Skip to main content

Before you go

You are about to leave Flagstar is not responsible for the content on other sites.

Internet Fraud

Email fraud or phishing

Phishing or spoofing occurs when criminals send email messages that appear to represent a legitimate business such as a bank or retailer. Their goal is to trick you into providing confidential information such as account numbers, passwords, card numbers, and PINs. Criminals who obtain this information use it to engage in financial fraud or steal your identity. Flagstar Bank will never ask you to send confidential information via email.


Fraudulent emails are hard to detect because they use an address, style, wording, logos, and graphics that make them look legitimate. Often, these emails include links to fake websites or launch pop-up windows that are used to collect personal information.


Items listed below are often found in fraudulent emails:

  • Urgent messages threatening account closure if you do not act immediately.
  • Requests for personal information such as PINs, credit card numbers, Social Security Numbers or any sensitive information (Flagstar will never ask you for this information in an email.).
  • Claims that the bank has lost your confidential information due to a system failure or system upgrade and therefore needs you to provide this information (Flagstar will never seek this information via email because we employ an extensive backup system of all essential data.).
  • Typos, grammatical errors, or incorrect usage of Flagstar's name.


Phone or fax phishing

Phishing has expanded to phones. Automated phone dialers and voice over IP phone systems are easy to set up and provide criminals with alternatives to email-based phishing.


Voice phishing occurs when you receive a phone call with an automated message instructing you to call another toll-free phone number. The claim is that you must call to address an urgent matter, such as preventing your account from being closed. When you return the call, you are asked to reveal personal information.


If you receive a call like this, realize that the number displayed on your caller ID can be spoofed and may show one of Flagstar's branches. Do not return the call. Contact Flagstar's Customer Service department.


Fax phishing

Fax phishing occurs when you receive a fax instructing you to send personal information to a designated number in order to address an urgent matter such as preventing your account from being closed. The tone of a phishing fax is similar to email phishing messages. Flagstar Bank will never ask you to send confidential information via fax.


Pop-up ads

Pop-ups are advertisements that appear in small pop-up windows when you visit a website. These ads are designed to integrate with the Web page or to look like legitimate programs. When you click on some of these pop-ups, you may unknowingly download and install viruses, spyware, or other malicious software. Flagstar will never display a pop-up message asking you to verify your personal information.


Spyware and viruses

Spyware and viruses are malicious programs that are installed on your computer without your knowledge. Viruses can damage your operating system while spyware may allow thieves to steal confidential information stored on your computer.



Keyloggers and trojans allow criminals to gain access to your computer. Often, they are embedded in free software that you download from the Internet. Only download software from companies and websites that you trust.


Securing your computer

Fraud may extend beyond e-mail and the Internet, and right to your own computer. Take these steps to prevent others from gaining access to your personal computer:

  • Install an anti-virus program and update it on a regular basis.
  • Update your software and operating system on a regular basis.
  • Apply all software fixes (also called patches, hot fixes or service packs) as soon as possible.
  • Use the most current version of your web browser.
  • Install a firewall and keep it on at all times.