Posted
on Wednesday, November 12, 2025
in
Financial Education
Iowa Banks Warn Business Customers About Account Takeover Scams
Iowa banks continue to see sophisticated fraud impacting business customers. Currently, business customers are receiving communications that appear to be coming from the bank directly – the attack includes a phone call impersonation, followed by a text message, which looks legitimate, and includes a malicious link that takes the recipient to a spoofed login page that mirrors the bank’s website and is used to capture customers’ online banking login credentials. The fraudster then uses that information to log in to the legitimate bank website and asks the customer to share the multi-factor authentication (MFA) code, giving them full access to the customer’s online banking profile, including any money movement capabilities. Banks encourage customers to follow these tips when receiving communications from their bank:
- Never give out your account information or online banking login credentials, and do not share your MFA code with anyone. Your banker will never ask for an MFA code over the phone.
- Don’t be fooled by a spoofed website that resembles that of your bank.
- Do not click on links in communications you receive. Visit your bank’s website by typing in the URL.
- If you receive a call from your bank asking to confirm a transaction, hang up and call your bank directly.
Learn More
To learn more information about the scams happening today, take a look at our Information Center.
These tips are provided by the Iowa Bankers Association
- budget
- cds
- credit
- debts
- expenses
- finances
- optimizing
- organizing
- retirement
- reviewing
- savings