Small Business Online Security

BB&T places the highest priority on protecting your confidential information and systems. We safeguard your BB&T Small Business Online® account in partnership with you, using security tools and best practices to help prevent fraud.

Need help?

Immediately notify BB&T at 800-BANK-BBT (800-226-5228) if you suspect your company has been a victim of fraud or attempted fraud.

We'll help you assess the situation and take appropriate action, which may include placing holds and flags on your accounts to help detect future fraud attempts.

As we work together, remember that BB&T will never ask for your password over the phone or by email or text message.

How BB&T helps protect you

BB&T protects your business accounts from fraud in the following ways:

  • 128-bit SSL encryption
  • Multiple firewalls to shield the network
  • Logon security measures, with automatic logoff due to inactivity
  • Restricted access based on the individual user
  • Additional authentication for high-risk activities, such as ACH payments and wire transfers

We take a multilayered approach to help protect your information and assets.

  • With BB&T Small Business Online, you can monitor and manage your accounts 24 hours a day, 7 days a week.
  • As the business owner, you may customize access for up to 25 users.
  • Automatic alerts notify you of security-related account activities.
  • Additional authorization is required for ACH & wire transfers.

Our approach to monitoring fraud on your accounts includes:

  • Activity monitoring – Our fraud teams actively monitor logon and transaction activity.
  • Industry partnerships – We share forensic data with anti-phishing and anti-malware vendors.
  • Law enforcement – We investigate fraud in coordination with legal authorities.

How you can help protect yourself

As a user of BB&T products and services, you have a duty to safeguard access to your accounts, account information, signature stamps, security codes, passwords or other confidential identification numbers and information.

We recommend that businesses of all sizes establish an online fraud awareness program and conduct regular risk assessments.

Help safeguard your accounts by following these best practices:

  • Use standalone computers for your online banking needs – To initiate funds transfers and payments, use standalone computers or mobile devices not enabled for social networking functions, email or web browsing.
  • Make use of entitlements and payment limits – Implement user entitlements based on your business needs. Maximum payment amount limits should be determined and set by BB&T. Your user entitlements and payment limits should be routinely reviewed.
  • Review your accounts on a daily basis – Daily reviews provide peace of mind and can identify irregularities before they become serious problems.
  • Use alerts or event notifications – These services proactively send email notifications when specific events occur, such as when ACH & wire transfers are initiated on your account or when changes are made to user entitlements.
  • Exercise sound password management – Prohibit the sharing of passwords. Use a different password for each website, and regularly change passwords. Never store passwords on your computer.
  • Identify gaps in your internal security controls – Address any known gaps immediately.

Understanding fraud

Fraud can take many forms—both online and off. Because new scams appear with increasing frequency, we advise our clients to not only be aware of the most common forms of fraud, but also to stay current with newer scenarios as they come to light.

Check fraud

  • Look for alterations to legitimate checks, including forged signatures and amounts.
  • Beware of checks from fictitious organizations, or counterfeit checks, which can include an exact replica of your logo.

Card, ACH and wire transfer fraud

  • Stay on the lookout ACH charges that include checks that have already been returned for fraud.
  • Watch out for fraudulent electronic debits.
  • Beware of fraudulent requests to initiate ACH payments for charges received via Internet or telephone.
  • Keep watch over electronic credits or outbound wire transfers sent in payment for fraudulent purposes.
  • Beware of credit purchases from "Card Not Present" merchants or from merchants not validating the CVV2 number on the card.
  • Be vigilant toward stored value cards and their card numbers. Both can be stolen and used to make purchases.

Online fraud

  • Online schemes often attempt to obtain confidential information, including password, identification information and token-code information.
  • Malicious software can be installed on your computer without your consent. Once installed, it can record keystrokes, redirect your browser or display a fraudulent website.

Your liability

BB&T has no liability for any loss, claim or damage sustained as a result of the use of your organization's PIN, password or security code, whether this transaction was authorized or not.

Cyber theft occurring with the use of valid credentials is not covered by BB&T. We recommend that you discuss cyber theft with your insurance provider.

Please take the time to review our Commercial Banking Services Agreement (PDF). It includes the following items related to the use of your organization's security code:

  • You agree to indemnify and hold harmless BB&T for any such transaction alleged to be unauthorized.
  • You agree to keep any account information, security code, password or other confidential identification number used to access your deposit or credit account(s) secure and strictly confidential, and to not permit disclosure of such information to any unauthorized person.
  • You agree to immediately notify BB&T if this information has become known to, or been used by, an unauthorized person.
  • You acknowledge that BB&T has no method to determine whether a transaction conducted with use of a valid account name, account number and security code was proper and therefore authorize BB&T to complete any transaction involving your deposit or credit account(s) made with the use of such information.
  • You agree to be responsible for any transaction initiated with the use of a valid account name, account number and security code or credentials.

Interested in BB&T Small Business Online?

Related topics

Fraudulent Emails  (Article)

Stay on guard for fake emails and websites designed to steal your financial information.

Online Security Measures  (Article)

BB&T uses Internet security technology to protect our clients' personal information when it's transmitted online.

Phishing  (Article)

Protect yourself from scams that could trick you into providing confidential information, and learn what to do if you do get "phished."

Protecting Your Internet Activities and Electronic Data  (Article)

With more financial activity occurring online than ever before, it's essential to know how to reduce the risks to your data.

Branch Banking and Trust Company, Member FDIC.

New York City residents: Translation or other language access services may be available. When calling our office regarding collection activity, if you speak a language other than English and need verbal translation services, be sure to inform the representative. A description and translation of commonly-used debt collection terms is available in multiple languages at

Branch Banking and Trust Company is now Truist Bank. Learn more.

BB&T and SunTrust have merged to become Truist. Both institutions will continue to offer independent product lines for a period of time. This may include differing underwriting guidelines, product features, terms, fees and pricing. Our friendly teammates at your local SunTrust branches will be happy to walk you through their respective products. You can also learn more by contacting them at 800-SUNTRUST or

BB&T Complete Client Protection

about Truist Bank