Customers file class-action lawsuit against Bank of America involving Zelle scams

CHARLOTTE — More people are now suing Bank of America, claiming it did not do enough to protect customers against Zelle scams.

A class-action lawsuit was filed in federal court in Charlotte. According to the lawsuit, one of the plaintiffs is a South Carolina woman who is over 70 years old. A caller “identifying themselves as a Bank of America employee” tricked her out of $2,000 using the Zelle payment app.

Eventually, if the judge agrees to make the case a class-action suit, it could open the case to people all over the country, including here in the Carolinas.

The lawsuit claims the Zelle app is “neither safe nor secure.”

“Right now, it’s a haven for fraudsters and they are really taking advantage of Bank of America’s customers along with other banks,” a lawyer for the plaintiffs, Andrew Brown, told Action 9′s Jason Stoogenke.

Brown said out of the seven banks that own Zelle, Bank of America tends to turn a blind eye more than some of the others when it comes to scams involving the app. “Some do a much better job than Bank of America does,” said Brown.

As Stoogenke has reported multiple times over the past year, there’s a federal law called Regulation E. The way the Consumer Financial Protection Bureau sees it, if you fall victim to a scam or fraud, banks are supposed to reimburse you whether you authorized the transaction or not. But some banks don’t interpret the law that way and don’t reimburse customers.

“They look for any reason they can to deny a request to get reimbursed from an unauthorized transaction,” said Brown. “The banks are either following the law or they’re not, and it’s not that gray.”

Stoogenke points out that the lawsuit is against Bank of America, not Zelle. He emailed Bank of America late Monday. The bank did not respond in time for this report. It also did not respond about a similar lawsuit filed in July at the time.

People who work in the banking industry told Stoogenke this is how the scam works:

- Scammers get your account information (maybe from a data breach or you clicked on a link you shouldn’t have). But they still need a two-factor authentication code to access your account.

- That’s when the acting starts. They pose as your bank, then text you, saying your account may have been compromised, and follow up with a phone call.

- Then they or you — it’s not clear who — tries to log in to your account.

- That triggers the two-factor authentication.

- You get the code.

- They ask you for that number as part of the “remedy.”

- If you give it to them, they now have everything they need to get into your account and help themselves to your money.

Advice from Action 9:

- Don’t fall for the text.

- Don’t fall for the phone call.

- Scammers can spoof your bank’s phone number, so don’t trust your Caller ID.

- Do not give them the six-digit code.

VIDEO: Eight people fall for Zelle scam in less than 2 weeks