How can I tell if a text from my bank is real?

Real bank fraud alerts tell you to call the number on your card. They don't send links to log into. If a text includes a link to verify your account, don't click it — go to your bank's website directly.

What if I already entered my information on a fake site?

Change your bank password immediately from the real website or app. Call your bank's fraud line. If you entered your SSN, consider a credit freeze through Equifax, Experian, and TransUnion.

Scam #2 · Critical Threat

You Almost Gave Chase Your Password. Except That Wasn't Chase.

Q: What is smishing?

Smishing is phishing delivered via SMS text message. It overtook email as the #1 scam delivery method in 2024 because people trust text messages more than emails.

SMS phishing overtook email as the #1 scam delivery method in 2024. Turns out we trust text messages way more than we should.

What You Just Experienced

A text from your bank. Suspicious transaction. $2,847.33 at Amazon. Verify immediately or your account gets locked. The link takes you to a login page that looks exactly like Chase.

Except the domain was chase-secure-verify.com — not chase.com. And the form asked for your username, password, AND the last four of your Social. Chase already has all of that. They'd never ask you to type it into a website.

I've been in digital marketing for over 20 years. I know how easy it is to build a pixel-perfect clone of any website. It takes about an hour. The logos are right, the colors are right, the SSL padlock is right. The only thing that's different is the URL — and most people never look at it, especially when they're panicking about a $2,800 charge.

Why Texts Work Better Than Email

We've been trained to be suspicious of email. Spam folders, phishing warnings, the whole routine. But texts feel different. They feel personal. They feel urgent. When your phone buzzes with a fraud alert, you don't sit there analyzing it — you react.

Scammers figured this out. Smishing volume exploded because the click-through rate on SMS links is dramatically higher than email. Same scam, different pipe, much better results.

What to Look For

Any link in a text from your "bank." Real fraud alerts tell you to call the number on the back of your card. They don't send you links to log into.
Check the URL before you type anything. chase.com is Chase. chase-secure-verify.com is a guy in a basement. That one glance takes 10 seconds.
They're asking for too much. A fraud verification doesn't need your password and SSN. If a page asks for more than you'd normally enter to log in, close the tab.
The urgency is manufactured. "30 minutes or your account is frozen" — that's not how banks work. They freeze your account first and THEN contact you. They don't give you a countdown.

The One Habit That Kills This Scam

Never click links in texts or emails about your bank account. If you get a fraud alert, open a fresh browser tab and go to your bank's website yourself. Or call the number printed on your actual card. It takes 30 extra seconds and it makes phishing completely useless.

How to Explain This to Family

Keep it simple. "If a text says there's a problem with your bank account and gives you a link — ignore the link. Open the bank's app yourself, or call the number on the back of your card. That's the only rule."

Show, don't tell. Pull up this simulation and let them see the fake Chase page. Point out the URL. Say: "See how real that looks? The only difference is right there — the web address. That's what to check."

Already Entered Your Info?

Change your bank password immediately from the real website or app. Call your bank's fraud line — the number on your card. If you entered your SSN, consider a credit freeze through all three bureaus (Equifax, Experian, TransUnion). Report it: reportfraud.ftc.gov or 1-877-382-4357.

← Replay This Simulation All Scams