Imposter scams are on the rise: Here’s how to manage the risks

As criminals impersonate trusted figures and set up fraudulent websites, education is the best defense.

 

5 minute read

 

Key Takeaways

  • Education is the best defense against increasingly common imposter scams in which scammers may impersonate bank representatives.
  • If you receive an unexpected call, text or email from someone claiming to be a relationship manager or the fraud department — even your treasury sales officer (TSO) — always verify the source using a known phone number, legitimate website, bill or statement.
  • Fraudulent websites can often be identified by poor design quality, grammatical errors, misspellings and urgent requests for contact or other information.
  • Be proactive by coordinating a mutually understood defense with your relationship manager and treasury officer.

As our daily reliance on digital communication steadily increases, scammers are evolving their tactics to exploit the trust we’ve built for online and other financial services. Imposter scams are on the rise and are currently the most commonly reported fraud, with approximately 985,000 complaints in 2021 according to the Federal Trade Commission.1

 

Imposter scams typically begin with an anomalous email (commonly known as phishing), a phone call from a falsified number (vishing), an unsolicited text (smishing) or a social media message. The communications appear to be from trusted professionals such as bank representatives, lawyers or government officials.2 To make them appear more authentic, the perpetrators may even pose as your current relationship manager, or representatives of companies you already have relationships with.

 

By creating fraudulent websites using legitimate information they’ve harvested from online sources, these scammers lure clients and potential prospects into providing confidential information with the intention of committing financial fraud.

Warning signs to watch for

Recognizing that imposter scams exist and are increasing in prevalence may be the best defense against them. But beyond awareness, there are some common red flags that can help you identify these scams before you fall victim, including:

 

  • An unexpected phone call from your relationship manager, which might be a vishing attempt
  • An urgent request to fill out a form with information that the relationship manager should already have if you’re a client or wouldn’t need if you’re a prospective client
  • Poor website design quality, including odd layouts and low-resolution images or photos of the manager
  • Grammatical errors, misspellings, awkward phrasing or misuse of investor terminology
  • A website domain that uses the name of the relationship manager rather than a reputable firm 

Best practices

Imposter scams are successful because of how much legitimate information scammers can mine from publicly available information on the web, enabling them to convincingly impersonate a professional or simulate a professional’s website. But by following these best practices, you can protect yourself and others:

 

  • Verify all anomalous communications or requests for payments or personal information by double-checking the sender information and by independently confirming the source using a verified phone number from an official website, bill or statement.
  • Don’t rely on caller ID to determine if a caller is legitimate.
  • Never send payments to anyone without independently verifying their identity.
  • Never give sensitive information, such as account numbers, over the phone or through a website unless you are sure of who you’re interacting with.
  • Cut off contact at any point with someone you suspect is impersonating a professional.

 

In addition, being proactive and coming up with a mutually understood defense against imposter scams with your professional contacts can be an effective way to decrease your chances of falling victim.

 

If you receive any suspicious email or text message that appears to be from Bank of America, forward it to us at abuse@bankofamerica.com.

 

Remember: Don’t transfer money or make payments as a result of an unexpected phone call or text. Bank of America will never ask you to share your banking credentials or one time passcode, or ask you to send account or company information over text, over email or online.

1  “New Data Shows FTC Received 2.8 Million Fraud Reports from Consumers in 2021,” Federal Trade Commission, February 22, 2022.

2 “Imposter Scams,” AARP, March 30, 2022.