Fake 'Your Account Is Locked' Bank Email Script
This phishing email impersonates your bank, claiming your account has been locked due to suspicious activity and urging you to click a link to verify your identity and restore access. The fake login page looks identical to your real bank's site, capturing your username, password, and sometimes a one-time code as you type. The scammer's goal is full access to your online banking to drain funds or add unauthorized payees, achieved by triggering fear of losing access. The most important step is never to log in through an email link; go directly to your bank's app instead.
Last reviewed: 1 June 2026
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
[Bank]: Your account has been temporarily locked for security. Verify your identity to restore access: [fake link]
Unusual activity detected on your [bank] account ending [number]. Confirm it was you: [fake link]
Action required: your online banking access has been suspended. To unlock, verify your details within 24h or your account will be closed: [fake link]
Security alert: a new device attempted to log in. If this wasn't you, secure your account now: [fake link]
What the scammer wants
To make you log in through a fake page that captures your username, password, and possibly a one-time code — giving the scammer full access to your account to drain funds or add new payees.
Red flags in the message
- Urgency about an account being locked or suspended
- Login link that leads to a domain other than the bank's official website
- Threat of permanent account closure if you do not act quickly
- Email sender address does not match the bank's real domain
- Fake login page may look convincing but the URL is wrong
- Page asks for password and then immediately requests a one-time code
- No phone number to call the bank directly for verification
A safe response
Do not click the link. Open a new browser tab and type your bank's real web address yourself, or call the number on your card to check your account status. Your bank will never ask you to verify by following an email link.
What not to send
- Login credentials on any page reached by an email link
- One-time codes to any page reached by an email link
- Card details on an unverified site
What to do if you already replied
- Change your online banking password immediately from a secure device
- Call your bank on the official number to report the phishing and check for unauthorised activity
- Enable strong two-factor authentication if not already active
- Check recent transactions and new payees on your real account
- Report the phishing email to your bank and national cybercrime authority
Evidence to preserve
- Screenshot the full message or call details
- Note the sender number, email, or profile
- Save any links (without clicking) and payment details
- Record dates and times
Frequently asked questions
I already entered my login details on the link — what should I do?
Go directly to your bank's official app or website, not through the email, and change your password immediately, then contact your bank's fraud line to flag the account. Watch for unfamiliar transactions or new payees and report any you don't recognize right away.
The email also asked for a one-time code I received by text — did I just give them access?
Yes, if you shared a one-time passcode along with your login details, the scammer likely used it to get into your account in real time. Call your bank's fraud number immediately to lock the account and review recent activity.
How can I tell if a bank email is really from my bank?
Check the sender's actual email address rather than the display name, hover over links before clicking to see where they lead, and remember that banks rarely ask you to 'verify' your account by clicking a link. When in doubt, log in by typing your bank's known web address directly.
Should I call the number listed in the email to check?
No — use a phone number from the back of your card, a past statement, or the bank's official website, since a number in a suspicious email may connect you straight to the scammer. This keeps you on a verified channel throughout.