TD Bank, America's Most Convenient BankSkip to main content
      Search Tips
About Us | Our Community | Careers | Locations | Customer Service | En Español  

Phishing

Identity Theft Protection

You can help protect your credit and your identity with ITAC Sentinel® Plus Identity Theft Protection.

Enroll now | View details

Already a member? Log in

Phishing (pronounced "fishing") is an electronic scam that attempts to obtain confidential personal or financial information from its target. It takes the form of a fake message, usually an e-mail, which appears to be from a financial institution or service provider. The message usually includes the company name, logo and a link to a website which instructs you to update your account information by providing your Social Security number, bank account number, PIN, password, birth date, etc. with a dire warning if action isn't taken. A phisher can then use your personal information to commit fraud.

Security vendor Symantec reports there are 7 million phishing-related e-mails sent each day. Like other spam, phishing is often detected by anti-spam software and automatically filtered. TD Bank has contracted with a firm to monitor the internet 24-7 and shut down phishing sites as soon as they are detected or reported.

In order to avoid becoming a victim of a phishing scam, you need to know what to look for.

  • In a typical phishing case, you will receive an e-mail that appears to come from a reputable company such as your financial institution, government agency, or a credit card company.
  • E-mail addresses are harvested from publicly available sources or through randomly generated lists. Phishers send out millions of e-mails at a time hoping to catch the customers of a targeted company by pure chance.
  • While some e-mails are easily identified as fraudulent, including some containing tabloid-style headlines to get the user to open them, others may appear to come from a legitimate address and trusted online source. Do not rely on the name or e-mail address in the "from" field, as this is easily forged.
  • The message will describe an urgent reason you must "verify" or "re-submit" personal or confidential information by clicking on a link embedded in the message. Note: With the high volume of mergers within the financial services industry, phishers will often try to get your personal information by insisting they need it in order to transfer your accounts from one institution to another.
  • Once inside the fraudulent website, you may be asked to provide Social Security numbers, account numbers, passwords, or other information used to verify your identity such as mother's maiden name or place of birth.
  • Fraudulent e-mail may also include links and/or attachments that contain computer viruses and/or keystroke loggers and should not be clicked on or opened.
  • Other typical phishing scams include fake job offers, surveys, bogus prize awards, gift certificate offers, or money laundering schemes.

View real-life examples of electronic fraud received by TD Bank Customers.

Reporting Identity Theft and Phishing

TD Bank will never ask you to confirm your account number, PIN, password or any other personal information via e-mail. If you are concerned that you have received fraudulent e-mail, disclosed confidential information or have questions about online security, please contact the TD Bank Phishing and Identity Theft Hotline at 800-893-8554.
ITAC, ITAC Sentinel, and the associated design are trademarks of the Identity Theft Assistance Corporation.

†By clicking on this link you are leaving our website and entering a third-party website over which we have no control.

Neither TD Bank US Holding Company, nor its subsidiaries or affiliates, is responsible for the content of third party sites hyper-linked from this page, nor do they guarantee or endorse the information, recommendations, products or services offered on third party sites.

Third party sites may have different Privacy and Security policies than TD Bank US Holding Company. You should review the Privacy and Security policies of any third party website before you provide personal or confidential information.