Phishing and Malware

Phishing (pronounced "fishing") is an electronic scam that attempts to obtain confidential personal or financial information from its target. It takes the form of a fake e-mail, which appears to be from a financial institution or service provider. The message usually includes the company name, logo and a link to a website which instructs you to update your information by providing your account details or personal information with a dire warning if action isn't taken. A phisher can then use your personal information to commit fraud.

In order to avoid becoming a victim of a phishing scam, you need to know what to look for.

In a typical phishing case, you will receive an e-mail that appears to come from a reputable company such as your financial institution, government agency, or a credit card company.
While some e-mails are easily identified as fraudulent, others may appear to come from a legitimate address and trusted online source. Do not rely on the name or e-mail address in the "from" field, as this is easily forged.
The message will describe an urgent reason you must "verify" or "re-submit" personal or confidential information by clicking on a link embedded in the message.
Once inside the fraudulent website, you may be asked to provide Social Security numbers, account numbers, passwords, or other information used to verify your identity such as mother's maiden name or place of birth.
Fraudulent e-mail may also include links and/or attachments that contain computer viruses and/or keystroke loggers and should not be clicked on or opened.
Other typical phishing scams include fake job offers, surveys, bogus prize awards, gift certificate offers, or money laundering schemes.

Malware generally refers to any program that intentionally harms your computer and is typically installed without your consent. Malware can get into your computer by doing something as innocuous as clicking on an ad, going to a website or even unknowingly downloading a document. The malware "industry" has blossomed so much that some malware actually poses as anti-malware software.

Your best defense is to keep your browser, operating system, and applications up to date, and to run updated anti-malware software.

Reporting Identity Theft and Phishing

TD Bank will never ask you to confirm your account number, PIN, password or any other personal information via e-mail. If you are concerned that you have received fraudulent e-mail, disclosed confidential information or have questions about online security, not related to debit or credit cards, please contact us immediately.

TD Bank Phishing and Identity Theft Hotline

1-800-893-8554
Phishing@TD.com

For debit and credit card related transactions, please contact Customer Service.

Visit your local TD Bank
TD Bank ATM/Visa® Debit Card: 1-888-751-9000
TD Bank Visa® Credit Card: 1-888-561-8861

Get help now online.

Expand Top FAQs

		To whom should I report internet fraud incidents?
		What is TD Bank doing to help protect me from fraud?
		Where can I get more information on internet fraud prevention?
		How can I prevent becoming a victim of fraud or identity theft?
		What are Trojan Horse Programs?
		Is it ok to send account information via e-mail?
		What is phishing?
		What should I do if I suspect my online information has been compromised?
		Can I continue to use the Trusteer Rapport security software?
		What is a keylogger?

Ask now!

View all Banking products and services

View all Investing products and services

Phishing and Malware

Reporting Identity Theft and Phishing