Bank & payment scams: spotting fake fraud alerts
What a real bank fraud alert looks like
Every major US bank uses essentially the same format for fraud alerts:
Sender: A 5-digit short code (e.g., 24273 for Chase, 93557 for Wells Fargo, 51682 for Bank of America). Not a 10-digit phone number.
Content: A specific transaction — merchant, amount, date — and a simple yes/no question.
Reply method: Reply YES, NO, or HELP. That's it.
What it never contains: A clickable link. A phone number to call. A request for your account number, PIN, password, or one-time code.
If a 'bank fraud alert' has a link or a callback number, it is, without exception, a phishing scam. Real banks do not operate this way.
The bank scam playbook
Modern bank scams follow a remarkably consistent script:
Stage 1: A fake fraud alert text or call — designed to trigger your phone call.
Stage 2: You call the number in the message. A scammer answers as 'Bank Fraud Team.'
Stage 3: 'I see suspicious activity. To protect your funds, we need to move your money to a secure account.' This is the entire scam.
Stage 4: They walk you through Zelle, wire, or remote-access fraud — sometimes for 30-60 minutes, while the victim believes they're being protected.
Stage 5: Money is gone. Bank refuses refund because 'you authorized the transaction.'
The key insight: real banks never tell customers to move money. The 'secure account' line is the scam's signature. Hearing it = hang up immediately.
The major bank impersonations
Chase. Largest US bank by customers — most-spoofed.
Wells Fargo. Frequent target, especially Zelle-themed.
Bank of America. Common, including credit card alert variants.
Capital One. Often paired with credit card monitoring scams.
Zelle scams. Cross-bank — works on any bank using Zelle.
Direct deposit BEC. Targets HR/payroll, not consumers directly — but employees should know the pattern.
The five rules that prevent bank fraud
1. Banks never ask you to move money to 'protect' it. Never. This line is universally fake. Hearing it = hang up.
2. Real fraud alerts use YES/NO reply. If your 'bank alert' has a link or callback number, it's fake.
3. Verify by calling the number on your card, not the message. The back of your debit/credit card has the real number.
4. Never share your password, full account number, PIN, or one-time code by phone or text. Even to 'verify' your identity to your bank. Real banks have other verification methods.
5. Never install remote-access software at someone's request. AnyDesk, TeamViewer, Quick Assist — these give full control. No legitimate bank ever asks customers to install these.
If you've been hit
Call your bank immediately. Use the number on your card. Speed matters — some wire/Zelle transfers can be recalled within hours.
Change passwords from a different device. If you gave remote access, your computer/phone may be compromised. Use a different device to change passwords.
Place a credit freeze. Free at Equifax, Experian, TransUnion. Stops new accounts being opened in your name.
File reports: reportfraud.ftc.gov, your state AG's consumer protection unit, ic3.gov if amounts are significant.
Document everything: Screenshots, call logs, transaction records. Banks make refund decisions based on documentation quality.
Don't pay 'recovery agents.' After a bank scam, you'll often get calls or DMs from 'fund recovery specialists.' These are second-stage scams. Real recovery happens through your bank and law enforcement — never through someone who cold-contacts you.
Don't memorize every scam. Just check it.
Double Check is a free app that gives you a plain-English verdict on any suspicious message in seconds. Includes automatic family alerts so loved ones stay in the loop.