How to Protect Yourself from "Phishing" and Email Scams
You may have experienced or read about recent incidents of unsolicited email messages masquerading as legitimate companies that trick recipients into disclosing personal and financial information.
These "phishing" (also called "brand spoofing") emails send you to web sites pretending to be legitimate companies or government agencies that ask for your personal and financial information.
Reminder: BMO Harris will never contact you in an email and ask for your User ID, Password, PIN, social security number or other sensitive information. You should never send personal identification numbers or sensitive information by email as it is not a secure method of contact.
If you suspect you have been a victim of fraud or would like to report suspicious activity, visit the "Report Fraud & Suspicious Activity" section of this site for important information. Visit your branch or contact us using a known legitimate number (for example, the number on the back of your debit card).
A common email scam uses unsolicited email to deceive consumers into disclosing confidential personal information. The deceptive email suggests clicking on a link or attachment for any one of the following reasons:
- Change / update to personal information
- Possible suspension of client cards or accounts
- Possible loss of deposit insurance
- Application for products
After clicking on an attachment or link from the unsolicited email, the user is taken to a bogus site that requests confidential personal information, which could include:
- ATM or Debit Card Numbers/User ID's
- Account Numbers
- Personal Identification Numbers (PINs)
- Credit Card Numbers
- Social Security Numbers
- Other Personal or Private Information
There are some commonalities that can help you identify the scams:
- They are designed to mimic the look and feel of a genuine site
- They are most commonly sent out through unsolicited emails, containing links or attachments
- The Web address will often have the @ symbol or a numeric address (eg.123.456.1.2). The address may also include the word, phrase or text 'harris ' or 'bmoharris ' to make it appear authentic.
- For additional information on how to identify a "Phishing" scam, watch this video.
It is important to understand that there are ways in which you can help protect yourself from email fraud and web sites that request your personal or banking information:
- If you receive an email pretending to be from a member of BMO Harris or M&I that asks for personal or financial information, do not reply or click on the link in the email. To ensure that the email is legitimate, contact us immediately:
- Always enter the full web site using your bookmarks or any of our published URLs.
- Review your financial statements regularly for unauthorized or suspicious transactions.
- Never send personal and/or financial information via email.
- Do not trust email headers. They can be easily forged.