Bank Account Alert Scam Texts: Chase, Wells Fargo, and Bank of America

TLDR

Fake bank alert texts claim suspicious activity on your account and direct you to phishing sites that steal your login credentials and financial information. Bank impersonation falls under the FTC's impersonation category with 154,716 total complaints from 64,692 numbers. The phishing sites use domains on .site (181 malicious) and .online (182 malicious) TLDs that are disproportionately favored for financial fraud.

What the Scam Texts Look Like

Chase

"Chase Alert: Unusual login detected on your account. If this was not you, verify here: [link]"

Wells Fargo

"Wells Fargo: A $2,847.00 transfer has been initiated from your account. If unauthorized, click here to cancel: [link]"

Bank of America

"BofA Security: Your debit card has been temporarily locked due to suspicious activity. Unlock here: [link]"

Generic

"Your bank account has been restricted. Verify your identity to restore access: [link]"

Why These Scams Are Effective

1. Real Banks Send Similar Alerts

Banks actually do send fraud alert texts. This is what makes the scam so effective because people are conditioned to respond to banking alerts quickly. The difference is in the details.

2. Fear of Financial Loss

The mention of unauthorized transactions triggers immediate anxiety. People click before thinking.

3. Professional Phishing Pages

ScamVerify™ URLhaus data shows the domains used for financial phishing:

While .com dominates overall, the .site and .online TLDs are heavily used for financial phishing because they allow cheap bulk domain registration for names like chase-secure-login.online or wellsfargo-verify.site.

Real vs Fake Bank Texts

The biggest tell: Real bank fraud alerts typically ask you to reply Y/N to confirm or deny a transaction. They direct you to call the number on the back of your card. They do not include links to log into your account.

What to Do When You Receive a Suspicious Bank Text

1. Do NOT click any links
2. Do NOT reply to the text
3. Open your banking app directly (not through the text) and check for alerts
4. Call the number on the back of your card if you are concerned
5. Forward the text to 7726 (SPAM)
6. Report to the FTC at ReportFraud.ftc.gov
7. Check the URL on ScamVerify

What to Do If You Entered Your Banking Credentials

Within the first 15 minutes:

1. Log in to your real banking app or website directly and change your password
2. Enable two-factor authentication if not already set
3. Check for unauthorized transactions
4. Call your bank's fraud department (number on back of card)

Within the first hour:

5. Review and revoke any new authorized devices or sessions
6. Set up transaction alerts for any amount
7. Change passwords on any other account using the same credentials

Within 24 hours:

8. Monitor account activity closely
9. File an FTC report
10. Consider a credit freeze if you also entered your SSN or personal details

FAQ

How do scammers know which bank I use?

They usually do not. These texts are sent in bulk to millions of numbers. Since Chase, Wells Fargo, and Bank of America collectively serve over 100 million customers, a random text has a reasonable chance of reaching an actual customer. Some scammers also use data from breaches that include banking relationships.

Can my bank reimburse me if I was scammed?

Banks are required to cover unauthorized transactions on your account. However, if you voluntarily provided your credentials to a phishing site, the bank may consider it authorized access. Report immediately and dispute any transactions. Many banks still provide goodwill reimbursement, especially for first-time incidents.

Why do these texts come from regular phone numbers instead of my bank's number?

Scammers use disposable VoIP numbers or spoofed numbers. Your real bank sends texts from verified short codes (5-6 digit numbers) registered with carriers. A 10-digit phone number sending "bank alerts" is almost always a scam.