Learn to Recognize Fraudulent Emails

Fraudulent emails (phish) and websites can be very sophisticated, and may look identical to Wells Fargo’s emails and websites. Fraudsters can tamper with the sender information in an email to make their phish look even more legitimate.

Although fraudsters use various tactics in their phish, there are common elements you should familiarize yourself with.

Fraudulent email example

1. Awkward greeting

A phish may address the customer with a nonsensical greeting or may not refer to the customer by name.

2. Typos

This isn’t because fraudsters don’t know how to spell – it’s so the phish won’t be blocked by email filters.

Examples in this phish: “acessed” “Our SSL security severs has…” “fradulent”

3. Incorrect grammar

Another tactic used to bypass email filters.

Examples in this phish: “Our SSL security severs has…”

4. Strange or unfamiliar links

This link looks official, but notice what happens when the mouse curser rolls over it. The link’s source code points to a completely different website. Remember that you can always type a URL into your web browser instead of clicking a link.

5. Compelling or urgent language

This email would convey an urgent need to communicate with you for your own security, or a request to update your information immediately.

Examples in this phish:

  • “We recently contacted you after noticing an issue on your online account, which has been acessed unusually.”
  • “Our security department has requested information from you to verify your identity for your online banking.”

6. Mis-spelled company name.

Another tactic used to bypass email filters. 

Example in the phish: “WellsFargo (s)”

This is not a comprehensive list of phish email characteristics, but these examples will help you learn to recognize fraudulent emails.

Wells Fargo is dedicated to protecting your information. Learn about our security measures and what we do to protect your accounts online.