Recognizing Fraud

The Internet has become an attractive place for criminals to obtain personal information about you. We’re providing some information to help you become more aware of the ways in which criminals attempt to obtain your information and show you how to protect yourself from becoming a victim. 

For more information and practical tips from the federal government and the technology industry on how to protect yourself, visit

Email Fraud

Emails from Eastern Bank
We will never ask you to send confidential information to us via email, such as your logon ID, password, account numbers, or Social Security number.  If you receive any such request, DO NOT respond to it.  Please notify us immediately at 1-800-EASTERN (327-8376).  However, in order to establish or maintain financial services offered by Eastern Bank, we may request confidential information through secure contact forms or protected online applications. We will safeguard any information you share with us using security measures that comply with federal law to ensure protections against unauthorized access. 

  • Email and website fraud, often referred to as “phishing” or “spoofing,” involves a criminal sending you an email or pop-up advertisement that claims to be from a legitimate company or organization that you deal with. 
  • The email may instruct you to update or validate your account information, including Social Security number and passwords, and will usually state that the information is needed urgently to get you to respond quickly.
  • Typically, you are instructed to respond via email or directed to a phony website that looks like the site of the legitimate business. 
  • By following the email instructions, you unknowingly provide your personal information to a criminal, not to the legitimate company. The information is then used to transfer money, make payments, and commit other illegal acts.
  • Be cautious of emails that use a general greeting and do not identify you by name.
  • Fraudulent emails often contain typographical or grammatical errors.
  • Often, in conjunction with email fraud schemes, online thieves will direct you to a fraudulent website that resembles the site of a legitimate company or organization. 
  • In many cases, there is no easy way to tell that you are on a phony website because the URL address will be very similar to that of the legitimate business.  
  • The address of the phony website may use a common misspelling of the company's name or may add a symbol, number or word before or after the name.  
  • Therefore, even if you do not receive an email directing you to the phony site, you may end up at the phony site simply by mistyping the address of the legitimate site.

Malware or “malicious software” is designed to secretly access a computer system without the owner's knowledge or consent. Software is considered to be malware based on the perceived intent of the creator rather than any particular feature. The term malware covers a wide variety of software including computer viruses, worms, trojan horses, spyware and other malicious and unwanted software.

Malware is often used to steal personal information, such as account number and login credentials, which can then be used to commit fraud. 

How can I protect myself against malware?
There are several easy ways to minimize the risk of malware:

  • Do not respond to or click on links in pop-up advertisements asking for personal or financial information as they are likely fraudulent.
  • Do not open and install attachments and free software from unknown sources.
  • Avoid downloading files from file sharing and social networking sites, which can be distributions points for malware.
  • Install and run anti-virus and anti-spyware software on your computer and keep them up-to-date.