Online Banking & Email Fraud FAQs

Listed below are answers to commonly asked questions about online banking & email fraud.

General Questions

+
What is "phishing"?

The term "phishing" comes from the way in which internet scammers "phish" for your personal financial information. This involves sending fraudulent emails that appear to be from a legitimate company that you recognize and do business with, such as a financial institution, in order to trick you into surrendering private information that can be used to initiate fraudulent transactions or complete an identity theft.

In many cases, the fraudulent email will warn you of a serious problem with your account that needs immediate attention, and will threaten to suspend or close your account if your personal information is not updated within a given time frame. The email then directs you to click on a link to a phony website where you are asked to update personal information, such as your Social Security number, passwords, credit card information, bank account numbers and contact information.

Any email you receive that appears to be from TCF and requests updated personal information, such as your Social Security number, account number, PIN, or passwords, is fraudulent. The link contained in the email is NOT to TCF Bank's website, even though it may imitate our style and graphics.

If you provide the requested information, you may find yourself a victim of identity theft.

+
What is the subject of these emails?

The subject line of the email can vary. Any email claiming to be from TCF Bank that asks for customer information should be forwarded to emailfraud@tcfbank.com immediately. Delete the email after it has been forwarded to us.

+
What if I receive a pop-up message asking for my personal information?

Do not type any information or respond in any way and close the message. If you did respond, contact us immediately.

TCF Bank does not use pop-up messages to request customer information. We will never ask you for your Online Banking sign-in ID, Online Banking password, and PIN by pop-up message.

+
What is the "Account Manager" or "Transfer Agent" scam?

One of the newest email scams is the "Account Manager" scam, which offers to let you become an "Account Manager" or "Transfer Agent" for a third party, usually in another country.

Scammers will try to solicit you through an email or web advertisement, offering to let you work from home and be an "Account Manager" or "Money Transfer Agent" for them. In turn, they will let you earn commissions for your trouble and offer to increase your fee the more transfers you complete for them. Money is then transferred out of an unsuspecting person's account and into yours. Then you are asked to send the money to them through Western Union or other funds transfer service provider under the impression that you will keep a percentage of the money they have deposited into your account.

If you agree to become an Account Manager for the scammers, you have no idea where the money is coming from or where it is going. It could be used for a variety of illegal purposes, including terrorism, and you could be prosecuted if caught. Do not believe any emails or web advertisements offering to let you earn money by transferring cash.

If you receive an email or see an advertisement offering to make you an "Account Manager" or "Money Transfer Agent," forward it immediately to your local Secret Service office or the national Financial Crimes Division at 950 H Street, Washington, D.C., 20001 or fax to 202-406-5031.

+
How do I protect myself from fraudulent emails (phishing)?

TCF Bank will never ask you to provide your Online Banking sign-in ID or Online Banking password by email. Use the following tips for preventing email fraud and identity theft:

  • You should be suspicious of any email that appears to be from TCF Bank containing links to websites asking for confidential information.
  • Never provide personal information in response to an unsolicited request, whether it is in an email or over the phone. If you believe the request may be legitimate, contact the financial institution yourself using contact information that you have verified. Do not use phone numbers contained in emails you believe may be fraudulent.
  • Delete emails from unknown senders without opening them. Do not open attachments; this may release a virus in your computer to track your personal information.
  • Never send an account number, secret PIN, or password by email.
  • Choose a Secret PIN and password that is known only by you and keep it in a safe place. Consider changing your Secret PIN and password on a regular basis.
  • Review all account statements, including online statements, regularly to verify all charges are correct and to check for any suspicious activity.

If you are suspicious of any email you receive that appears to be from TCF Bank, contact us immediately.

+
If I have replied to an email I believe is fraudulent, how do I report my card as stolen?

Phone a TCF representative in your area to report your card as stolen.

+
If my card was stolen, how soon will I receive a new card?

If you choose free standard delivery, a new card will be re-issued to you within 7-10 business days after you have reported it stolen. Or, we can help you get back to normal faster than ever with Expedited and Rush delivery options for your TCF card. Contact us or visit any TCF Bank location for details and applicable fees.

+
I have already replied to one of these emails and given out my personal account information. Who else should I contact if I think I have been a victim of phishing?

After you have contacted TCF and alerted us to the situation, you may also want to contact one of the three major credit bureaus and discuss whether or not you need to place a fraud alert on your file. This will help prevent thieves from opening a new account in your name.

Equifax
800-525-6285
P.O. Box 740250
Atlanta, GA 30374

Experian
888-397-3742
P.O. Box 1017
Allen, TX 75013

TransUnion
800-680-7289
P.O. Box 6790
Fullerton, CA 92634

You may also want to report all suspicious contacts to the Federal Trade Commission at www.ftc.gov/bcp/edu/microsites/idtheft/, or 1-877-IDTHEFT.