Phishing & Other Scams

"Individuals who bite may be exposed to identity theft."1

What is Phishing?

Phishing (pronounced "fishing") is defined as unsolicited e-mails or phone calls from someone impersonating a trusted institution, such as a bank, government agency, or the Better Business Bureau. Phishing can come in the form of spam e-mail or pop-up messages to deceive you into disclosing your bank account information, Social Security number, passwords, or other sensitive information. People are directed to Web pages that look nearly identical to the site of the company the phisher is trying to imitate.

Security Notice

Bank of Central Florida will never ask you to identify yourself in an e-mail, request your Personal Identification Number (PIN), password or login information, or ask you to verify any account information via unsecured e-mail.

Under no circumstances should you ever access Bank of Central Florida's website from a link provided in an e-mail.Only access Bank of Central Florida's website by typing in into your browser's address bar or by following a shortcut or bookmark that you have created. If you receive a "phishing" e-mail that appears to be from Bank of Central Florida, please forward it to or your bank representative so that the Bank can take proper action.

What Are Some Tips to Avoid Getting Hooked?

The next time you are not sure whether you are on a legitimate website or an e-mail you received is valid, check for these signs:

  1. Uses an Incorrect URL. If you go to the bank's website and the address of the site is not the same name, you may not be at the real site. To ensure you are on a legitimate site, always double check that the website address is accurate and look for https:// and a closed padlock icon before inputting any personal information.
  2. Asks for Banking Information. A real bank will never ask for your bank account information, debit card or PIN numbers, or other confidential data via e-mail. Be wary of any e-mails or websites that ask for sensitive information and never click on links or attachments in messages that you think might be phishing, as they could install a virus onto your computer that reads keystrokes.
  3. Sense of Urgency. The e-mail urges you to act quickly or states that personal information needs to be confirmed or updated—otherwise your account may be suspended or closed. Do not be intimidated. Bank of Central Florida DOES NOT initiate e-mails seeking personal information. 


What If I Am a Victim of Phishing?

If you suspect that you have been a victim of identity theft or fraud from a phishing incident, take the following steps:

  1. Contact the Bank. If the phishing e-mail appeared to be from Bank of Central Florida and/or another financial institution, please contact the company immediately and save all details of the “phishing” message to forward.
  2. Report Identity Theft. Follow the steps outlined in the Identity Theft section of our website if you believe you are a victim of identity theft.
  3. Computer Check. Have your computer checked for spyware or viruses and ensure you are using anti-phishing technologies that can help keep your information protected.
  4. Additional Advice. Further information can be located at Federal Trade Commission and the Anti-Phishing Working Group. Phishing emails can be reported to the United States Computer Emergency Readiness Team at . You can also forward spam that is phishing for information to .

What is Smishing?

With “smishing,” instead of a scam e-mail, a bogus text message is received. This is the latest twist on stealing your identity. You may get a text message (or an automated voicemail scam called “vishing”) stating that your account has been suspended (or debit/credit card blocked) and asking you to call a 1-800 number where your account number, PIN, and other data may be requested. Do not respond until you verify the legitimacy of the message by contacting your financial institution directly using phone numbers you are certain about, such as the customer service number on your statement or on the back of your credit card.

Other Scams

“You’ve won a free gift or the lottery, but…”

Sweepstake and Lottery Scams

Congratulations! You have just won the lottery and will be receiving a certified check for $200,000 U.S. CASH! Many lottery and sweepstake letters, e-mails, or phone calls are not legitimate and often based in international locations such as Canada or Nigeria. Con artists will generally convince consumers to send in money to claim a “prize” and the only thing that separates them from their “winnings” is a fee (for administration, processing, taxes, etc.) and proof of identity. Some general tips to recognize a scam include:

  • You did not buy a ticket. You HAVE to buy a ticket to win a lottery.
  • You do not live in or are not a citizen of the lottery country. Most lotteries are only open to residents of the country or state in which the game is played. It is illegal for U.S. citizens to enter foreign lotteries.
  • You cannot find the lottery name except on sites listing scam e-mails.
  • The e-mail or requestor asks for bank account information, driver’s license numbers, or other personal information.
  • To claim your prize, you might be required to travel overseas at your own expense (and personal risk).

Further information on sweepstake and lottery scams can be located through the Federal Trade Commission or a simple “lottery scams” Internet search will provide other helpful advice and a listing of fake lottery companies.

Nigerian Advance Fee Fraud

This type of fraud first started in Nigeria, but is now prevalent in many countries. You receive an “urgent” letter or e-mail from an alleged “official” representing a foreign government or agency offering the recipient an “opportunity” to share in a percentage of millions of dollars. Common forms of this type of fraud include: disbursement of money from wills, purchase of real estate, transfer of funds from over-invoiced contracts, sale of goods, found monies, or contest/lottery winnings.

The fraudster may offer to transfer large sums of money into a victim’s personal bank account, which would necessitate the victim providing personal information (and possibly future identity theft). Another scheme may require the victim to deposit a check into their account and immediately wire a portion of the money to a third party outside of the country. These are generally counterfeit checks and the victim ends up with nothing but a loss of funds. Further information regarding this type of advance, up-front fee scheme can be found in the following links:

United States Department of State
Local Secret Service Office (if you have suffered a significant loss)

Fake Check Scams

Fake check scams  start when someone gives you a realistic-looking check or money order and asks you to wire them money in return. The check is phony and it may take weeks to discover. The bank cannot be sure the check is valid and now wants the money back after the check is returned as a counterfeit. You are responsible for checks or money orders that you deposit, even if they are fake. There is no legitimate reason why anyone would give you a check or money order and ask you to wire money in return. Learn more at where you can take a fraud test, review videos, and learn prevention tips. The Federal Trade Commission’s Money Matters also provides helpful advice on avoiding money wiring scams.

Other Fraud-Related Resources

The following is a list of links that may provide additional information on common fraud schemes:

Federal Bureau of Investigation
Federal Reserve Bank
Internet Crime Complaint Center
Consumer Federation of America