Report Suspicious Activity

Online scammers are known to occasionally engage in unauthorized use of a company’s name, branding, and other public information. MUFG takes these types of scams very seriously and we remain vigilant every day to protect our clients and employees. As such, MUFG is working to increase awareness of these scams and the associated risks.

If you encounter one of these scams, where you believe someone is impersonating an MUFG employee, or one of its brands, we encourage you to report the matter to our Report Cyber Mailbox at reportcyber@us.mufg.jp.

Additionally, if you believe you or someone you know may be a victim of an online scam, it is recommended that you submit a report to the FBI Internet Crime Complaint Center (IC3) at: www.ic3.gov.

Notice: Please be informed of the recent increase involving vishing (voice phishing) and smishing (SMS phishing) fraud scams across Financial Intuitions targeting bank clients. In these cases, the threat actor(s) impersonates a bank employee, specifically from the Fraud Department. Ultimately, the goal is to acquire a client's online banking credentials and initiate fraudulent payments (wires and/or ACH).

The process goes as follows:

• Threat actor spoofs the bank phone number and calls the client, claiming to be with the fraud department 
• Threat actor questions "suspicious money transfers" 
• Threat actor states that protections need to be put into place which ultimately leads to the client providing their credentials, MFA and at times, involves a text with a fake portal to capture the credentials. 
• Threat actor gains access to initiate malicious payments

Reminder that MUFG Bank will not call and ask for credentials, passwords, login information, token codes, etc. If you receive a suspicious call as the one described above, hang up, call the bank and confirm legitimacy of the phone call.