Deepfake Voice Calls Impersonating Revolut Security Teams
AI-generated voice calls impersonate Revolut fraud-prevention agents, claiming suspicious transactions are in progress and pressuring victims into confirming a one-time code or approving a 'reversal transfer' — actions that in reality hand over account access or authorise a fraudulent payment.
Part of: Deepfake Voice Scams
Last reviewed: 8 June 2026
Revolut's in-app fraud monitoring does send genuine alerts when unusual transactions are detected, and Revolut does have an outbound calling programme in some regions. Criminals exploit both facts by deploying AI-generated voices that mimic the tone, phrasing, and sense of urgency of a real fraud-prevention call — creating calls that are difficult to distinguish from the genuine article.
The attacker calls claiming to be from Revolut's 'Security Operations Centre,' referencing a real transaction visible in the victim's account — obtained from a prior data breach or from a phishing landing page the victim visited — to establish credibility. The AI voice is smooth, calm, and professional, which itself can be disarming.
The call's goal is to obtain either the current in-app verification code (allowing an attacker who already has the password to complete a login) or to instruct the victim to 'approve the reversal' of the suspicious transaction by confirming a push-payment within the Revolut app — which actually authorises a new payment to an attacker-controlled account.
How this scam works on the Revolut brand
Real Revolut outbound fraud calls — where they occur — will never ask you to share the in-app PIN, a one-time passcode you just received, or the passcode visible in your Revolut security settings. Real Revolut agents can verify your identity without asking you to read security codes back to them.
The deepfake call scenario: you receive a call from a number that appears similar to Revolut's official number. An AI-generated voice explains that an unusual payment of a specific amount to a specific country has been flagged. The voice asks you to confirm your identity by reading the code that Revolut has just sent to your phone. Giving this code allows the attacker — who is simultaneously attempting to log in to your account — to pass 2FA authentication.
An alternative variant claims the suspicious payment must be 'reversed' immediately by the victim authorising a compensating payment from within the app. The victim authorises what they believe is a reversal but is actually a new outbound payment to a fraudster account.
Common red flags
- An inbound call claiming to be from Revolut's fraud team asks you to read back a code you just received by SMS or in-app
- The caller asks you to initiate or approve an in-app payment to 'reverse' a suspicious transaction
- The call audio sounds unusually polished or pauses in unnatural places — possible AI voice generation
- The caller cannot confirm your identity through information you would expect a genuine Revolut agent to have, or asks you to confirm things instead
- The Revolut app shows no suspicious-transaction alert or account limitation when you check it directly
- The caller's number looks similar to but not exactly the same as Revolut's published contact numbers
How to protect yourself
- Never share an in-app code, SMS code, or PIN with any inbound caller claiming to be Revolut
- If you receive a suspicious call, end it and call Revolut back through the number in the official Revolut app
- Genuine fraud alerts from Revolut appear in the app — check the app directly if a caller mentions a suspicious transaction
- Enable Revolut's biometric or PIN lock so payments cannot be silently authorised by an attacker with only your password
- Do not approve any in-app payment 'to reverse' a suspicious transaction — contact Revolut support in the app first
- Report the calling number to Revolut and to your national telecoms fraud body
How to report it
- Report the fraudulent call to Revolut via in-app support (Profile > Help > Chat with us)
- Report to Action Fraud at actionfraud.police.uk (UK) or IC3.gov (US)
- Forward smishing messages related to the call to 7726 (SPAM)
- Report the spoofed number to your mobile carrier's fraud team
- File a report with the FTC at reportfraud.ftc.gov
Frequently asked questions
How can I tell if a call is from the real Revolut and not a deepfake?
The safest approach is to hang up and call Revolut back using the number shown in the official Revolut app under Profile > Help. A genuine Revolut agent will never be offended by this — and you eliminate the risk of a spoofed call entirely.
Does Revolut's genuine fraud-prevention team call outbound?
Revolut does have outbound calling in some regions for fraud prevention. However, genuine Revolut agents will never ask you to share a code that was sent to your device or to initiate a payment to reverse a suspected fraud. These are the specific red flags that identify an attacker.
What is 'authorised push payment fraud' and how does it relate to this scam?
Authorised push payment (APP) fraud occurs when a victim is manipulated into authorising a payment themselves — as in the 'approve the reversal' variant. Banks and payment apps in the UK are increasingly required to reimburse victims of APP fraud under the Payment Systems Regulator's rules, so reporting promptly is important.