Related content

Privacy & Security
Close save Save

How to spot a suspicious email or text

Read, 2 minutes

Clicking a link in an email or text that isn’t what it appears to be could cost you or your business time and money. Fraud tactics are becoming increasingly sophisticated, and according to the FBI’s annual Internet Crime Report, cybercrime accounts for billions of dollars of losses to businesses and individuals each year. Use these tips to keep your information safe.

Know the red flags

Phishing attacks, typically communications that attempt to lure individuals into providing personal information, can be difficult to distinguish from legitimate emails. However, there are a number of clues. For instance, be wary of:

Subject lines that demand urgent or immediate action

Odd or unfamiliar senders

Unexpected requests

Close text version

Take a look at this example of a suspicious email and the signs it isn't legitimate

From: MyBank

Uses incorrect company name or email address.

Subject: Re: URGENT REQUEST

Attachment.doc

Dear Customer,

Doesn’t use your name.

We suspeck a unauthorized transaction on your account.

Has misspelled words or awkward wording.

To ensure that your account is not compromised, please click the link below and confirm your identity.

Asks you to verify or provide personal information.

Our records indicate your account was overcharged. Do not call us, to receive your refund, you must click on the link below ASAP.

Tells you not to call.

http://mybank.co.za/1233

Includes unusual URLs or ones that appear to be altered.

Article continues below

Related content

If you receive a suspicious email:

Do not click on any links, reply to the message or download any attachments.

Even if the link looks legitimate, it could be a phishing link in disguise. Always go to a company’s website by entering its correct URL directly in your browser or using their official app if one is available.

If you are a Bank of America customer, forward the email to abuse@bankofamerica.com and then delete the email. You will only receive a reply if additional information is required.

MORE FROM BANK OF AMERICA

Learn how you can add an extra layer of protection to your online experience from Bank of America.

More details

Stay vigilant against phishing attacks

Email scammers change their tactics regularly. Your best defense is to be on the lookout at all times. You can also help protect yourself by following a few mobile and online security best practices, such as using strong passcodes and making sure your devices have the latest security patches.

Other social engineering attacks to know about

Smishing: Utilizes SMS and messaging apps instead of email. Avoid clicking links or responding.

Vishing: A cybercriminal impersonates a trusted source or utilizes tactics such as robocalls. Avoid sharing information, especially if you didn’t initiate the call.

Close Disclaimer

The material provided on this website is for informational use only and is not intended for financial or investment advice. Bank of America Corporation and/or its affiliates assume no liability for any loss or damage resulting from one’s reliance on the material provided. Please also note that such material is not updated regularly and that some of the information may not therefore be current. Consult with your own financial professional when making decisions regarding your financial or investment management. ©2025 Bank of America Corporation.

What to read next

More from Bank of America

Contact Us

We're here to help. Reach out by visiting our
Contact page or schedule an appointment today.

Schedule an appointment

Mobile Banking requires that you download the Mobile Banking app and may not be available for select mobile devices. Message and data rates may apply.