Skip to main content

Individual Cyber Security

Bank Scams and Phishing – How to Protect Yourself

Banks Never Ask That

5 Minute Read

What is a bank scam or phishing attempt?

A bank scam is any unauthorized attempt to access your bank account.  Typically, with a bank scam, there will be a story involved and you will freely provide your information under false pretenses.   A phishing attempt is a bit different.  This is when someone attempts to trick you into disclosing your personal information, so it can be used to access your bank account and/or setup credit cards or other lines of credit in your name.

Both banking scams and information phishing can have significant consequences, but fortunately, there are a few simple steps you can take to increase your personal cyber security, protect yourself from phishing and ultimately, keep your private information safe. 


How do scammers contact you?

Before we get into prevention, let’s talk about how this even happens in the first place.  You may be wondering, how would a scammer even contact me?  Well, those wishing to steal your personal information will try anything, just to see what works, so you could be contacted in any of the following ways:

  • Phone – You could receive a phone call from someone claiming to work at the bank.  The number may be spoofed or masked, meaning you may or may not recognize the number.
  • Email – Sometimes you will receive a scam or phishing email.  Often these emails will look very similar to ones you receive from your bank, with similar graphics and even similar email addresses.
  • Text – You may receive a text message, often with a request to respond urgently, indicating that there is an issue or problem with your account.
  • Mail – Information can still be stolen the old-fashioned way, via regular mail.  You could receive fraudulent checks and/or solicitations in the mail.


What are some examples of bank scams?

This may seem overwhelming. What are you supposed to do if bank scams and phishing attempts can come from anywhere?  Are the scams always the same?  The answer is yes and no.  No, the specifics can change and are often based on current events, but their goals are always the same – to get you to give up your personal information and to steal your money.  A few examples of bank scams and phishing attempts include:

  • COVID-19 related scams, including those related to vaccine information, problems with stimulus checks and unemployment benefits.
  • Vague or unknown problems with your account, or a recent payment or deposit.
  • Emails or texts indicating that your account has been locked, your password has expired, or your account needs to be verified, with a helpful  link you can click to resolve the problem.
  • Exciting news about a promotion you won, or a gift you are going to receive that requires you provide your bank account information to sign up for an initial trial.
  • Receiving an unsolicited check in the mail that, if cashed, signs you up for a loan and/or service you were unaware of.
  • Any request for you to send money to someone else (especially someone you don’t know).


How can you identify a bank scam?

So what can you do to protect yourself and your personal information? The following are some common ways to identify a bank scam or phishing attempt:

  • Misspellings – Look for misspelled words, poor grammar, lack of proper punctuation or odd phrasing.  You can even look for non-standard American spelling of certain words (for example, colour instead of color).
  • Threats or Sense of Urgency – If you are being given an urgent deadline, a threat to respond immediately, or pressure to provide information right now (versus calling back later), that is a red flag.
  • Unusual Phone Numbers, Links or Email Addresses – Look carefully, especially at links and email addresses.  Links may be hidden behind text (for example, ‘click here to unlock your account’), but if you hover over the link, you will see that you are not being sent to your bank’s website.  Email addresses can be similar, with scammers using slight variations of the email address your bank uses.


Participating in the American Bankers Association’s #BanksNeverAskThat campaign, we have the following tips to help keep your information safe and secure.  If you receive a call, text or email asking for any of the following, immediately hang up or stop responding because banks never ask that:

  • Your account number
  • Your username or password
  • Your full social security number
  • Your personal banking PIN

Although you may be asked to verify confidential information if you initiate a call to your bank, your bank will rarely contact you requesting that information.


What should you do if you suspect something is wrong?

If you are uncomfortable or are being asked for any of the information that you now know banks will never ask for, you can:

  • Hang up, or ignore the text, and call the number on the back of your card.
  • Go directly to your Online Banking ‘Sign On’.  Do not click on any links in an email and/or text message.
  • Do not respond to requests for information via the mail, or cash unexpected checks.  Call the number on the back of your card, first, to verify.
  • If you suspect fraudulent activity associated with your account, please contact us right away.

Scammers have no shortage of stories, but with these tips, you are better prepared with phishing protection techniques, additional ways to identify bank scams, and knowledge about how to protect your personal information.  If you are ever in doubt, call the number on the back of your card, or bookmark this article to confirm “banks never ask that”!