As part of our commitment to keeping your account and personal information safe and secure, we’ve assembled some useful tips for spotting fraudulent email.
Phishing and spoofing
Phishing and spoofing emails look like official Bank of America emails and try to trick you into visiting a fake website and providing your personal account information. These emails may also ask you to call a phone number and provide account information. See an example of a fraudulent email
Ways to identify phishing and spoofing emails include:
- Links that appear to be Bank of America links but aren’t. If you place your cursor over a link in a suspicious email, your email program most likely shows you the destination URL. Do not click the link, but look closely at the URL: A URL that is formatted bankofamerica.fakewebsite.com is taking you to a location on fakewebsite.com. Just because “bankofamerica” is part of the URL does not guarantee that the site is an official Bank of America site.
- Requests for personal information. Bank of America emails will never ask you to reply in an email with any personal information such as your Social Security number, ATM or PIN.
- Urgent appeals. We will never claim your account may be closed if you fail to confirm, verify or authenticate your personal information via email.
- Messages about system and security updates. We will never claim the need to confirm important information via email due to system upgrades.
- Offers that sound too good to be true. We will never ask you to fill out a customer service survey in exchange for money, then ask you to provide your account number so you can receive the money.
- Obvious typos and other errors. These are often the mark of fraudulent emails and websites. Be on the lookout for typos or grammatical errors, awkward writing and poor visual design.
If you receive a suspicious email that uses Bank of America’s name, forward it to us immediately at firstname.lastname@example.org.