Home | DeerwoodBank.com | Education Center | Careers | Locations | About Us | Contact Us

Online Banking

Access Your Personal Account

Access Your Business Account

Deerwood Bank - Education Center

Email Fraud

Email fraud uses email messages to trick victims into sending financial information or money to criminals, often in other countries.  Among the most common forms of email fraud is the "Nigerian Letter" or "419" fraud, in which the victim receives an email informing them that they have an opportunity to share in a percentage of millions of dollars if the victim helps the criminal transfer money from Nigeria into a United States bank account. The email may also attempt to look like it is from a company with which you do business in order to trick you into sharing your personal information.


When internet fraudsters impersonate a business to trick you into giving out your personal information, it is called phishing. Do not reply to email, text, or pop-up messages that ask for your personal or financial information. Do not click on links within them either – even if the message seems to be from an organization you trust. It is not. Legitimate businesses don’t ask you to send sensitive information through insecure channels.

Examples of Phishing Messages

You open an email or text, and see a message like this:

  • "We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."

  • "During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."

  • “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”

The senders are phishing for your information so they can use it to commit fraud.

How to Deal with Phishing Scams

  • Delete email and text messages that ask you to confirm or provide personal information (credit card and bank account numbers, Social Security numbers, passwords, etc.). Legitimate companies don't ask for this information via email or text.

  • The messages may appear to be from organizations you do business with – banks, for example. They might threaten to close your account or take other action if you don’t respond.

  • Don’t reply, and don’t click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites – sites that look real but whose purpose is to steal your information so a scammer can run up bills or commit crimes in your name.

  • Area codes can mislead, too. Some scammers ask you to call a phone number to update your account or access a "refund".  But a local area code doesn’t guarantee that the caller is local.

  • If you’re concerned about your account or need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.

Action Steps

You can take steps to avoid a phishing attack:

  • Use trusted security software and set it to update automatically. In addition, use these computer security practices.

    • Don't email personal or financial information. Email is not a secure method of transmitting personal information.

    • Only provide personal or financial information through an organization's website if you typed in the web address yourself and you see signals that the site is secure, like a URL that begins https (the "s" stands for secure). Unfortunately, no indicator is foolproof; some phishers have forged security icons.

    • Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call to confirm your billing address and account balances.  Sign up for paperless statements to keep criminals from stealing your information from your mailbox.  Click here for instructions to sign up for e-Statements (paperless) at Deerwood Bank.

    • Be cautious about opening attachments and downloading files from emails, regardless of who sent them. These files can contain viruses or other malware that can weaken your computer's security.

Report Phishing Emails

Forward phishing emails to spam@uce.gov – and to the company, bank, or organization impersonated in the email. You may also report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a group of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.

If you might have been tricked by a phishing email:

  • File a report with the Federal Trade Commission at www.ftc.gov/complaint.

  • Visit the FTC’s Identity Theft website. Victims of phishing could become victims of identity theft; there are steps you can take to minimize your risk.

The “Nigerian” Email Scam

So-called “Nigerian” email scams are characterized by convincing sob stories, unfailingly polite language, and promises of a big payoff.

The Bait:

These messages have been circulating for so long that they have become material for late night jokes, but people still respond to them. The people behind these messages claim to be officials, business people, or the surviving spouses of former government leaders in Nigeria or another country whose money is tied up temporarily. They offer to transfer lots of money into your bank account if you will pay the fees or "taxes" they need to get their money. If you respond to the initial offer, you may receive documents that look official.  They may even encourage you to travel to the country in question, or a neighboring country, to complete the transaction.  Some fraudsters have produced trunks of dyed or stamped money to try to verify their claims.

The Catch:

The emails are from crooks trying to steal your money or your identity. Inevitably, emergencies come up, requiring more of your money and delaying the "transfer" of funds to your account. In the end, there aren't any profits for you, and your money is gone along with the thief who stole it. According to State Department reports, people who have responded to these emails have been beaten, subjected to threats and extortion, and in some cases murdered.

What You Can Do:

These emails can really tug at your heartstrings and appeal to your sense of altruism. Successful scam artists know exactly how to get you to give up your money. If you get an email asking you to send money to help out a stranger, delete it. Someone is up to no good, and trying to manipulate your emotions. They will tell you whatever you want to hear. They will tell you whatever they feel you will believe. They will pretend to be lawyers, claims agents, bankers, law enforcement agents, people of high rank in the government, gaming officials, tax collectors, and any other title that will convince you they are good people.

If you are a victim of one of these schemes:

  • Do not communicate with the scammers.  Do not reply to them again.  Do not attempt to debate or negotiate with them.  You will not get your money back from them.

  • Contact your bank to see if payment can be stopped.

  • Contact your credit card company to reverse any fraudulent charges.

  • File a police report.  Obtain a copy of the police report for your records.

  • Contact your state attorney general to alert them to the scam or fraud activity.

  • File a complaint with the Federal Trade Commission.


This site is for educational purposes and is not intended to provide legal advice.  For specific advice about your unique circumstances, you may wish to consult a qualified professional.  Credits: Federal Trade Commission; Federal Bureau of Investigation; Homeland Security; National Cyber Security Alliance.



American Bank of St. Paul is now Deerwood Bank as successor by merger with American Bank of St. Paul.

Deposits serviced at offices of the former American Bank of St. Paul and Deerwood Bank are NOT separately insured by the FDIC.

Home | Education Center | FDIC Deposit Insurance Estimator | Legal | Privacy Notice | Careers | Locations | About Us | Contact Us | Site Map

All images on this site are subject to copyright, and may not be used without permission