Imagine waking up to a text message claiming that someone tried to spend hundreds of dollars from your Bank of America account in Phoenix, Arizona. The message looks urgent and official, and it gives you a phone number to call right away. Out of fear of losing money, many people dial the number without thinking twice. What happens next can be devastating.
This is the reality of the BofA Alert Attempted Transaction scam text, one of the most widespread phishing and tech support scams currently targeting consumers. If you have received a message like this, you are not alone. Scammers have been flooding phones across the country with fake “Bank of America” alerts that trick victims into giving away personal information, installing remote access tools, or even handing over thousands of dollars.
In this article, we will break down everything you need to know about this scam: what it looks like, how it works, how to protect yourself, and what steps to take if you have already fallen victim. This comprehensive guide is designed to help you stay informed and safe.
Scam Overview: Understanding the Fake “Your BofA Alert” Texts
The BofA Alert Attempted Transaction scam is a type of phishing and tech support scam that preys on fear and urgency. Scammers impersonate Bank of America (BofA) by sending fraudulent text messages that claim there has been a suspicious or unauthorized charge on your account.
One of the most common versions of this scam reads as follows:
“Your BofA alert: Attempted transaction of $375.28 in Phoenix, AZ. If this wasn’t you, please call 877-424-2680.”
While the message appears legitimate, it has nothing to do with Bank of America. Instead, it is carefully crafted to push you into taking immediate action by calling the phone number listed. Once you do, you are directed not to a Bank of America fraud center, but to a scam call center operated by criminals.
The Fake Details
The scam often includes very specific details to make it more convincing:
Amount: The fraudulent transaction is usually listed as $375.28.
Location: The purchase is described as being attempted in Phoenix, Arizona.
Phone Numbers: Victims are urged to call numbers such as (877) 424-2680 or (844) 587-5633.
Sender IDs: Some texts appear to come from a short code like 82932, while others come from spoofed phone numbers such as (818) 479-8887.
These details are not random. They are intentionally designed to:
Create urgency – The exact amount and location make it feel like a real charge is pending.
Appear official – Short codes like 82932 are often used by real banks, so they increase credibility.
Trap victims quickly – By including a phone number, the scam prevents you from verifying the message through your actual Bank of America account.
Why It Works
Scams like this work because they exploit psychological triggers:
Fear: Nobody wants their bank account hacked.
Urgency: The text makes you feel like you must act immediately to stop the charge.
Authority: Posing as a major bank gives the scam legitimacy.
Confusion: Victims are caught off guard and act before thinking.
The Bigger Picture
The BofA Alert scam is not just a one-off text message. It is part of a larger pattern of phishing and social engineering attacks targeting customers of many major banks. By using SMS (text messaging), scammers can bypass traditional spam filters and reach victims directly on their personal phones.
In some cases, the scam escalates into a full-blown tech support scam. Once you call the number, the fraudsters may instruct you to install remote access tools like AnyDesk or TeamViewer on your device. They may also ask you to transfer money to a so-called “secure account” or buy gift cards to “verify your identity.” In reality, these actions give scammers full control over your financial life.
Real Victim Reports
Across the U.S., people have reported receiving identical scam texts. The Federal Trade Commission (FTC) and Better Business Bureau (BBB) have issued warnings about similar schemes. Victims describe scenarios where:
They called the number and were told their computer was hacked.
The scammer convinced them to download remote software.
They were instructed to log into their online banking account.
Money was stolen, or gift card codes were demanded.
These reports confirm that the “BofA Alert Attempted Transaction” scam is not just a harmless text but a dangerous scheme designed to steal identities and drain bank accounts.
How the Scam Works
To truly understand the BofA Alert Attempted Transaction scam, let’s break down how it works from start to finish. This will help you see the red flags and avoid falling into the trap.
Step 1: The Fake Alert is Sent
The scam begins with a text message sent to your phone. It claims there has been an attempted transaction from your Bank of America account, often in Phoenix, AZ, for $375.28.
The message includes a phone number for you to call if the transaction was not yours. This number does not belong to Bank of America. Instead, it connects you to the scammers.
Step 2: The Victim Calls the Number
Most people, concerned about fraud, immediately call the number provided. When they do, they are connected to a call center that pretends to be Bank of America customer service.
The scammers use scripted dialogues to sound professional. They may ask for your name, phone number, or even your debit card number to “verify your identity.”
Step 3: Scammers Introduce a Bigger Problem
After “verifying” you, the scammers claim that your account has been compromised, or that your device has been infected with malware. They may say:
“Your account is under attack by hackers.”
“Your funds are at risk of being stolen.”
“We need to secure your device immediately.”
This is the point where the scam shifts from a fake banking alert to a tech support scam.
Step 4: Remote Access Tools
The scammers then instruct you to install remote access software such as:
AnyDesk
TeamViewer
LogMeIn
Zoho Assist
They guide you step by step through the installation process. Once installed, the software gives them full access to your device.
Step 5: The “Refund” or “Secure Account” Trick
Once inside your device, scammers use various tactics to steal money:
Refund Scam: They claim they are issuing you a refund for the fraudulent charge, but “accidentally” send too much money. They then pressure you to return the difference via gift cards or wire transfer.
Secure Funds Scam: They instruct you to transfer your money into a “safe account” that actually belongs to them.
Gift Card Scam: They ask you to buy gift cards and provide the codes as part of the “verification process.”
Step 6: Data Theft
While you are distracted, scammers may also:
Access your bank accounts.
Copy personal files.
Steal saved passwords.
Install malware for future access.
Step 7: Victim Realizes Too Late
By the time the victim realizes what happened, money may already be gone. In some cases, victims have lost thousands of dollars in a single call.
This entire process can happen in less than an hour. That is why awareness is the best defense.
(Word count for this section: ~810)
What to Do if You Have Fallen Victim to the BofA Alert Scam
If you have already responded to one of these scam texts or calls, do not panic. You are not alone, and there are steps you can take to limit the damage. Follow this checklist immediately:
1. Disconnect Remote Access
If you installed software like AnyDesk or TeamViewer at the scammer’s request, disconnect your device from the internet immediately. Uninstall the software, and if possible, perform a full system restore.
2. Contact Your Bank
Call the official Bank of America customer service number, not the number in the text. Report the scam and ask them to secure your account. You may need to:
Cancel your debit/credit cards.
Change your online banking password.
Review recent transactions for unauthorized charges.
3. Change Passwords
Update passwords for your:
Bank accounts
Email accounts
Social media
Any accounts that use the same password
4. Run Security Scans
Use trusted antivirus software to scan your device for malware. Remove any threats found.
FCC (Federal Communications Commission): file a complaint at fcc.gov/complaints.
Your local police department, if significant money was stolen.
6. Freeze Your Credit
If you gave out sensitive information like your Social Security Number, freeze your credit with the three major bureaus:
Equifax
Experian
TransUnion
7. Monitor Accounts
Check your bank accounts and credit reports regularly for suspicious activity. Consider signing up for credit monitoring services.
8. Warn Others
Let friends and family know about the scam so they do not fall victim.
Is Your Device Infected? Scan for Malware
If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.
Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes
Download the latest version of Malwarebytes for Windows using the official link below. Malwarebytes will scan your computer and remove adware, browser hijackers, and other malicious software for free.
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Once the scan completes, remove all detected threats. Your Windows computer should now be clean and running smoothly again, free of trojans, adware, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
After scanning, delete any detected threats. Your Mac should now be free from adware, unwanted extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
When the scan is finished, remove all detected threats. Your Android phone should now be free of malicious apps, adware, and unwanted browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.
Frequently Asked Questions About the BofA Alert Attempted Transaction Scam
What is the BofA Alert Attempted Transaction Scam Text?
The BofA Alert Attempted Transaction scam text is a fraudulent SMS message designed to trick Bank of America customers into believing there was an unauthorized purchase on their account. The message typically claims there was an attempted transaction of $375.28 in Phoenix, AZ and provides a phone number to call, such as (877) 424-2680 or (844) 587-5633. These numbers do not belong to Bank of America. Instead, they connect victims to scam call centers where fraudsters attempt to steal personal information, banking details, or money.
How can I tell if a Bank of America alert text is fake?
To recognize a fake BofA alert text, look for these red flags:
Suspicious phone numbers: Scammers use numbers like (877) 424-2680 or (818) 479-8887 instead of official Bank of America lines.
Unusual sender IDs: Some texts appear to come from short codes like 82932, which are easy to spoof.
Urgent language: The text pressures you to act immediately to stop a fraudulent charge.
Unverified links or instructions: The text may ask you to call, click, or download something.
Generic tone: Real banks usually personalize messages with your name or partial account number, while scam texts often don’t.
If you are unsure, log in directly to your Bank of America online account or call the official customer service number on the back of your debit/credit card.
What happens if I call the number in the scam text?
If you call the phone number listed in the scam text, you will not reach Bank of America. Instead, you will be connected to a fraudulent tech support call center. The scammers may:
Pretend to be Bank of America fraud specialists.
Claim your account has been hacked or compromised.
Ask you to install remote access software like AnyDesk or TeamViewer.
Pressure you to transfer money to a so-called “secure account.”
Demand payment in gift cards or cryptocurrency.
By cooperating, victims may unknowingly give scammers full access to their banking accounts, personal files, and financial details.
Is the number 877-424-2680 a scam?
Yes. The number (877) 424-2680 is widely reported as part of the BofA Alert Attempted Transaction scam. It does not belong to Bank of America. Calling this number connects you to criminals posing as customer service agents.
Is the number 844-587-5633 a scam?
Yes. The phone number (844) 587-5633 has also been identified as part of this fraudulent scheme. Scammers use multiple phone numbers, so even if one is shut down, they can switch to another. Always verify numbers through the official Bank of America website.
Why do scammers use Phoenix, AZ and $375.28 in the text?
Scammers often include specific details like “Phoenix, AZ” and “$375.28” to make the alert seem real. These details are carefully chosen because:
A specific location adds credibility.
A precise dollar amount makes the message appear legitimate.
The transaction amount is high enough to trigger alarm but low enough to feel believable.
This is a psychological tactic to increase the chances of you reacting quickly without verifying the message.
What should I do if I clicked the link or called the scam number?
If you interacted with the scam in any way, take these immediate steps:
Disconnect remote access software (AnyDesk, TeamViewer, etc.) if installed.
Call Bank of America directly using the number on your debit/credit card.
Change your online banking password and any other accounts using the same credentials.
Check your account transactions for unauthorized activity.
Run a security scan on your device to remove malware.
Report the scam to Bank of America, the FTC (reportfraud.ftc.gov), and the FCC (fcc.gov/complaints).
Can scammers really steal money with just a phone call?
Yes. Scammers use social engineering to convince victims to reveal sensitive information or transfer funds themselves. Even if you never share your password directly, scammers may trick you into:
Entering login credentials on a fake website.
Transferring money to a “safe account” that actually belongs to them.
Giving them access to your computer or phone through remote tools.
Once inside your account, they can quickly drain your balance, make wire transfers, or commit identity theft.
Does Bank of America send real fraud alert texts?
Yes, Bank of America does send fraud alert texts, but there are key differences:
Legitimate alerts come from official short codes verified by Bank of America.
They will not ask you to call back on unfamiliar numbers.
They will not ask you to install software, share gift card codes, or transfer funds.
You can always verify real alerts by logging into your official Bank of America mobile app or calling the number on your card.
How can I protect myself from text message scams like this?
Here are the best ways to stay safe from the BofA text message scam and other phishing attempts:
Never call the number in the text.
Verify alerts by logging into your bank account directly.
Block and report scam numbers.
Install mobile security apps that detect SMS phishing.
Educate family members, especially seniors, who are often targeted.
Enable two-factor authentication on your bank accounts for extra security.
What should I do if I gave scammers my personal information?
If you shared sensitive information with scammers, act quickly:
Bank account details: Call Bank of America immediately and secure your account.
Password: Change it immediately on all accounts that use it.
Social Security Number: Consider a credit freeze with Equifax, Experian, and TransUnion.
Credit card details: Cancel your card and request a replacement.
The faster you act, the more damage you can prevent.
Can I get my money back after being scammed?
Recovery depends on how the money was stolen:
Unauthorized charges: Bank of America may be able to reverse fraudulent transactions if reported quickly.
Wire transfers: These are harder to reverse, but your bank can sometimes intervene.
Gift cards or cryptocurrency: Unfortunately, these payments are almost impossible to recover.
Always report the incident to Bank of America immediately.
Where can I report the BofA scam text?
If you receive a suspicious text claiming to be from Bank of America:
Forward the message to 7726 (SPAM), a free spam-reporting service.
Report to the FCC if you receive repeated scam calls.
Notify your state’s consumer protection office for local support.
The Bottom Line
The BofA Alert Attempted Transaction scam text is a dangerous scheme designed to trick you into giving away sensitive information and money. By pretending to be Bank of America, scammers exploit trust, fear, and urgency to lure victims into calling fake support centers.
Remember:
Bank of America will never ask you to call back on numbers that are not listed on their official website.
They will never ask you to install remote access software.
They will never ask you to pay using gift cards.
If you receive one of these texts, do not respond. Delete it, report it, and spread awareness. The best way to fight back is by staying informed and helping others recognize the signs.
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
