Protect yourself and others from scams.

The more you know about fraud, the less likely you are to become a victim.

Cybercrime risk


Of the adults surveyed don’t feel well informed about cybercrime risk.


Have had a device infected with a virus—or someone close to them has.


Have had fraudsters try to steal personal information via fake e-mails or websites.


Have experienced fraudsters abusing their credit card number or bank details.

Social engineering—the most common form of cyber fraud.

Social engineering is when fraudsters pose as someone you trust to get you to reveal personal information.

Social engineering usually takes one of these forms:

Phishing: fraud through legitimate looking emails or social media direct messages.

SMiShing: phishing via texts and SMS messages.

Vishing: voice phishing via phone calls.

Over 96% of all cyber-attacks start with social engineering, pretexting, phishing and insider threats.Disclosure 1

Watch out for the “big three” forms of fraud.

Fraudsters want your personal information. Social engineering, identity theft, and malware are the main ways they’ll try to get it.

Here’s what each of those means:

  • Social engineering – Fraudsters posing as your friends, colleagues, or someone else you trust can fool you into revealing your personal information. Because social engineering attacks look legitimate, they can be difficult to detect.

  • Identity theft – The fraudulent acquisition and use of someone else’s personal information, such as name, address, Social Security numbers, driver’s license number, bank account number, PIN number, online banking password, etc., usually for financial gain.

  • Malware – A combination of the terms “malicious” and “software”, used to describe any software designed to cause damage to a single computer, server, or computer network. Criminals sometimes use malware—programs like fraudulent apps, viruses, and spyware—to get into your computer or mobile device. Once inside, they can steal information, send spam, and commit fraud. Beware of emails or texts from unknown sources, and never enter credentials on links sent to you.

Remember: Truist will not email or send texts asking you to provide, update or verify your personal or account information, such as passwords, Social Security numbers, personal identification numbers (PINs), credit or debit card numbers.

Component ID : "accordionGridLayout-1946350363"
Model : "faq"
Position : "left"
  1. Advance-fee scam: A common type of fraud that requires the victim to pay a small up-front payment to obtain a large sum of money or prize winnings. However, that large sum of money doesn’t exist.

  2. Business email compromise: Criminals exploit employees by sending emails that look like they're from business associates requesting ACH transfers or other sensitive activity. Always verify requests for wire or ACH transfers received by email. Call the vendor requesting the payment, and use known numbers to validate all requests that you've received by email.

  3. Check cashing scams: Check-cashing schemes may take the form of an email indicating that the sender wants someone to cash checks in return for keeping a portion. It may say something like, "I will send a check made payable to you, drawn on XYZ Bank, in the amount of $10,000. All you have to do is deposit it. In return for doing this, you can keep $1,000 and wire $9,000 back to me." The check may look real, but in reality, there’s no account, or the account has insufficient funds to cover the check.

  4. Family emergency: Scammers may pose as relatives or friends, calling or sending messages to urge you to wire money immediately. They’ll say they need cash to help with an emergency—like getting out of jail, paying a hospital bill, or needing to leave a foreign country. Their goal is to trick you into sending money before you realize it’s a scam.

  5. Drive-by downloads and malware: When software installs on your computer without your knowledge to monitor your use, redirect your computer to certain websites, record keystrokes, or enable unauthorized people to access your device. Avoid malware by making sure to update your operating system and web browser regularly.

  6. Investment scams: The internet can make it difficult to distinguish between fact and fiction. It's always important to verify your information before making an investment. Watch for telltale signs of a scam like promises of high returns with little risk, schemes requiring recruitment of new participants to make money, offshore investments, or small stocks you only read about on the internet.

  7. Online profiling: A scam that involves fraudsters sending spam or social media direct messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims.

  8. Refund scams: Usually involve an email indicating that the recipient has a refund due and needs to provide information to speed its processing. The scam artists may claim to represent the IRS, state tax officials, or a well-known business or retail establishment.

  9. Spoofed/Copycat sites: A form of online fraud that’s much like phishing, where fraudsters use bogus websites to retrieve a person’s confidential information.

  10. SIM swap: A form of fraud where fraudsters use social engineering to gather enough personal data to convince their victim’s mobile phone company to reassign the victim’s phone number to a different SIM card—one in the fraudster’s device. The victim’s phone loses network connection the minute that swap is completed. At that point, the fraudster can leverage the texts and emails to gain access to victim’s bank accounts, credit cards, and other sensitive information.

  11. Payment scams: Peer-to-peer payment services like Zelle® are accessible, fast, and extremely convenient—all of which make them vulnerable to fraud. The simplest way to avoid scams is to only send money to people you know and trust. Even then, always verify recipient details before sending.


Protect your small business from fraud.

New scams surface all the time. Familiarize yourself with the most common forms of fraud, and watch out for newer scenarios as they come to light.

Check fraud

  • Look for alterations to legitimate checks—including forged signatures and amounts.
  • Beware of checks from fictitious organizations, or counterfeit checks, which can include an exact replica of your logo.

Card, ACH, and wire transfer fraud

  • Watch for ACH charges that include checks that have already been returned for fraud.
  • Watch out for fraudulent electronic debits.
  • Beware of fraudulent requests to initiate ACH payments for charges received via internet or telephone.
  • Keep watch over electronic credits or outbound wire transfers sent in payment for fraudulent purposes.
  • Beware of credit purchases from "Card Not Present" merchants or from merchants not validating the CVV2 number on the card.
  • Be vigilant toward stored value cards and their card numbers. Both can be stolen and used to make purchases.

Online fraud

  • Online schemes often attempt to obtain confidential information, including password, identification information, and token-code information.
  • Malicious software can be installed on your computer without your consent. Once installed, it can record keystrokes, redirect your browser, or display a fraudulent website.