AI Scam SensePart of AI Sure Tech

Fake bank alert asks for login

The Bank Alert That Wanted a Login

A text message warns about a suspicious bank transaction and sends the customer to a fake login page that asks for credentials and a one-time code.

Try this in Before You ActBack to scenarios

Scenario story

The alert

Daniel is making dinner when a text appears on his phone: a large purchase has been flagged on his bank account. The message says to tap a link if he did not authorize the charge. The timing feels alarming because Daniel recently used his card at a new store.

The convincing page

The link opens a page that looks similar to his bank's sign-in screen. The colors, logo style, and layout seem familiar. After Daniel enters his username and password, the page says a security code has been sent to his phone. A second message arrives with a one-time code. The page asks him to enter it to block the transaction.

The pressure

Daniel almost types the code, but notices the website address has extra words before the bank name. He also remembers that real security codes usually say not to share them. Instead of continuing, he closes the page and opens the bank app directly. There is no alert in the app.

The recovery step

Because he already entered his password, Daniel changes it through the official bank app, reviews recent activity, and calls the bank using the number on the back of his card. He also reports the fake text.

Warning signs

  • An unexpected text asks the user to tap a link to fix a bank problem.
  • The login page address does not clearly match the bank's official domain.
  • The page asks for a one-time code after the user signs in.
  • The message uses fear of fraud to rush action.
  • The alert is not visible inside the official banking app.

Questions to ask

  • Did I open the bank through the official app or by clicking a message link?
  • Does the web address exactly match the bank's real domain?
  • Why is this page asking me for a one-time code?
  • Can I verify the alert through the bank app or phone number on my card?
  • Did the message arrive unexpectedly?

Safer next steps

  • Do not click bank links in unexpected texts or emails.
  • Open the bank app or type the bank website directly.
  • Never share or enter a one-time code into a page opened from a suspicious link.
  • Change the password immediately if credentials were entered on a suspicious page.
  • Call the bank using a trusted number and report the message.

What not to do

  • Do not trust a message just because it includes the bank's name.
  • Do not enter login details after following an urgent text link.
  • Do not give one-time codes to a caller, text sender, or suspicious page.
  • Do not call phone numbers included in the suspicious message.
  • Do not wait to act if credentials were already entered.