you sign in to Online Banking. SiteKey helps with this, but you can also type http://www.bankofamerica.com in your browser. If you’re using a secure browser, it will turn your address bar green.
- If you receive a suspicious email, do not click on any links or reply to it. Simply delete it.
- To report a suspicious email that uses Bank of America’s name, you can forward it to firstname.lastname@example.org.
Money mules are unsuspecting victims who become middlemen for criminals trying to launder stolen funds. Victims are lured by the promise of a new career opportunity making large sums of money for minimal work. Criminals recruit money mules, send them stolen money and then ask the money mules to wire or transfer the money unwittingly to the criminals. Using the money mule masks the criminal’s identity.
The money mule may keep a commission for performing the transfer or wire. The victims of these scams may not only have their bank accounts closed and financial reputation ruined, but are often left financially responsible for returning the stolen funds.
Common signs of a money mule scam:
- Overseas companies requesting money transfer agents in the US
- Opening new bank accounts to receive money from someone you don’t know
- Accepting large sums of money into your personal bank account for a new job
- Transferring or wiring funds out of your personal bank account to people you do not know
Malware, short for “malicious software,” includes viruses, spyware and trojans that are designed to infiltrate or damage a computer system. Malware is often used to steal personal information and commit fraud. There are several easy ways to minimize the risk of malware:
- Downloads from file sharing and social networking sites can be distributions points for malware
- Attachments and free software from unknown sources shouldn’t be opened or installed
- Pop-up advertisements asking for personal or financial information are likely fraudulent, so it’s better to close them
- Updated security and system software can protect your computer from malware threats
Vishing uses Voice over Internet Protocol (VoIP) to call, leaving an automated recording. It alerts the consumer that their account has experienced unusual activity. The message instructs the consumer to call the same phone number shown in the spoofed caller ID with the same name as the financial company they are pretending to represent. And sometimes, criminals who try to get consumers to turn over personal data send emails and text messages containing fraudulent phone numbers.
Rather than provide any information, you should contact Bank of America at the customer service number you normally use to verify the validity of the message.
Tips for keeping your personal information secure
- Never respond to urgent emails or text messages claiming to be from Bank of America that request your account information or personal details.
- Use an Online ID and password for your financial account that is different than what you use for accessing other online services such as merchants, utilities, and email.
- Keep your computer operating system and browser up to date with the latest versions and patches.
- Do not open attachments or install free software from unknown sources. This may expose your computer and the information on it to unauthorized sources.
- Review your banking and credit card activity at least once a month to ensure there is no fraudulent activity on your accounts. Notify us immediately if you see suspicious activity.