Bank Account Phishing Alert

Critical SeverityStableBank Impersonation PhishingVerified 2026-02-28

Fake urgent alerts appearing to come from your bank about suspicious activity, locked accounts, or failed transactions. Bank impersonation is the #1 most common text scam type, accounting for 10% of all smishing messages according to the FTC.

Annual Losses

$1.8B+ across financial impersonation (FTC/FBI)

Avg Loss / Victim

$2,000-$15,000

Primary Vector

SMS, email, phone call

Peak Season

Year-round

How It Works

You receive a text, email, or call that appears to come from your bank (Chase, Bank of America, Wells Fargo, etc.) claiming suspicious activity on your account. The message creates urgency — your account is locked, a large transaction was attempted, or your card has been compromised. The link leads to a convincing replica of your bank's login page that steals your username, password, and often your 2FA codes.

1Scammer sends a message spoofing your bank's name or short code
2Message claims urgent issue: suspicious transaction, locked account, or security verification needed
3Link leads to a near-perfect clone of the bank's login page
4Victim enters username, password, and sometimes 2FA code
5Scammer immediately logs into the real bank account with stolen credentials
6Funds are transferred out, often to cryptocurrency or prepaid card accounts, within minutes

Example Scam Messages

Hover or tap the highlighted text to see why each element is a red flag.

EXAMPLE 1

Chase Alert: We detected unusual activity on your account ending in 4821Red flag: Random last 4 digits to seem specific — scammers don't actually know your card number. If this wasn't you, verify now: chase-secure-alert.comRed flag: Not a Chase domain. The real site is chase.com. Anything else is fake./verify

“ending in 4821” — Random last 4 digits to seem specific — scammers don't actually know your card number

“chase-secure-alert.com” — Not a Chase domain. The real site is chase.com. Anything else is fake.

Red Flags Checklist

Text includes a link to log into your bank

Banks may text you about suspicious activity but will NEVER include a login link. They'll tell you to call the number on the back of your card.

Demands immediate action to avoid account closure

Banks don't close accounts without extensive written notice and regulatory processes

Generic greeting (Dear Customer, Dear Account Holder)

Your real bank knows your name and uses it in legitimate communications

Link goes to any domain other than the bank's official website

Chase uses chase.com. BofA uses bankofamerica.com. Anything else — even similar-looking domains — is fraudulent

Asks for your full card number, PIN, or password via text

Banks never ask for your full credentials by text or email. Ever.

What Real Communication Looks Like

Real banks text or call about suspicious transactions but direct you to call the number on the back of your card or log in through the official app. They never include clickable login links in texts. Legitimate fraud alerts typically ask you to confirm or deny a specific transaction (yes/no reply) and give you a direct line to the fraud department.

What To Do

If you just received this message:

Do not click any links in the message

Call your bank using the number on the back of your debit/credit card (never use a number from the message)

Log into your bank account through the official app or by typing the URL directly into your browser

Report the phishing attempt to your bank's fraud department

If you already clicked or gave information:

Call your bank's fraud department immediately using the number on your card or statement

Change your online banking password from a different device

Enable or update 2-factor authentication on your bank account

Monitor all accounts for unauthorized transactions

Consider placing a credit freeze with all three bureaus

Where to report:

Your bank's fraud department (number on back of card)

FTC: reportfraud.ftc.gov

FBI IC3: ic3.gov

Forward phishing emails to reportphishing@apwg.org

Frequently Asked Questions

My bank really did text me once about a suspicious charge. How do I tell the difference?

Real bank fraud alerts are simple: they describe a specific transaction and ask you to reply YES or NO, or call the number on your card. They NEVER include links to log in, ask for your full card number, or demand immediate action via a website.

Sources

FTC 2024 Consumer Sentinel Data (10% of smishing = bank impersonation)
FBI IC3 2024 Report
APWG Q3 2025 Phishing Trends (Financial sector #3 most targeted)

Got a suspicious message?

Paste it in and get an instant analysis — free, private, no account needed.

Analyze a Message