Fraud attempts are typically accompanied by recurring red flags. Watch out for the following telltale red flags:

• • Unusual transfer requests: Fraudsters may ask you to transfer money to yourself or request changes to payment instructions.
• • Urgency: Criminals use urgency or invent emergencies to elicit an emotional response, thereby causing you to take hurried, less considered action.
• • Grammatical errors: Altered email addresses and incoherent writing styles or misspellings within emails are a common sign of attempted fraud.
• • Lofty promises: Fraudsters lure potential victims with promises of cash or high investment returns. If it sounds too good to be true, it is very likely a scam attempt.
• • Contact from an unknown person: Imposters initiate random requests via text, email or social media. Watch out for common names, which are used to confuse their targeted victims.

See our page on Reporting Fraud or Identity Theft for some helpful information.

Phishing is the fraudulent practice of convincing someone to reveal sensitive information or data by disguising oneself as a trustworthy source or entity through social engineering. Today, phishing can take place through various channels such as a voice or video call (“vishing”), text message (“smishing”) and even fraudulent QR codes (“qishing”).

Malware, or malicious software, is used by criminals and hackers to take control of a device for such purposes as stealing sensitive information and/or interfering with the normal operation of the device.

A device can become infected by malware through clicking on links or attachments in phishing emails, loading infected flash drives onto the device or clicking on links on the internet that take you to infected websites. The best steps to take to prevent your device from being infected by malware are to install antivirus software from a reputable vendor and keep your antivirus, operating system and browser software up to date.

Regulation E is a federal banking regulation that provides protection for consumers when they report fraudulent, unauthorized transactions occurring on their bank accounts through electronic channels. The regulation covers bank accounts owned by consumers and used primarily for personal, family and household purposes. It applies to electronic transfers such as ATM deposits and withdrawals, Visa debit card purchases of merchant goods and services by signature or PIN, direct deposits, preauthorized payments and similar electronic transactions. It covers purchases made over the internet using a debit card or a checking or savings account number, as well as other types of online banking transactions.

For the protections that apply when consumers report suspicious or fraudulent electronic transactions, please see the “Your Liability for Unauthorized Electronic Fund Transfers” section of the Consumer Account Disclosure and Agreement.

Since Regulation E is a consumer protection regulation, it does not apply to transactions on accounts owned by businesses or used for business purposes (such as accounts owned by sole proprietors, corporations, partnerships and other business entities). For more information regarding roles, responsibilities and protection on business accounts, please see the “Unauthorized Transactions and Errors” section of the Business Account Disclosure and Agreement.