The Bank of America Email Scam: What It Is and How to Protect Yourself

Don't get pulled into this banking scam

Are you a Bank of America customer? Have you ever received an email that seems to come from the Bank of America and asks for you to click a link in order to be led to some other page where you’re supposed to ‘update your personal details’? You might be dealing with an online email scam.

What is the Bank of America Email Scam?

Customers of banks are often targeted by phishing emails seeking to get valuable personal information from them in order to steal their identities or money. Customers of Bank of America, in particular, are frequently targeted. This is expected, considering the fact that the Bank of America is one of the largest banks in the United States of America. This particular email scam doesn't seem to stop.

Bank of America Business Sign and Logo
Photo of a Bank of America Sign.

How Does the Bank of America Email Scam Work?

The email will typically have a curiosity-inducing headline, such as “Online Banking Alert” or “Password Reset Successful”. When you open it, the name in the sender field will be Bank of America, though the sender email is never a legitimate Bank of America email address. The email will also typically contain legitimate Bank of America colors and the Bank of America logo, further adding credibility to it.

The latest version of the email contains a message that tells you that the Bank of America has upgraded its servers and that you were locked out of your account as a result. It then proceeds to tell you that you need to update your account details in order to regain access to your account. It will provide a link for you click to do this and even a phone number to call in some cases.

Sometimes the message might be about some password reset that was done successfully and might ask you to click a link in order to confirm that you did indeed reset your password. Do not click the link or call the phone number in either case.

How Do the Bank of America Scammers Find Victims?

Scammers get lists of emails that they hope are still in use. They then send a scam email to this email list hoping that a portion of those emails will land in the inbox of legitimate but naïve customers of the Bank of America and be successful in convincing them to give up their private details. The only thing you should be clicking with enthusiasm is the delete button to get rid of the email for good.

How Do I Avoid Getting Involved in This Scam?

Never click the link or call the phone number given in the email. If you hover the cursor over the link, the full URL will show on the bottom left of your browser screen and it will show that the link isn’t a legitimate Bank of America link. The message will also typically contain typos and grammatical errors that an authentic Bank of America email would probably never contain. The phone number is usually placed there so you can call it and give your personal details, but Bank of America would never ask you to provide your personal details, either via phone or email, as they point out on their website.   

These are a few of the telltale signs that will let you know you are probably dealing with a phishing email scam. Additionally, if the email landed in your spam folder, then leave it there. Legitimate Bank of America emails will very rarely land in the spam folder. If you want to verify that your account details are up to date, open a new tab in your browser and type in Bank of America’s URL. Log into your account and check your account details from there. Do not click the link in the email to verify your account details.

I’m Already a Victim. What Should I Do?

If you are already a victim of the scam, then you need to contact your bank immediately to notify them of any fraudulent activity in your account.

Signs of fraudulent activity include the unauthorized withdrawal of funds from your account, bills for unfamiliar debt, new loans that you didn't apply for, and being denied credit unexpectedly. If any of this has happened, contact your bank immediately so they can close all accounts that were fraudulently used.

File a police report, depending on how serious the fraud was and keep the report with you in case you need to prove that you were a victim of fraud to your creditors.

Forward the scam email to abuse@bankofamerica.com so that Bank of America can know about it, investigate it, and inform other customers of such scams to prevent them from happening in the future. File a report with the Federal Trade Commission via spam@uce.gov.

How Do I Avoid Being Targeted for the Bank of America Scam?

Remain vigilant with your emails and watch out for the red flags of phishing scams as outlined above.

Make an effort to change your password every three months and use strong passwords with a capital letter, lowercase letters, numbers, and symbols. Lastly, don't click any links in these emails. Instead, report these scam emails and delete them.