Scammers and Fake Banks

Scam alert in red rectangle and warning sign in a triangle, with a black background

Tips to help protect you and your money

Scammers are constantly trying to steal your money and your personal information, and they use a variety of ways to try to trick you. Scammers often pretend to be from an organization you might know and trust (such as an FDIC-insured bank) and try to get your personal information. FDIC can help you verify whether a website is a fake bank website or the legitimate website of an FDIC-insured bank.

There are a number of ways scammers try to reach you, too. The term “phishing” is when scammers try to reach you by email or on a website. Similarly, “smishing” is when criminals use text messaging to reach you. The word “vishing” is when these scammers call you and try to trick you into providing personal information by sounding like a legitimate business or government official. Learn how to identify these scams and better protect yourself and your money.

Am I dealing with a legitimate, FDIC-insured bank?

Criminals create fake bank websites to mislead and entice people into transferring money or disclosing personal information. This scam is a form of “phishing.” Some of these fake bank websites use the FDIC name or “Member FDIC” logo to instill a false sense of security. Sometimes it is hard to tell which websites are real, and which are fakes. Before engaging with any website for an entity that claims to be an FDIC-insured bank, it is important to make sure that the website real.

To help you determine if a website belongs to an FDIC-insured bank, check the FDIC BankFind, a data resource on the FDIC website. You can look up banks by name or website address to verify whether they are a real FDIC-insured bank. Compare the bank name with the web address or URL. Watch for letters out of place or the bank name as a sub web address of the fake name. If you are in doubt or identify a suspicious website related to FDIC insurance, please contact the FDIC National Center for Consumer and Depositor Assistance (NCDA) at 1-877-ASK-FDIC (1-877-275-3342) to speak with a deposit insurance specialist or go to ask.fdic.gov.

Malicious apps

Scammers also develop banking apps that may install malicious software or “malware” on your phone or tablet. If you download a malicious app to your device, the malware can steal personal information from it or lock it and hold it for ransom until you pay the scammers. Other types of malicious apps may ask you to login using your social media or email accounts, which could expose your personal information for the scammers to steal.

If you do download an app, be careful of apps or websites that ask for suspicious permissions, such as granting access to your contacts, text messages, stored passwords, or credit card information. Also, poor grammar or misspelled words in an app description or on a website are red flags that it may not be legitimate.

Text messages from scammers

Scammers may use text messaging to reach you too, known as “smishing.” They may pretend they are from your bank and try to get you to provide your personal information. The text message often looks like a bank security message. Note that these fraudulent messages often try to create a sense of urgency to make you provide your personal information faster and less carefully. Take your time and call your bank using a phone number that you are familiar with, for example, the number provided on your debit or credit card. Do not use a phone number provided by someone you are unfamiliar with or that you think may be a scammer. As an alternative, contact the FDIC before you provide any information when something does not seem right.

Email links

Just like text message scams, avoid clicking on links in unsolicited emails or emails from unfamiliar sources. Some links may download malware (malicious software, such as computer viruses) to your device when you click on them. This is another form of “phishing.” The malware may steal your banking information, including your username, passwords, and credit or debit card numbers. Some links may lead to an illegitimate website attempting to get you to enter your personal information. These emails typically look very similar to ones sent by familiar sources like well-known retailers, banks, and other entities.

Be on the lookout for emails with typos, obvious mistakes, unusual fonts, that create a sense of urgency, or just seem off. In addition, be skeptical of email attachments described as coupons, rebates, or payment forms – they could include malware. Moreover, avoid email offers that seem “too good to be true.” Also watch for fee-related scams. This type of scam is where the scammer requests you to send money or pay “FDIC insurance fees” to receive a large amount of money in return. As a reminder, the FDIC does not charge or collect fees from consumers.

No matter how the scammers try to reach you, following the tips highlighted in this article will help keep you and your money safe.

Additional resources:

Cybersecurity & Infrastructure Security Agency: 4 Things You Can Do To Keep Yourself Cyber Safe

Consumer Financial Protection Bureau: Frauds & Scams

For more consumer resources, visit FDIC.gov, or go to the FDIC Knowledge Center. You can also call the FDIC toll-free at 1-877-ASK-FDIC (1-877-275-3342). Please send your story ideas or comments to ConsumerNews@fdic.gov. You can subscribe to this and other free FDIC publications to keep informed!