Remove “Bank Of America – Account Verification” fraudulent email

The “Bank Of America – Account Verification” email is a phishing attempt that will try to steal your Bank of America online account login credentials. The email claims that potentially fraudulent activity has been identified on your account, which resulted in your account access being temporarily locked. To supposedly restore access to the account, you need to go through a verification process. If you interact with this email, you will be asked to enter your online bank login credentials, as well as your payment card information. All of this information would be sent to the malicious actors operating this phishing campaign.

 

 

The “Bank Of America – Account Verification” email is a phishing attempt, so you can ignore its contents. This email is designed to imitate a security alert from Bank of America, claiming that fraudulent activities have been detected on your account. It may state that your account has been locked and can only be accessed after going through a verification process.

Clicking on the “Review Account” button will redirect you to a fake website that mimics the legitimate Bank of America login page, with the intent of stealing your login details. If you enter your credentials on this site, they will be immediately sent to the criminals behind this phishing campaign. Additionally, you will be prompted to provide your payment card information. All of this is highly sensitive information, and disclosing it could lead to your bank account being compromised. Falling for this phishing campaign could result in significant financial loss.

The full “Bank Of America – Account Verification” email scam text is below:

Subject: Security alert: Important notice on your account

Bank of America
Transaction alert

Your Account Requires Verification.

Email Sent to: –
Email Date: –
Email Reason: Account Verification
Email Priority: Extremely High
We’ve identified potentially fraudulent activity on your account.

As a security measure, access has been temporarily locked. To restore access, please complete the verification process as soon as possible.

Important Instructions:

Click the “Review Account” button below, sign in using your User ID and password, and complete the authentication to verify your login.
Enter your debit card details and any additional requested information to proceed and avoid further verification.

Review account
Securely access your accounts with the Bank of America Mobile® app or Bank of America.com.
About this message

Bank of America Mobile® app is available for select mobile devices. Message and data rates may apply.

This service email was sent based on your alert settings. Use the Bank of America Mobile app or visit Bank of America.com/alerts to view or manage your settings.

Bank of America cannot guarantee the delivery of alerts and notifications. Wireless or internet service provider outages or other circumstances could delay them. You can always check Bank of America.com or the Bank of America Mobile app for the status of your accounts including your latest account balances and transaction details.

To protect your personal information, please don’t reply to this message. Bank of America won’t ask for confidential information in an email.

If you have concerns about the authenticity of this message or have questions about your account visit Bank of America.com/CustomerService for ways to contact us.

Your privacy is important to us. See our online Security Center to learn how to protect your information.

© 2025 Bank of America & Co.

If you have fallen for this phishing campaign, you must contact Bank of America immediately to inform them of the situation. If you act immediately, you may be able to prevent unauthorized access to your account, as well as any unapproved transactions.

How to recognize a phishing email

Users should be able to recognize phishing emails with relative ease, especially if they are not being specifically targeted. These emails tend to be generic, often contain numerous mistakes, come from random-looking email addresses, and generally appear unprofessional. More sophisticated phishing campaigns are typically aimed at specific individuals or companies, so regular users are unlikely to become targets. Such emails may look credible, include personal information about the target, and appear very legitimate.

When you receive an unsolicited email asking you to click on a link or open an attachment, what you need to do first is verify the sender’s email address. A quick Google search can help you assess whether the email address is trustworthy. Generic phishing emails usually originate from suspicious addresses, while more advanced attempts may use addresses that closely mimic those of real businesses. In this particular case, the “Bank Of America – Account Verification” phishing email was sent from an obviously fake address, as it does not use Bank of America’s domain.

Another red flag is poor grammar or spelling mistakes. If you notice mistakes in an email supposedly from a company like Bank Of America, it’s a phishing attempt — the real Bank Of America would not make mistakes. The way an email addresses you can also be a clue to its legitimacy; genuine emails from Bank Of America will typically greet customers by name, while the “Bank Of America – Account Verification” email does not address recipients at all.

It is advisable to thoroughly examine emails that prompt you to click on links or open attachments. If there’s a link, hover over it to see where it will take you before clicking. For attachments, use an anti-virus program or a service like VirusTotal to scan them prior to opening. If the email claims there’s a problem with your account, do not click on any links and instead log into your account manually to check for issues. Lastly, always inspect the URL of a website before logging in; phishing sites may look similar to legitimate ones, but their URLs will give away the phishing attempt.