Email Fraud

Tips to Protect yourself from Email Scams

Chances are, at some point, you will be subjected to some sort of "phishing" scam. Phishing uses “spoofed” emails and fraudulent websites designed to fool recipients into sharing personal financial data, such as credit card numbers, account user names and passwords, and Social Security Numbers. By hijacking the trusted names of well-known banks, online retailers, and credit card companies, phishers are able to convince up to five percent of recipients to respond to them.

Please note: FirstMerit never solicits confidential information like credit or debit card numbers through the Internet or email without prior customer consent.

We will never send an email which

  • Requires you to enter any personal information or account information directly into the email or send you to a web page that asks for that information (we already have this information on file and would not ask you for it)
  • Threatens to close your account if you do not take the immediate action of providing personal information
  • Asks you to reply by sending personal information or asks you to enter your User ID, password, or account numbers into an email or non-secure web page (a secure web page is one that has a lock in front of the web address and starts with https//)

 

If you receive any email from FirstMerit or from any institution or individual requesting personal or account information, treat it as fraudulent and take this action:

  • Forward the email to us at: identitytheft@firstmerit.com
  • Call us at 888-554-4362
  • Report suspicious activity to the Federal Trade Commission (FTC), the government agency responsible for investigating such crimes, at spam@uce.gov

How to Recognize Fraudulent Emails

Be wary of any seemingly legitimate email request for account information:

 Often the request is under the guise of asking you to verify or reconfirm confidential personal information, such as

  • Account numbers
  • Complete Social Security Numbers
  • Passwords or;
  • Other sensitive information

 

It's often hard to detect a fraudulent email:

That's because the email address of the sender often seems genuine (such as support@yourbank.com), as do the design and graphics. But there are clear signs to be aware of. For example, fraudulent emails often try to extract personal information from you in one of two ways:

  1. By luring you into providing it on the spot (e.g., by replying to the email); or
  2. Including links to a website that tries to get you to disclose personal data

A fraudulent website is designed to trick you into believing it belongs to a company you know by using its brands as domain names and/or its graphics. The ultimate goal of this fraud is to use your information to gain unauthorized access to your bank or financial accounts or to engage in other illegal acts.

Do not reply to any email requesting your personal information, or one that sends you personal information and asks you to update or confirm it. If you receive an email you are suspicious of, contact the company through an address or telephone number you know to be genuine. FirstMerit will never send you any email that requests your account information or asks you to verify a statement.

If you suspect you have provided confidential account or personal information to a fraudulent website, take these steps:

  • Change your password immediately
  • Monitor your account activity frequently
  • Report any suspicious activity to the company