← Back to resources

Don't read that out loud! How Scammers Trick You Using Bank Verification Texts

May 1, 2025

It starts with a call. The person on the other end might sound professional, urgent, or helpful:

“We’re sending you a code to verify your identity. Can you read it to me when it arrives?”

And then the text comes—straight from your bank, like always. It’s a real code, a real message, and it's meant for you. But reading it aloud is the trap.

How This Scam Works

This scam uses a real verification system meant to protect you—things like 2FA (two-factor authentication) or one-time passcodes (OTPs)—against you.

Here’s the breakdown:

  1. Scammer logs into your bank account (or tries to reset your password) using your email or phone number—possibly something they got from a phishing email or a data breach.
  2. Your bank sends a legitimate verification code to your phone, just like it should.
  3. The scammer calls you at the same time, pretending to be someone official.
  4. You read them the code, thinking you’re verifying your identity.
  5. They use the code to log into your account—and potentially drain your funds, change your login credentials, or lock you out.

What It Looks Like

Let’s say someone calls pretending to be from your bank’s fraud department. They say:

“We’ve seen suspicious activity on your account. We’re locking it down for your safety. We just need to verify your identity. You’ll get a code—read it aloud to confirm.”

You feel flustered. The code pops up on your phone. It looks like this:

“Your Bank of Example security code is 739201. Do not share this code with anyone.”

But under pressure, you read it aloud to the person on the phone. That’s all the scammer needs to access your account through the website, while they talk to you.

How to Spot and Stop It

  • Never share a verification code with anyone. No real company will ask you to do this over the phone.
  • Hang up and call back. Use the number on the back of your debit card or the company’s official website—never the one that called you.
  • Look closely at the text message. Many banks clearly warn: “Do not share this code.” That warning is there for a reason.
  • Use extra security settings. Enable biometric logins, account alerts, and strong passwords or even secret code-words where possible.
  • Educate your loved ones. These scams often target older adults who may be unfamiliar with how two-factor authentication works.

Bottom Line

That one-time code is the key to your account. Treat it like cash. If someone’s asking you to read it out loud, it’s almost certainly a scam.

Stay alert. Don’t get rushed. And remember: no real bank will ever ask you for your verification code.

Facebook Share Button
Twitter / X Share Button