Sign in
🔒

Investing Basics

How to spot and avoid bank scams & phishing

Keep your money safe. Learn the signs of phishing, fake bank texts, and investment scams—and what to do next.

Common red flags

🚩 Urgent "act now" language

  • • "Account suspended—verify immediately"
  • • "Limited time to avoid fees"
  • • "Click within 24 hours or lose access"
  • • "Suspicious activity detected—act now"

    • Real banks: Give you time and multiple ways to contact them

    🚩 Password/security requests

  • • "Confirm your password to continue"
  • • "Verify your PIN for security"
  • • "Send us your 2FA code"
  • • "Update your security questions"

    • Real banks: Never ask for passwords/PINs via email/text

    🚩 Suspicious domains & links

  • • chasebank.security-check.com
  • • wellsfargo-alerts.net
  • • bankofamerica-verify.org
  • • Shortened links (bit.ly, tinyurl)

    • Real banks: Use their official domain (chase.com, not chasebank.com)

    🚩 Attachments & downloads

  • • "Download this security update"
  • • "Open attached statement"
  • • "Install our new app from this link"
  • • .exe, .zip files from "banks"

    • Real banks: Don't send executable files or ask you to download security updates

    Common scam types

    Phishing Emails

    Example: "Dear Customer, We've detected unusual activity on your account. Click here to verify your identity within 24 hours or your account will be suspended."

    How to spot:

    • • Generic greeting ("Dear Customer")
    • • Urgent deadline
    • • Suspicious sender email
    • • Grammar/spelling errors

    SMS/Text Scams

    Example: "CHASE ALERT: Suspicious $500 charge blocked. Reply STOP to cancel or ALLOW to approve. Ref: CH4782"

    How to spot:

    • • Asks you to reply or click link
    • • From non-official number
    • • Creates false urgency
    • • Asks for account details

    Investment Scams

    Example: "Guaranteed 20% returns! Limited spots available. This AI trading bot never loses. Join 10,000+ successful investors!"

    How to spot:

    • • Guaranteed high returns
    • • "Limited time" pressure
    • • No mention of risks
    • • Celebrity endorsements

    Tech Support Scams

    Example: "This is Microsoft/Apple. Your computer is infected with malware that's accessing your bank accounts. Give us remote access to fix it."

    How to spot:

    • • Unsolicited calls about computer problems
    • • Asks for remote access
    • • Claims to be from big tech companies
    • • Wants payment in gift cards/crypto

    What to do if targeted

    Immediate Actions

    1. Do NOT click any links in suspicious messages
    2. Go directly to bank website/app by typing URL manually
    3. Call the number on your bank card (not the number in the message)
    4. Verify the message through official channels
    5. Forward phishing attempts to your bank's fraud team
    6. Delete the suspicious message after reporting

    Protection strategies

    Email Security

    • Enable 2FA on all financial accounts
    • Use strong, unique passwords for each account
    • Check sender domains carefully before clicking
    • Hover over links to see actual destination
    • Be skeptical of urgent requests

    Account Monitoring

    • Set up account alerts for all transactions
    • Check statements monthly for unauthorized charges
    • Monitor credit reports for new accounts
    • Use bank/brokerage apps for quick balance checks
    • Report suspicious activity immediately

    If you've been scammed

    Damage Control Steps

    1. Contact your bank immediately
      Report unauthorized transactions within 2 business days for full protection
    2. Change all passwords
      Bank accounts, investment accounts, email, any shared passwords
    3. Enable/update 2FA
      Use authenticator apps, not SMS when possible
    4. File reports
      Local police, FTC (US), Anti-Fraud Centre (Canada), IC3.gov
    5. Monitor all accounts
      Daily checks for 30+ days, credit monitoring service
    6. Document everything
      Screenshots, reference numbers, dates, contact info

    Investment-specific scams

    Watch Out For

    • Pump-and-dump schemes: "This penny stock will 10x next week!"
    • Ponzi schemes: Guaranteed high returns paid from new investor money
    • Fake brokerages: Professional-looking sites that steal your deposits
    • "Insider information": Claims of non-public info about stocks
    • Cryptocurrency scams: Fake exchanges, mining schemes, celebrity endorsements
    • Robo-advisor imposters: Fake versions of legitimate platforms

    Remember:

    If an investment opportunity seems too good to be true, it probably is. Stick to regulated brokerages and established investment products.

    Teaching family members

    Simple Rules for Everyone

    📞 "When in doubt, hang up and call back"

    Use the number on your card/statement, not the one they give you

    🚫 "Banks don't ask for passwords via email/text"

    Never provide sensitive information through these channels

    ⏰ "Urgency is a red flag"

    Legitimate banks give you time to respond to issues

    🔍 "Verify independently"

    Check claims through official websites or phone calls

    Frequently Asked Questions

    My bank texted me—is it real or fake?

    Treat as fake until verified. Call the number on your bank card to confirm any requests for action or information.

    I clicked a suspicious link—now what?

    Don't panic. Close the browser, run antivirus scan, change passwords on financial accounts, and contact your bank immediately.

    How can I tell if an investment opportunity is legitimate?

    Check if the company is registered with SEC (US) or provincial securities commission (Canada). Avoid guaranteed returns and high-pressure tactics.

    Should I use public Wi-Fi for banking?

    Avoid if possible. If necessary, use your phone's hotspot or a VPN. Never save passwords on public computers.

    Bottom Line

    Your bank will never ask for passwords, PINs, or 2FA codes via email or text. When in doubt, hang up and call the official number. Prevention is easier than recovery.