Skip to content

Fraud and Security Center


Your financial security matters. We never request PIN, passcodes, User IDs, or passwords by phone, text, or email. Call 888.769.3796 if you suspect identity theft or fraud.

gold padlock sitting next to a black keyboard

How to Protect Yourself from Scams

Johnson Financial Group will never contact you via email, text or phone and ask you to provide your account number, user ID or password, social security number, PIN, one-time passcode or answers to your security questions.

Image of a smartphone receiving a scam SMS message claiming that the user's bank account has been locked and instructs the user to click a phishing link to unlock it.

Text Scams

1. Strange Phone Numbers

Is that the number your bank usually uses to send text messages? Legit text message updates come from “short codes,” official 5- or 6-digit numbers used by your bank.

2. Urgent Warnings or Requests 

Phishing texts try to create a sense of panic, such as threatening to suspend your account or urging you to log in to verify. 

3. Odd Grammar or Spelling Mistakes

If you see misspelled words or odd grammar, they are all clear signs of an impersonator. 

4. Requests for Personal Information

 If a text message requests personal or sensitive information, such as account numbers, PINs, passwords or social security numbers, you can assume it’s a scam.

5. Suspicious Links

Banks rarely — if ever — send links via text. Don’t click them. Instead, verify the message by visiting your bank’s official website, or calling the number on the back of your card.

A smartphone screen displays a scam call in progress. The caller ID reads "Unknown." A speech bubble from the phone reads: "Hello! I am calling to inform you that your bank account has been breached. Could you please call me back as soon as possible with your account number and PIN number so we can start working on this issue? Thank you!"

Phone Scams

Unusual Caller ID

While caller ID can be spoofed, legitimate calls from your bank are more likely to display an official phone number or a known identifier. If not, be very skeptical.

Scare Tactics or Threats

Phishing calls rely on a sense of urgency. If the caller pressures you into immediate action or threatens negative consequences, just hang up and call the number on the back of your bank card.

Asking for Personal Information

Banks will rarely ask for your account number, PIN or password during a phone call — and will never ask for a one-time login code. Never share such confidential details unless you’ve called the number on the back of your bank card.

Calling you unexpectedly

Be very skeptical of calls you receive out of the blue. Normally, bank representatives will only reach out if you initiate contact first. Stay safe by ending the call and dialing the number on the back of your bank card.

A smartphone displaying a text message alert that reads, 'BANK FRAUD ALERT! Did you attempt to send a Zelle transaction for the amount of $10,500 to XYZ Organization? REPLY: 1 for YES or 2 for NO ACT NOW! zelle.net/66RYPKL

Payment App Scam

Unexpected Requests

Be cautious if you receive unexpected requests from strangers or organizations asking you to send money through a payment app.

Sending Money to Yourself

If someone who claims to be your bank says you have to send money to yourself, you can be certain it’s a scam. 

Overpayment Claims

Be skeptical if a sender claims to have accidentally overpaid you through Zelle® and requests a refund of the excess amount. Scammers use this tactic to trick you into sending them money.

Suspicious Links 

If you receive a payment app-related message that contains a link, never click it. Scammers often send links to fake login pages to steal your username and password.

Pressure and Urgency

Scammers attempt to trick you by creating a sense of urgency. If they mention unforeseen emergencies, unverified transactions, account suspension or unsolicited prize winnings, it’s a scam.

A screenshot of a smartphone displaying a phishing text message disguised as an urgent account fraud alert from a bank.

Email Scams

1. Unusual Email Address

Does that look like an email address your bank would use? Be wary of unexpected emails from addresses that aren’t like the ones your bank typically employs.

2. Misspelled Words

If you see misspelled words or odd grammar, they are all clear signs of an impersonator. 

3. Scare Tactics

If an email uses scare tactics, such as urgent warnings of account closure or security breaches, you can safely assume it’s a scam.

4. Suspicious URLs

Banks will never ask you to log in via email. Phishing emails use deceptive URLs to take you to malicious websites. Never click links that you weren’t expecting.

5. Unexpected Attachments

Real banks will never send an email attachment — especially when you didn’t ask for it. Attachments can contain malware that can compromise your computer or personal information. Never click on attachments from emails supposedly from your bank.

Security Tips

A Social Security card lays on top of various financial documents and a one hundred dollar bill. Eyeglasses and a pen rest on top of the card.

Identity Theft Protection Tips 

  • Don't share personal information online, such as your address, phone numbers, Social Security number, birth date or birth place.
  • Store sensitive personal and financial documents in a secure location, and shred them prior to disposal.
  • Never carry your Social Security card or share your number unless absolutely necessary.
  • Never carry unnecessary credit or debit cards and cancel cards you don't use.
  • Promptly retrieve your mail, arrange a hold with USPS or use Informed Delivery to track mail being delivered to you.
  • Opt out of prescreened credit and insurance offers by calling 888‐567‐8688 or go to optoutprescreen.com
  • Delete all personal information on electronic devices prior to disposal.
  • Monitor financial statements and credit reports for signs of unauthorized or suspicious activity.

Request a free annual copy of your credit report at annualcreditreport.com.

A computer screen showing a password reset form. There are fields for old password, new password, and confirm password, each obscured with asterisks. A mouse cursor hovers over the 'Submit' button.

Password Tips

  • Never use your Social Security number as a username or password.
  • Change your password frequently, using a combination of upper and lowercase letters, numbers and special characters when allowed.
  • Never use the same password on multiple sites.
  • Don't write down or share your password with anyone.
A close-up of a keyboard with a blue key displaying a white envelope icon, representing email.

Email Tips

Look for these signs indicating a fraudulent email: 

  • Requests for specific personal information
  • Urgency – often threatening to close your account
  • Money reward offers in exchange for personal information
  • Typos and poor grammar
  • URLs that are different from the sender – for example, links and sender email addresses that do not include johnsonfinancialgroup.com
A laptop computer sits open on a wood-grain desk. The laptop screen reflects the ceiling and other objects in the room. A smartphone and some papers with a pen resting on them are next to the computer. A mug sits just out of focus at the top of the frame.

Computer & Mobile Tips

  • Protect your devices with password security and the phone lock feature to prevent unauthorized users from remotely accessing your devices or home network.
  • Ensure your operating system, software, browser versions and plug‐ins are current to be sure you have the latest security protection in place.
  • Only download programs and apps from reputable sources, such as the store built into your device.
  • Use multi-factor authentication for apps that offer the option.
  • Install a personal firewall on your computer and keep anti‐virus software installed and updated.
  • Public computers and Wi-Fi should be used with caution. Banking, downloads, and other private activities should be conducted, when possible, on a private computer or secure connection.
  • Never text personal information such as account numbers, Social Security numbers, passwords, etc.
  • Remember to remove or change your mobile number from banking systems if you lose or replace your mobile device and service.
  • Always log off apps when you are finished using them.
  • Never store personal information on your mobile device.
A US 1040 tax form with a calculator and a pen laying on top of it. The "Single" filing status checkbox is in focus.

Tax Tips 

  • File early. Filing your tax return as soon as possible gives criminals less time to use your information to file a false return. 
  • File on a protected Wi-Fi network. If you use an online service to file your return, be sure you're connected to a password-protected personal network. Avoid using public networks like a Wi‐Fi hotspot at a coffee shop. 
  • Use a secure mailbox. If you're filing by mail, drop your tax return at the post office or an official postal box. 
  • Find a tax professional you trust. If you hire someone to do your taxes, get recommendations and do your research before handing over your financial information. 
  • Shred what you don't need. Once you've completed your tax return, shred the sensitive documents that you no longer need and safely file the ones you do. 
  • Beware of phishing scams by email, text or phone. If the IRS needs information, they will contact you by mail first. They will not contact you by email, text or social media. 
  • Watch for missing mail. Contact the IRS immediately if you don't receive your W‐2s, and your employer indicates they've been mailed, or if your mail has been previously opened upon delivery. 

More information about tax identity theft is available from the Federal Trade Commission or the IRS.


Steps to Resolve Identity Theft

Act quickly - taking action immediately is important to stop any further damage and to begin resolving any potential issues that could result from identity theft.

icon-swipe swipe left
Woman sitting at her desk with her laptop and mobile phone in her hand.

Contact Johnson Financial Group and any other financial institutions and/or creditors

  • Report that you are a victim of identity theft.
  • Report any fraudulent activity on your accounts with Johnson Financial Group.
  • Review activity on all accounts including your checking, savings, credit card, debit card and loans. Look for unauthorized transactions, changed addresses, changed PIN or new cards ordered.
  • Close accounts that have been breached and reopen them with new account numbers, passwords and PINs.
  • If you use any online or digital solution, change your username and password.
close up of woman on serious phone call

Contact one of the three major credit bureaus

Equifax | 800.685.1111| equifax.com
Experian | 888.397.3742 | experian.com
TransUnion | 800.680.7289 | transunion.com

  • Report that you are a victim of identity theft.
  • Place a fraud alert on your credit file.
  • Confirm that the company will call the other two credit bureau companies.

Request a free copy of your credit report and review it carefully for fraudulent activity. If fraud occurred, notify the credit bureau and companies where fraud occurred.

man on phone at desk looking at computer

Report identity theft to the Federal Trade Commission (FTC)

Federal Trade Commission | 877.ID.THEFT(877.438.4338) | www.identitytheft.gov

Create an Identity Theft Affidavit and personal recovery plan.

A hand with a pen filling out an application

File a police report with your local police department or the police department where the theft occurred

Bring with you:

  • A copy of your FTC Identity Theft Affidavit
  • Any other proof of the theft
  • A government-issued ID with a photo
  • Proof of your address

Ask to have a copy or the number of the report.

Person sitting at desk working on computer and paperwork

Contact other agencies as needed

Government Agencies, Social Security Administration, IRS, Postal Service and other companies | www.identitytheft.gov/Top-Company-Contacts

  • Notify the Postal Inspection Service if you believe your mail was stolen or redirected.
  • Call the Social Security Fraud Hotline if you suspect someone is using your Social Security number for fraudulent purposes.
  • Contact your local DMV office if you believe someone is trying to get a driver’s license or identification card using your name and information.
man drinking coffee seriously looking at laptop on desk

Continue to carefully review all accounts

  • Since fraud can take time to completely resolve, carefully review all charges and transactions appearing on account statements and online.
  • Report any discrepancies to the business immediately.
download icon over tiled johnson cube

Keep track of your fraud resolution activities.

DOWNLOAD the fraud repair kit - resolution log.
download icon over tiled johnson cube

Use the Federal Trade Commission's booklet to guide you through the recovery process.

DOWNLOAD the Identity Theft Recovery Plan.

How to Resolve a Dispute and Necessary Documentation

We will investigate your claim regardless of documentation presented. However, providing the following information can help us reach a resolution for your dispute more effectively.

Review Your Transactions

Regularly review your monthly account statement or take advantage of MyJFG online and mobile banking. With MyJFG, you can quickly and conveniently monitor your transactions and set up alerts to notify you of specific transactions.

Contact the Merchant First

  • We recommend you contact the merchant and try to resolve the situation.
  • Document dates and times of your phone conversations and emails exchanged.

Report a Disputed Charge

Proof of Purchase

Include a receipt, contract or invoice, showing the product or service purchased along with the amount of the purchase.

Merchant Communication

If you are disputing a payment, document two resolution attempts with the merchant. If you have returned a product to the merchant, provide tracking information or communication related to the return.

Written Statement

Provide a detailed written statement describing the purchase, purchase amount and communication with the merchant.

Johnson Financial Group Short Codes

86434

  • Online & Mobile Banking

    • Account activity or changes to MyJFG/AccessJFG account
    • Provide alerts and security notifications

86975

  • Debit Card

    • Notifications on debit card transactions

20736

  • Zelle®

    • Alerts on Zelle payments and requests for payments

41035

  • Credit Card Transaction Alerts

    • Notifications from Elan on credit card transactions

63759

  • Credit Card Account Updates

    • Updates from Elan on account activity or changes to your credit card account
    • Provides alerts and security notifications

226563

  • Text Banking

    • Text Banking number, where you can send short texts to get account information on demand. If enrolled in text banking, text LIST to this number to see your options.

Phishing is a type of online scam where criminals make fraudulent emails, phone calls and texts that appear to come from a legitimate financial institution. Every year, people lose hundreds, even thousands, of dollars to these scams. The communication is designed to trick you into entering confidential information (like account numbers, passwords, PINs or birthdays) into a fake website by clicking on a link, or to tell it to someone imitating your financial institution on the phone.

Be aware of these common scam attempts and what they entail:

Emails (Phishing): Scammers send emails that appear to be from legitimate sources, such as banks, social media platforms or well-known companies. These emails often contain links or attachments that, when clicked, can install malware on your device or lead you to fake websites designed to steal your personal information.

Phone Calls (Vishing): Scammers make phone calls pretending to be from trusted organizations, such as government agencies, banks or tech support services. They may try to trick you into providing sensitive information, such as Social Security numbers, bank account details or passwords.

Texts (Smishing): Similar to phishing, smishing involves receiving text messages that appear to be from legitimate sources. These messages often contain links that, when clicked, can lead to phishing sites or download malware onto your device.

QR Codes (Quishing): Scammers use QR codes to direct you to malicious websites or download harmful apps. These QR codes can be found in emails, text messages, or even posted in public places. Always be cautious when scanning QR codes and verify the source before proceeding.

Email or Text

If you suspect that an email or text you receive is a phishing attempt:

  • Take a deep breath. Modern mail apps, like Gmail, detect and block any code or malware from running when you open an email. The key is not to click links or download any attachments.
  • Do not download any attachments in the message. Attachments may contain malware such as viruses, worms or spyware.
  • Do not click links that appear in the message. Links in phishing messages direct you to fraudulent websites.
  • Do not reply to the sender. Ignore any requests from the sender and do not call any phone numbers provided in the message.
  • Report it. Help fight scammers by reporting them. Forward suspected phishing emails to the Anti-Phishing Working Group at reportphishing@apwg.org. If you receive a phishing text message, forward it to SPAM (7726). Then, report the phishing attack to the FTC at reportfraud.ftc.gov.

Call

If you receive a phone call that seems to be a phishing attempt:

  • Hang up or end the call. Be aware that area codes can be misleading. If your Caller ID displays a local area code, this does not guarantee that the caller is local.
  • Do not respond to the caller’s requests. Financial institutions and legitimate companies will never call you to request your personal information. Never give personal information to the incoming caller.
  • If you feel you’ve been the victim of a scam, and you did provide personal or financial information, contact your bank immediately at their publicly listed customer service number. Often, this is found on the back of your bank card. Be sure to include any relevant details, such as whether the suspicious caller attempted to impersonate your bank and whether you provided any personal or financial information to the suspicious caller.

1. Contact your bank, financial institutions and creditors

  • Explain that someone has stolen your identity.
  • Request to close or freeze any accounts that may have been tampered with or fraudulently established.
  • Make sure to change your online login credentials, passwords and PINs.

2. Secure your email and other communication accounts

  • Many people reuse passwords and your email or cell phone account may be compromised as well.
  • Immediately change your accounts’ passwords and implement multi-factor authentication — a setting that prevents cybercriminals from accessing your accounts, even if they know your password — if you haven’t already done so.

3. Check your credit reports and place a fraud alert on them

  • Get a free copy of your credit report from annualcreditreport.com or call 877.322.8228.
  • Review your credit report to make sure unauthorized accounts have not been opened in your name.
  • Report any fraudulent accounts to the appropriate financial institutions.
  • Place a fraud alert on your credit by contacting one of the three credit bureaus. That company must tell the other two.

– Experian: 888.397.3742 or experian.com

– TransUnion: 800.680.7289 or transunion.com

– Equifax: 800.685.1111 or equifax.com

4. Contact the Federal Trade Commission to report an ID theft incident: visit identitytheft.gov or call 877.438.4338.

5. File a report with your local law enforcement.

  • Get a copy of the report to submit to your creditors and others that may require proof of the crime.

Related Resources