Updated Schwab Text Message Scam
Schwab has alerted us to a new and more sophisticated fraud threat. This version begins when the client receives a text message prompting them to "verify a transaction"—clicking the link leads the unwary investor to a fraudulent website that mimics Schwab's login page, where they are prompted to enter their credentials. Once the credentials have been entered, the fraudsters use them to access Schwaballiance.com. The fraudulent website may also prompt the client to enter a two-factor verification code that they would automatically receive from Schwab, which, once submitted, allows the fraudster to complete the login process.
Once they have access, the fraudster will change the security token on the account so that it points to a device in the criminals' hands instead of the client's own device. At this point, the client is effectively locked out of the account, and the fraudster can begin initiating wire transfers that rapidly drain assets from the account.
Dos and Don’ts:
Do not click on links or attachments received via text message.
Instead, manually enter the official Schwab site by typing the URL into your web browser.
Or utilize Schwab's mobile application.
Do not enter Schwab credentials or other information into a page reached by clicking a link. The same applies to phone numbers received via text message. Use a verified number you've used in the past.
Double-check that the URL provided is not a subtle variation of the real one.
Stay calm and verify using official verified channels.
Contact us immediately. We can help verify if the text or email is fraudulent and report it to Schwab. If possible, take a screenshot and send it to us.
We strongly recommend that you ensure two-factor authentication is activated on your Schwab account. We are happy to assist with this if needed!
Stay Informed and Confident
Get retirement insights and investment wisdom delivered straight to your inbox, no financial jargon required.
Updated Schwab Text Message Scam
Schwab has alerted us to a new and more sophisticated fraud threat. This version begins when the client receives a text message prompting them to "verify a transaction"—clicking the link leads the unwary investor to a fraudulent website that mimics Schwab's login page, where they are prompted to enter their credentials. Once the credentials have been entered, the fraudsters use them to access Schwaballiance.com. The fraudulent website may also prompt the client to enter a two-factor verification code that they would automatically receive from Schwab, which, once submitted, allows the fraudster to complete the login process.
Once they have access, the fraudster will change the security token on the account so that it points to a device in the criminals' hands instead of the client's own device. At this point, the client is effectively locked out of the account, and the fraudster can begin initiating wire transfers that rapidly drain assets from the account.
Dos and Don’ts:
Do not click on links or attachments received via text message.
Instead, manually enter the official Schwab site by typing the URL into your web browser.
Or utilize Schwab's mobile application.
Do not enter Schwab credentials or other information into a page reached by clicking a link. The same applies to phone numbers received via text message. Use a verified number you've used in the past.
Double-check that the URL provided is not a subtle variation of the real one.
Stay calm and verify using official verified channels.
Contact us immediately. We can help verify if the text or email is fraudulent and report it to Schwab. If possible, take a screenshot and send it to us.
We strongly recommend that you ensure two-factor authentication is activated on your Schwab account. We are happy to assist with this if needed!
Stay Informed and Confident
Get retirement insights and investment wisdom delivered straight to your inbox, no financial jargon required.
Updated Schwab Text Message Scam
Schwab has alerted us to a new and more sophisticated fraud threat. This version begins when the client receives a text message prompting them to "verify a transaction"—clicking the link leads the unwary investor to a fraudulent website that mimics Schwab's login page, where they are prompted to enter their credentials. Once the credentials have been entered, the fraudsters use them to access Schwaballiance.com. The fraudulent website may also prompt the client to enter a two-factor verification code that they would automatically receive from Schwab, which, once submitted, allows the fraudster to complete the login process.
Once they have access, the fraudster will change the security token on the account so that it points to a device in the criminals' hands instead of the client's own device. At this point, the client is effectively locked out of the account, and the fraudster can begin initiating wire transfers that rapidly drain assets from the account.
Dos and Don’ts:
Do not click on links or attachments received via text message.
Instead, manually enter the official Schwab site by typing the URL into your web browser.
Or utilize Schwab's mobile application.
Do not enter Schwab credentials or other information into a page reached by clicking a link. The same applies to phone numbers received via text message. Use a verified number you've used in the past.
Double-check that the URL provided is not a subtle variation of the real one.
Stay calm and verify using official verified channels.
Contact us immediately. We can help verify if the text or email is fraudulent and report it to Schwab. If possible, take a screenshot and send it to us.
We strongly recommend that you ensure two-factor authentication is activated on your Schwab account. We are happy to assist with this if needed!
Stay Informed and Confident
Get retirement insights and investment wisdom delivered straight to your inbox, no financial jargon required.
