How Bank Impersonation Scams Are Stealing Hundreds of Millions of Dollars Every Year

The FBI has raised serious concerns about a bank impersonation scam that is accelerating faster than expected. Investigators report that fraudsters are mimicking trusted banks, luring people into sharing account credentials and then quickly siphoning off funds. This tactic has proven devastating across age groups. In the first nine months of 2025 alone, reported losses surpassed $262 million, affecting more than 5,100 individuals.

The agency says scammers have become more polished and more aggressive. They employ sharp tactics, swift pressure, and convincing stories to persuade people to hand over one-time passcodes or login information. Once they gain access to a bank account, they quickly transfer the money out.

Many transfers route through crypto-linked accounts, making it nearly impossible to track the cash. People often do not realize what happened until they are locked out of their own accounts.

How the Scam Hooks Victims

Olly / Pexels / At the center of this fraud is “social engineering,” which simply means tricking someone into giving access.

The most common method starts with a call, text, or email from someone claiming to be your bank. They sound helpful and worried. They say your account looks compromised, or a suspicious transaction has occurred. They push you to act fast. In that rush, many people share usernames, passwords, and even those “never share this code” text messages.

Scammers then log in, reset everything, and shut you out of your own money.

A second method utilizes fake websites that appear identical to genuine bank pages. Criminals run ads or rig search results so their fake sites show up before the real ones. When someone clicks the ad and types in their login, they hand their information straight to the scammers. This trick works because people trust search results and do not expect a polished fake site to be so easy to fall for.

In a more twisted version, scammers pretend to be law enforcement. The first caller claims a suspicious purchase was made in your name. Then another caller steps in, acting like an officer who wants to “secure” your money. They build fear step by step until the victim shares login details or transfers funds to a so-called safe account.

None of it is real, and once the scammers have access, they drain the account quickly.

Why These Attacks Are Growing

Criminals rely on speed and pressure. They know most people panic when they hear their savings might be at risk. When panic kicks in, critical thinking slips. Even people who consider themselves careful fall for these tactics because the scammers sound trained, calm, and official. Many victims later say the callers knew personal details and used them to appear legitimate.

Olly / Pexels / Never share a password, passcode, or MFA code with anyone who contacts you. A real bank will not ask for it under any circumstances.

Another reason these scams spread so quickly is that digital tools have made it easier to copy real bank pages and spoof phone numbers. A call can appear to come from your bank even when it does not. A website can look pixel-perfect even though it is fake.

The growth of crypto wallets also plays a role. Once scammers take your money, they move it through layers of accounts and into crypto. That makes the trail hard to follow. By the time you notice what happened, the funds are gone, and recovery becomes extremely difficult.

How to Protect Your Account

If someone pressures you, consider it a clear sign of potential fraud. Hang up and call the number on the back of your card. That one step alone stops most scams before they start.

It also helps to avoid search engines when you log in to your bank. Criminals poison search results with fake websites, so typing your bank’s address directly or using a saved bookmark is much safer. A direct path keeps you in control and keeps scammers from intercepting your login.