Fake FCA data breach alert text harvesting bank details
Impersonating: FCA
What is this scam?
Scam texts impersonating the Financial Conduct Authority claim the recipient's personal data has been compromised in a data breach and that their financial accounts are at risk. Victims who call the number provided reach fraudsters posing as FCA agents who request banking details and personal information supposedly to 'secure' accounts. The FCA never cold-calls members of the public about data breaches or requests financial information.
Example scam message
FCA: Your personal data has been detected in a recent security breach affecting financial services customers. Your accounts may be at risk of unauthorised access. Call our emergency security team immediately on 0800 XXX XXXX or visit: fca-security-alert.xyz/verify
Red flags to look out for
- The message creates urgency — threatening a fine, missed delivery, or account closure.
- Links lead to unofficial domains that don't match the real company's website.
- You weren't expecting this message and can't verify the event it references.
- It asks you to confirm payment details or personal information via a link.
- The sender's number or email address doesn't match the company's official contact.
What to do if you receive this
- Do not transfer money — your bank will never ask you to move funds to a 'safe account'.
- Hang up and call your bank directly on the number printed on the back of your card.
- Report it to Action Fraud at actionfraud.police.uk.
- If you've already transferred money, contact your bank immediately and ask about the APP fraud refund scheme.
Received this message?
Forward it to 7726 (free on all UK networks) to report it to your mobile provider.
You can also report it to Action Fraud
or email the NCSC at report@phishing.gov.uk.
Not sure if your message is a scam?
Check it instantly with our free AI-powered detector.
Check a message nowSource: Which?