Recent Phishing Activity Targets Key Clients with Look-alike Email Messages

January 2015 - Be aware of a new round of phishing emails that claim to be from Key asking for account information in a variety of sneaky ways.

What to Know:

  • Reports indicate some individuals have received fraudulent emails from parties claiming to be Key and asking for Online Banking account and/or personal information.
  • These emails are not from Key and should not be trusted.
  • A variety of topics being used to trick clients include: unauthorized log-in detected, update required due to recent profile change, irregular account activity, problems sending your statement via email, KeyBank account locked out, verify identity to avoid service suspension.
  • KeyBank will not contact you via email, phone, or text message to ask for your account information or log on credentials.
  • Phishing emails usually have links (or attachments) that direct users to Web sites that host malicious code to infect your computer with the intent to access the account online and obtain funds fraudulently.

What to Do:

  • Look for signs that it may be a phish -- urgent tone, asked to take immediate action to click a link or attachment, or a lack of personalization in the message. Review signs of a phish.
  • Do NOT click any Web links or open any attachments in suspicious emails.
  • If it appears to come from Key, forward the message to, then delete the message from your email inbox.
  • For clients or businesses, if you clicked on the link or opened the attachment, immediately contact Online Banking Support at 1-800-539-1539.
  • If you are not a KeyBank client and have inadvertently clicked on a link in a phishing email or given your account or personal information over the phone, contact your bank immediately.