Wells Fargo Impersonation Scams
Scammers impersonate Wells Fargo with spoofed fraud-department calls and fake login pages to steal money and credentials. The real Wells Fargo will never ask you to move money to a 'safe account' or share a one-time passcode.
Last reviewed: 1 June 2026
Wells Fargo's large retail customer base makes it a regular target for phone and text impersonation scams. A typical attack begins with a spoofed call or text claiming suspicious activity has been detected, urging the victim to 'confirm' a transaction or protect their funds immediately.
Other versions direct victims to convincing fake Wells Fargo login pages hosted on unofficial domains, designed purely to harvest online banking credentials. Once a scammer has your login details or has talked you into transferring funds, recovering the money can be extremely difficult.
Wells Fargo is the victim of this impersonation. The bank's own fraud team never asks you to move money anywhere — genuine account protection happens automatically on the bank's side, not through instructions given to you over the phone.
How scammers impersonate it
- Spoofing Wells Fargo's customer service number on caller ID
- Texting fake fraud alerts about an unrecognized transaction with a link to 'confirm' or 'dispute'
- Hosting fake Wells Fargo login pages on domains designed to look official
- Posing as Wells Fargo fraud investigators asking victims to move funds to a new account
- Calling and asking victims to read out a one-time passcode to 'verify their identity'
What the real organisation never does
- Ask you to transfer or move money to a different account to keep it safe
- Ask you to read out a one-time passcode or your online banking password
- Send a text with a login link instead of directing you to the official app
- Ask for your full card number, PIN, or Social Security number over the phone
- Pressure you to act within minutes or bypass calling the number on your card
Common red flags
- Urgent claim that fraud is happening on your account right now
- Any instruction to move or transfer money as part of 'protecting' it
- A link used to log in rather than the official Wells Fargo app
- Request for a one-time passcode, password, or PIN
- Caller becomes evasive or hostile if you say you want to call back on the official number
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
Email: 'Wells Fargo Security Alert: Unusual sign-in detected. Verify your identity immediately at connect-secure-wellsfargo-com.herokuapp[.]com.'
Call: 'This is Wells Fargo fraud prevention — to stop the unauthorized transfer, we need to move your funds to a protected holding account.'
How to verify
- Hang up and call the number on the back of your card or on wellsfargo.com
- Log in only through the official Wells Fargo app or by typing the address directly into your browser
- Never transfer money anywhere at the instruction of an unsolicited caller
- Check your account activity directly in the app rather than trusting a text, email, or call
What to do if you're targeted
- Do not click links, share codes, or move any money
- Contact Wells Fargo directly through the number on your card or statement
- Report the scam to the FTC at reportfraud.ftc.gov and to the bank's fraud department
Frequently asked questions
The login page looked identical to Wells Fargo's real site — how do I tell them apart?
Check the web address bar carefully. Fake pages are often hosted on unrelated domains, subdomains, or free hosting services rather than wellsfargo.com. The safest approach is to always type wellsfargo.com directly rather than following a link.
I already entered my online banking password on a suspicious page. What now?
Log in to the genuine Wells Fargo app or site immediately and change your password, then contact Wells Fargo to flag your account for review. Also watch for follow-up phishing attempts referencing the incident.