Skip to main content
Privacy & Security

Merchant Compromise FAQs

  • Hide What is a merchant compromise?

    A merchant compromise is an organized theft of ATM, debit card or credit card information. When this happens, it’s usually because of a data breach on the part of a merchant or a merchant third-party processor.

  • Show How will I know when a merchant compromise happens?

    Bank of America receives information regarding potential merchant compromises from multiple sources such as Visa®, MasterCard®, American Express® and law enforcement agencies. If we believe your account is at risk for fraud, we will attempt to contact you using the contact information you’ve shared with us, so make sure that information is current. If we do contact you, please review and respond promptly.

  • Show What steps can I take to help protect myself against identity theft in the event of a merchant compromise?

    Here are some proactive steps you can take now to help protect yourself from identity thieves:

    • Review your credit report frequently and carefully by requesting a free copy of your credit report every 12 months from
    • Download the Bank of America Mobile Banking app  and allow push alerts for more secure communication about your accounts. Review and respond to alerts promptly. Keep your contact information, especially your cell phone number and email address, current. Turn on location services when making a purchase or signing in and allow location-based anti-fraud and security permissions.
    • Create complex passwords and PINs not easily associated with you, memorize them and use multi-factor authentication (for example: a password plus a one-time authorization code) where available. Use a strong, unique password for each of your accounts. Visit the What you can do tab on our Online Banking security page for tips on how to create strong passwords.
    • Equip your computer with comprehensive malware and virus protection software. We offer McAfee LiveSafe™ free to our clients for 12 months; it proactively helps prevent computers from getting or maintaining an infection. Sign in to Online Banking or enroll in Online Banking to take advantage of this special offer.
    • Consider using Trusteer Rapport™ browser-based security software from IBM. It will fix most malware if your computer is infected, and it warns you if you attempt to navigate to a risky site. We provide it at no charge to our clients. (Mac users: Please note that Mozilla Firefox is currently the only browser supported by Trusteer Rapport.)
    • Only download software or applications from well-known and trusted sources
    • Stay current with any operating system and software updates (sometimes called patches or service packs) for your computer
    • Avoid clicking on links from unknown sources found within text messages, online, and in suspicious emails

    Various security pages on our site, for example Online Banking Security and Credit & Debit Card Security, contain specific information under the What you can do tab on the page. You should also familiarize yourself with our privacy notices and watch the short Keeping your financial information safe video from Better Money Habits.

Report suspicious activity

  • In your email:
    We’ll never ask you to send us personal information such as an account number, card PIN or Social Security or Tax ID over text or email. If you do receive a request like this or any other suspicious phishing email, please forward it to us at We will only reply to your message if we require additional information.
  • In a text:
    Forward it to us immediately at Include the number the message came from and a copy of the message itself. Our team reviews all submissions; we will only reply to your message if we require additional information.
  • By phone:
    Contact us immediately to verify the validity of the message.
  • On your statement:
    To report fraudulent activity on your Bank of America account, call 800.432.1000.