Fake Bank Fraud Department Call Scam
A caller claiming to be from your bank's fraud department says your account has been compromised and you must take urgent action — usually moving money to a 'safe account' or providing security credentials. Both requests are fraudulent.
Last reviewed: 11 June 2026
What this scam is
The fake bank fraud department scam is one of the most financially damaging impersonation frauds. It exploits the public's familiarity with legitimate bank security calls to steal money and credentials simultaneously.
Banks genuinely do call customers about suspicious transactions, making this scenario feel completely plausible. Scammers can spoof the bank's real phone number so that it appears correctly on caller ID, and they may already have partial account information bought from data brokers, adding further credibility.
The defining trick is the 'safe account' instruction. No real bank will ever ask you to transfer your own money to a new account they have set up for you. This is the single most reliable red flag for this scam.
How it works
The scammer calls using a spoofed number matching the bank's helpline. They open by citing a specific suspicious transaction — sometimes a real one they gleaned from a data breach, sometimes invented — and create alarm. They say the account is at risk and the victim must act immediately to protect their funds.
They then collect verification information: date of birth, account number, a one-time passcode sent by the real bank's systems (which the scammer triggered by attempting a login). With these credentials, they either log in themselves or instruct the victim to authorise transfers.
The transfer destination is described as a 'safe account,' a 'temporary holding account,' or a new account 'in the customer's own name.' In reality it is controlled by the fraudster. After the transfer, the caller assures the victim they will receive follow-up information — which never arrives.
Why this scam works
Fear of losing money triggers immediate compliance. The caller appears to be helping the victim, not stealing from them, which bypasses typical fraud defences. Real bank fraud calls do happen, so the scenario is entirely believable.
Caller ID spoofing removes the one visible check most people rely on. Once the victim is convinced the call is genuine, any request — however unusual — is interpreted as a legitimate protective measure rather than a warning sign.
A typical pattern
The victim receives a call, sometimes with caller ID showing the bank's real number. The caller says suspicious activity has been detected on the victim's account and that funds are at risk. They ask the victim to verify their identity using account details, a one-time passcode received by text, or both. They then instruct the victim to transfer funds to a 'secure holding account' while the fraud is investigated. The victim follows the instructions, believing they are protecting their money. In reality the 'holding account' belongs to the scammer, and the victim's own security credentials have been used to authorise the transfer.
Common red flags
- Caller asks you to move money to a 'safe' or 'holding' account
- Caller asks you to read out a one-time passcode that just arrived by text
- Urgency preventing you from hanging up and calling back
- Request not to tell family members about the situation
- Caller ID shows your bank's number but the request feels wrong
- Request to install remote access software on your device
- Request to withdraw cash and hand it to a courier
- Claim that your bank's own staff may be compromised and you must not contact the branch
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
'Good afternoon, this is the fraud prevention team at [bank name]. We have detected an unusual transaction of [amount] on your account made this morning. Can you confirm whether you authorised this?'
'For your security, we need to move your funds to a protected account while our investigation takes place. I will guide you through the transfer now.'
'A one-time verification code has just been sent to your registered number. Can you read that out to me so we can secure your account immediately?'
Common variations
- Two-officer variant: a second caller posing as a police financial crimes officer joins to add authority
- Remote access variant: victim is asked to install software so the 'fraud team' can investigate — this gives the scammer full device access
- Courier variant: victim is asked to withdraw cash and hand it to a courier 'for safekeeping'
- Account takeover variant: scammer uses collected credentials to log in and drain the account without further contact
- Cryptocurrency ATM variant: victim is directed to withdraw cash and deposit it at a cryptocurrency ATM
How to verify before you act
Hang up the call and wait at least 10 minutes (or use a different phone) before calling back, because scammers can hold an open line on landlines to intercept a follow-up call to the same number. Call your bank on the number printed on the back of your debit or credit card, or on the bank's official website.
No legitimate bank will ever ask you to transfer money to a different account to keep it safe. No legitimate bank will ask for a one-time passcode that arrived by text — that code is intended for you alone. If either of these is requested, end the call.
Payment methods used
- Bank wire transfer
- Cash via courier
- Cryptocurrency ATM
- Faster Payments (UK)
Who is usually targeted
- Adults of all ages
- People who have recently experienced a genuine fraud alert from their bank
- Older adults who are less familiar with spoofed caller ID
- High-balance account holders targeted through data breaches
What to do immediately
- Hang up the call without providing any information
- Wait 10 minutes or use a different phone, then call your bank on the number from their official website or the back of your card
- If you have already shared credentials, call your bank's fraud line immediately to freeze your account
- If you have already transferred money, ask for an emergency recall
- Change your online banking password and PIN from a secure device
- Report the incident to your national fraud authority
How to prevent it
- Remember: no real bank will ever ask you to move money to a 'safe account'
- Never share a one-time passcode with anyone, including someone claiming to be your bank
- Hang up and call the number on the back of your card or on the bank's official website to verify
- Use a different phone or wait at least 10 minutes before calling back to avoid an open-line interception
- Do not install remote-access software at a caller's request
- Do not withdraw or transfer cash for any caller, however authoritative they sound
- Register for your bank's anti-fraud protections and notification services
Evidence to preserve
- The phone number that called you (screenshot of call log)
- Any text messages received from that number
- Records of any transfers made (bank statements, confirmation screenshots)
- Notes on what the caller said and when
Where to report it
- Action Fraud (UK) — UK national fraud & cybercrime reporting centre
- FTC ReportFraud (US) — US Federal Trade Commission fraud reports
- FBI IC3 (US) — US Internet Crime Complaint Center
- Scamwatch (Australia) — Australian competition & consumer reporting
- Your bank's fraud line — Use the number on the back of your card or in your banking app — never a number the caller gives you
Always verify reporting routes and emergency contacts on the official government or agency website for your country.
Frequently asked questions
The caller ID showed my bank's real number. Does that mean the call was genuine?
No. Caller ID spoofing allows any number to be displayed, including your bank's published helpline. The displayed number is not a reliable proof of identity. The only safe approach is to end the call and call back using the number you find independently.
Why would a bank ask me to move money if that is always a scam?
A real bank never needs to move your money to protect it. Banks have their own internal mechanisms to freeze or secure accounts. Any instruction to transfer your own funds elsewhere is the definitive sign of a scam, regardless of how convincing the rest of the call sounds.
I gave them a one-time code. What do I do now?
Contact your bank immediately on the number from their official website. Tell them exactly what happened. They can freeze the account, reverse any unauthorised transactions they identify, and advise on next steps.