Identifying Fraudulent Emails
Fraudulent emails, and the web sites they link to, can look identical to legitimate emails and web pages of Old National and other companies. They can be very convincing and may even carry the company logo.
These emails commonly appear to come from banks and credit card companies, government agencies, online retailers, social media companies and service providers such as cable or cell phone companies.
Sample fraudulent email:
Although fraudsters use various tactics in their attempts to deceive, there are common elements you can look for to identify a potentially fraudulent email. You may see one or more of the following:
- Awkward greeting or salutation. Fraudulent emails often have nonsensical greetings or a salutation that does not refer to the customer by name.
- Typos. It isn't necessarily because fraudsters don't know how to spell. It's to prevent email filters from identifying certain words and blocking the email. Example above: ". . .regularly monotir. . ."
- Incorrect grammar. Another tactic used to disguise words and bypass email filters. Example above: ". . .has determines some. . ."
- Strange or unfamiliar links. A link may look official, but when you roll your mouse cursor over it, the link's source code may point to a totally unrelated web site. Remember it is always safest to type a URL into your web browser instead of clicking on a link.
- Compelling or urgent language. Fraudulent emails often have a sense of urgency, indicating the need to communicate with you for your own security or a request to update your information immediately. Example above: ". . .your account will be closed if you do not verify it with us right away."
- Misspelled company name. This is another tactic used to bypass email filters. Example above: "OldNationals"
This is not a comprehensive list, but these examples can help you learn to recognize fraudulent emails.
You are the first line of defense
To detect and avoid potentially fraudulent emails, here are actions you should take:
- STOP before you click. Is the email suspicious? If you are unaware of the transaction/service referenced, you are not a customer of the company or you have never given the company your email address, be suspicious. Don't click on any links in the email, respond to it or open any attachments until you can confirm the sender.
- CALL the company, using a phone number you know to be valid, to confirm that they sent it. Don't use a phone number provided in the email sent to you. Instead, use the phone number on your statement or the company's web site, which you arrived at by typing in the web address yourself.
- DON'T REPLY If you can't confirm the sender or you find the email is in fact fraudulent. Instead, delete the email from your inbox and trash folder.
Keep in mind that regular email is not a secure way to send personal information. For that reason, Old National will never ask you to provide information such as account numbers or a Social Security number that way. If you have already been tricked into providing personal information through an email or web site, and feel your Old National accounts may be in jeopardy, contact Old National Client Care immediately by calling 1-800-731-2265.
PLEASE READ: Information security best practices continue to change and evolve. The information and guidance provided to you online in this Security Center is not intended to be an all-inclusive checklist. You should consult with a qualified information security professional to determine the appropriate security tools and controls for you and/or your business.