Fake Bank 'New Payee Added' Verification Text Scam Examples
A text claiming to be a fraud alert from your bank says a new payee has just been added to your account and asks you to click a link or call a number immediately to cancel it if you don't recognize it. The link leads to a convincing fake banking login page, and the callback number connects to a fake fraud team that talks you through securing your account by revealing your login, card number, or one-time passcodes. The manufactured panic about your money being at risk is the lever. Ignore the message and check your account only through your bank's official app or a number on your card.
Last reviewed: 1 June 2026
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
[Bank]: A new payee [name] has been added to your account. If this wasn't you, cancel here: [fake link]
ALERT from [Bank]: Outgoing transfer of [amount] to [payee] authorised. Not you? Call [fake number] immediately.
[Bank] Security: Your account payee list was updated on [date]. Verify your identity to protect your account: [fake link]
Unusual activity: new bank transfer payee added. If you didn't do this, tap to cancel within 15 minutes: [fake link]
What the scammer wants
To make you panic and either click a phishing link or call a spoofed number, where you are tricked into providing login credentials, one-time codes, or authorising a 'reverse transfer' that actually moves money to the scammer.
Red flags in the message
- Urgency with a very short window to 'cancel'
- A link to a domain that is not your bank's official website
- A callback number embedded in the text rather than the number on your card
- Request for a one-time code, PIN, or password over phone or link
- Texts from a new number even though your bank always uses the same one
A safe response
Do not click or call back. Log in to your bank app directly by typing the address or using your app, and check the payee list there. If in doubt, call the number on the back of your card only.
What not to send
- Online banking passwords or PINs
- One-time passcodes (OTPs)
- Full card details
What to do if you already replied
- Call your bank's fraud line using the number on your card or bank statement immediately
- Change your online banking password and revoke any sessions
- Report the text to your national messaging-abuse service (e.g. 7726 in the UK)
Evidence to preserve
- Screenshot the full message or call details
- Note the sender number, email, or profile
- Save any links (without clicking) and payment details
- Record dates and times
Frequently asked questions
I clicked the link and logged in on the page — is my account compromised?
Treat it as likely compromised and act quickly: log in to your real account through the official app or a number on your card, change your password, and ask your bank to review recent activity and freeze any suspicious new payees or transactions.
I gave them a one-time passcode over the phone — how serious is that?
This is serious, as one-time codes are often the last step scammers need to move money or take over your account. Contact your bank immediately through their official number to report the code was shared under false pretenses so they can act quickly.
How can I check if a new payee was really added to my account?
Open your bank's official app or website directly, without using the link or number from the text, and check your payee list and recent activity yourself. If anything looks wrong, contact your bank through the number printed on your card or statement.
Is it safe to reply to the text asking if it's genuine?
No, avoid replying — banks don't verify fraud alerts through text reply, and responding only confirms your number is active to whoever sent it. Instead, go directly to your bank's official app, website, or phone line to check.