Beware of Wells Fargo "Customer Alert" Phishing Text Messages

Updated: April 11, 2017 2017-04-11T23:22:22 - Posted: April 11, 2017 2017-04-11T23:15:58 - Views: 11,713 - Comments: 35 +

Donate

Cybercriminals are sending out fake text messages disguised as "Customer Alert" to Wells Fargo's customers with links to phishing websites. The phishing websites look exactly like Wells Fargo's website and will ask visitors to sign in with their online account credentials. But, any attempts to sign into the fake website by Well Fargo's customers, will result in their account credentials being sent to the cybercriminals behind the scam.

Here are some of the fake Wells Fargo websites that were embedded in the fake text messages that we have received:

hxxp://www.wellsfargorestore4237.net
hxxp://www.WellsFargoRestore.com
hxxp://www.wellsfargorestore4237.net

The fake websites should not be visited.

Once the cybercriminals have received their potential victims' Well Fargo online account credentials, they will use it to gain access to their accounts, steal their money and use the accounts fraudulently.

This is why it is important that Wells Fargo customers never click on or follow a link to sign into their online accounts. They should always go directly to https://www.wellsfargo.com/ and sign-in from their instead. This will protect them against phishing scams. Also, Wells Fargo's customers can protect their accounts using Two Step Authentication / Verification or Two Factor Authentication. This process creates an additional layer of security that helps protect their information and prevent unauthorized transactions. Click here to learn more.

Well Fargo customers who have been tricked by the fake text messages, are asked to contact Wells Fargo immediately for help.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

Remember to help us, help you, by donating. 🎁Click here to donate

Comments, Questions and Reviews ✍

(Total: 35)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

Posted: Sep 10, 2018 at 9:31 AM by an anonymous user from or near: Redmond, Washington, United States
They are using this website:
"www.wa-wfb-urgent-matter-security.services/auth/"
delete
- Posted: Sep 27, 2018 at 2:02 PM by an anonymous user from or near: Casselberry, Florida, United States
  and this one "www.authusernew.ml/LVae6"
  delete
Posted: Sep 7, 2018 at 2:45 PM by an anonymous user from or near: Apopka, Florida, United States
Received this text today...FYI

"FRM:acc-834@AE.com
SUBJ:WELLSFARGO BANK NOTIFICATION
MSG:We have detected unauthorized login attempts!To avoid suspension go to: hxxp://duawf.com/i"
delete
Posted: Aug 16, 2018 at 2:54 PM by an anonymous user from or near: San Antonio, Texas, United States
I keep getting text messages saying my visa debit card has been locked. I am asked to call 908-336-9399. Since I don't have a wells fargo account, it seems some one is using my cell number . What can I do?

Robert
delete
- Posted: Aug 16, 2018 at 4:05 PM by info
  Report the text messages to your cellphone service provider.
  delete
Posted: Jun 19, 2018 at 1:13 PM by an anonymous user from or near: Kinston, North Carolina, United States
I have received a text message wellsfargo.device.unlock.account.infonev.com. I checked on my profile through my account on the web and I do not even have receive text messages marked. BEWARE of this text. I would never open a text unless I check my actual sites first.
delete
Posted: Jun 5, 2018 at 10:31 PM by info
Received via email:

"I received a text from 2-363-443-9349@ws.com
k.l. myers exec vice president of wf.
saying unauthorized ac4tivity on my account and wanting my id and password"
delete
Posted: May 28, 2018 at 9:29 AM by an anonymous user from or near: Durham, North Carolina, United States
Just got a text from ann.conder11@verizon.net
"WF Account Suspended!!"
delete
- Posted: May 29, 2018 at 12:29 PM by an anonymous user from or near: Cary, North Carolina, United States
  Me too - and then one from sam.schulz@verizon.net saying "WF Overdraft Protection LOCKED" with a link.
  delete
Posted: May 5, 2018 at 11:32 PM by an anonymous user from or near: Los Angeles, California, United States
I received a text message from agent.preston@verizon.net:

"content of message:
(Wells Fargo) - hxxps://bit.ly/2HZQ4Be - Check Back With Us - Attention Required

I clicked the link but I didn't give any information on the site that it led me to.
Spoke with Wells, they said they didn't send the text"

Can my phone be compromised because I clicked the link?
delete
- Posted: May 9, 2018 at 5:20 PM by an anonymous user from or near: Charlotte, North Carolina, United States
  it absolutely could - keep a watch on your accounts and make sure nothing is being charged over the next few weeks/months that you didn't authorize. They could be able to see your passwords you're typing in.
  delete
- Posted: May 5, 2018 at 11:45 PM by info
  No, not unless you download a malicious app or gave them your account credentials.
  delete
Posted: Apr 23, 2018 at 7:39 PM by an anonymous user from or near: San Antonio, Texas, United States
Just got one text asking to update device from 707-368-3235 along with link due to ‘site maintenance “
delete
Posted: Apr 17, 2018 at 5:51 PM by an anonymous user from or near: Apache Junction, Arizona, United States
I don't even have Wells Fargo, here is what they sent

"WELLSFARGO.FREEMSG MsgID-oVMFC2 Account temporily suspendedI Authenticate your device now hxxp://www.wellsfinfouer.ga/as7P/0000000000.mob"

All the last zeros is where my phone number was I added 10 zeros instead.
delete
Posted: Apr 15, 2018 at 1:09 PM by an anonymous user from or near: Avon, Colorado, United States
Got one today said:

"WELLSFARGO Alert ID#xfOY7
Security Alert! Authenticate your device now:
www.wfargoauthupd.cf?OHaA/4805400139.mob"
delete
Posted: Apr 13, 2018 at 1:28 PM by an anonymous user from or near: Renton, Washington, United States
I don't have a Wells Fargo account but received this:

"WELLSFARGO. Alert MsgID-CrJN Account currently suspended! Authenticate your device now: hxxp://www.devmobfwells.ga/ aqgp/5419990761.mob"
delete
Posted: Apr 12, 2018 at 1:18 PM by an anonymous user from or near: Albany, Oregon, United States
Me too 4/12/18

Here’s the “message”:

WellsFargo online suspended, unauthorized login attempts.
unlock

then a link.

I went on my Wells Fargo page no Alert or notes.
delete
Posted: Apr 6, 2018 at 6:22 PM by an anonymous user from or near: Grass Valley, California, United States
I got this one today (April 6, 2018)

Sent from: (936) 628-4753
Here’s the “message”:

WELLSFARGO. Update ID#RAZI Account temporarily locked! update your device:
hxxp://www.fargowauthmob.tk/aIRx/5309069711.mob
delete
Posted: Apr 5, 2018 at 6:33 AM by an anonymous user from or near: Tucson, Arizona, United States
I am not a Wells Fargo customer. the texts I have received are from (984)213-1975 and "alert-identify-customer".
delete
Posted: Mar 12, 2018 at 10:27 AM by an anonymous user from or near: Sherman, Texas, United States
We just got a text message scam stating that we need to provide information or we could not make any transactions. I clicked on the link and they asked for login information. After that, they wanted to know our name, social security number, card number, security code and expiration date.

We changed our login information through the mobile app in addition to alerting Wells Fargo of the situation. Family members also got this text message but do not have a Wells Fargo account.
delete
Posted: Mar 6, 2018 at 8:33 PM by info
Here is another scam:

"Fwd: WELLSFARGO. Alert ID#beyRwib Please update your device, to avoid account looked: www.wellsfarodeviceauth .gq/B8w8/2156696991.mob"
delete
Posted: Feb 28, 2018 at 5:58 PM by an anonymous user from or near: Ventura, California, United States
Received the following spam text message -

"FRM:alert-identifycustomer-securewellsfarg0-MSG:|@Wells-Farg0|***ALERT!Your security matters to us!Go-to=>>>hxxp://secure.id-117519-upgrade.org"

Definitely spam because I do not have any business with them. :) Weirdly, some online scanner tools mark this as a safe link. Here's some detail from one scan -

Final URL:
hxxp://aaawwwwwwwwwwwwww.xxxwwwwwwww.switchsolve.info/
Serving IP address:
209.85.200.121
delete
Posted: Feb 21, 2018 at 5:03 PM by an anonymous user from or near: Orange, Texas, United States
I received a text message on my cell at 4:07pm, saying to update my device. I did not respond. I called Terika at 1 800 TO WELLS, saying the tel.no texting me was not a Wells Fargo tel. no., informing me to contact this website. Do I delete that text message?
delete
- Posted: Feb 22, 2018 at 1:23 AM by info
  Post the text here and then you can delete it.
  delete
Posted: Nov 22, 2017 at 9:36 AM by an anonymous user from or near: Albion, New York, United States
I received a text this morning at 9:30 am on my phone. I am not a customer of Wells Fargo. This is what it said:

"124896433@info.gov ([Wells Fargo-]Your Debit Card was locked Contact@1-585-542-2304 Today!)" This was in New York near Rochester. Hope this helps..took me awhile to find out how to report this. Thank you.
delete
Posted: Nov 10, 2017 at 11:50 AM by info
Received via email:

"I received the following text message from 201-762-8255. I suspected that it was fraudulent so I called a legitimate Wells Fargo number and spoke with Joe, who told me that everything was OK with my debit card. He then instructed me to report the fraudulent text message to this email address, reportphish@wellsfargo.com. The contents of the text message are enclosed within quotes as follows:

'NOTlCE-8436012091 from WelIsFARGO Bank. Code: Visa-DEBlT Iocked. CaII us now at 201-762-8255 . Thank you'"
delete
Posted: Oct 13, 2017 at 9:49 AM by an anonymous user from or near: Athens, Georgia, United States
New link associated with the scam: hxxp://wellsfargonotificationonline.net from 410 100-001.
delete
Posted: Oct 10, 2017 at 11:36 AM by an anonymous user from or near: Atlanta, Georgia, United States
This is one of the scammers' address. Sent them a bunch of bogus info:
hxxp://avestransport.com /wp-includes/file/ wellsfargoadmin/puiu.html
delete
Posted: Oct 5, 2017 at 10:48 AM by an anonymous user from or near: Jacksonville, Florida, United States
This is my first text that looked 'fishy' -- Not happy to get texts to my cell phone like this!

"FRM:(*Wellsfargo New CIP Message*)
MSG: Account Suspended.
Read this ASAP:
hxxp://customnewcipinformatin.net"
delete
Posted: Aug 16, 2017 at 3:19 PM by an anonymous user from or near: Waynesboro, Pennsylvania, United States
I received a text message from([@wellsfargo-visacard] advising me my card was temporarily disabled by your security-dept! Directing me to this website. It had my correct mobile number.

I do not have a wells Fargo credit card. What should I do?
delete
- Posted: Aug 16, 2017 at 3:32 PM by info
  Just delete the text.
  delete
Posted: Jul 15, 2017 at 11:21 PM by an anonymous user from or near: San Diego, California, United States
We just received one from hxxp://www.wellsfargoprotect.com. After doing a google search there is no such official Wells Fargo site. Spam beware.
delete
Posted: Jun 1, 2017 at 1:54 PM by info
Send via email:-

Received the following two phishing text yesterday:

"Important message sent to (803) 917-12** by Wells-Fargo. Code: VISA DEBIT Card locked. Call support at: 203-456-9432. Thank You!"

Thanks,
Joe
Wells-Fargo Business Customer
delete
- Posted: Aug 9, 2017 at 6:18 PM by an anonymous user from or near: Madison Heights, Virginia, United States
  I just got one that asked me to call a number saying my card was blocked. Strange phone number when I call, I'm immediately asked to enter my card number. I hung up.
  delete
- Posted: Jun 26, 2017 at 2:39 PM by an anonymous user from or near: Millbrook, Alabama, United States
  Received a similar text but to call support at 201-371-1875. Looks like texts and voicemails are replacing email phishing attempts.
  delete

Show More of the 35 Comments

Show all

Write Your Comment, Question or Review

Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.

Your comment, question or review will be posted as an anonymous user because you are not signed in. Sign-in.