FaceTime bank impersonation scams: warning signs and response steps
Federal agencies have issued repeated warnings about bank impersonation fraud, and a newer variation is drawing attention: fraudsters posing as bank fraud departments are placing unsolicited FaceTime calls, using the video format to appear credible, and walking victims through the steps needed to surrender account access. The scam mechanics are not new. The delivery channel is.
Americans lost more than $2.7 billion to impersonation scams in the most recent reporting year, with bank and government impersonation driving the largest share. Both the FTC and FBI explicitly identify one-time passcode requests as a universal indicator of impersonation fraud, per FTC consumer guidance and FBI IC3 public advisories. No legitimate bank, government agency, or tech company will ask a customer to read back a code sent to their phone.
If something has already happened to you, skip to the response section. Reporting speed has direct consequences for what legal protections apply.
What happens on the call
Video of the Day

The sequence is designed so that each step makes the next one feel routine.
An unsolicited FaceTime request arrives from a caller ID formatted like a corporate email address: [email protected], or something close. The caller knows your name and opens with something specific: a flagged charge, a dollar amount, a case number. Specificity is doing the work here. A vague warning is easy to dismiss; a detailed one triggers attention before skepticism has time to catch up.
The caller may hold a badge or printed logo toward the camera, or instruct you to verify the call by dialing a number they provide. That number reaches them. Apple IDs can be registered to any email address without verification that the name represents a real institution, per Apple's account setup documentation, so a scammer can appear on your screen as a bank's fraud department with no technical barrier.
Then a text arrives from what looks like your bank's legitimate short code. The caller says the code will pause the suspicious activity. What they don't say is that they triggered it themselves by initiating a login or account-recovery attempt using credentials from a prior breach or phishing event. The OTP is the last lock on the door. Reading it aloud removes it.
Once that code is entered on their end, things move fast. A wire transfer, push payment, or password reset can complete before the call ends. OTP theft through social engineering has become a primary mechanism in account takeover fraud, per the FBI's IC3 2024 Internet Crime Report. Any unsolicited caller on any platform who asks for an OTP, a PIN, screen access, or instructs you to open your banking app while they watch is attempting fraud, as the FTC documents.
Video of the Day
Why video changes the math

This is not a platform vulnerability. FaceTime is not broken. Scammers are exploiting where video calls sit in people's hierarchy of trusted communication.
A voice call from an unfamiliar number is easy to cut off. A video call from someone who looks calm, prepared, and professionally dressed is harder to end before they have made their ask. Eye contact, an unhurried tone, a document held briefly toward the camera: none of it can be verified, but it slows down skepticism long enough for the ask to land.
The gap between how trusted video feels and how little identity it actually confirms is a platform design reality, not an accident. Traditional phone networks operate under FCC-mandated caller authentication requirements, but those rules do not extend to app-based video platforms. FaceTime calls sit entirely outside that framework.
Adults over 60 report higher per-incident losses in impersonation fraud than younger age groups, a pattern the FTC links partly to higher trust extended to authority figures, per FTC consumer guidance. A video call is better positioned than a voice call to project that authority convincingly.
How to recognize it, stop it, and respond if you've already engaged
Warning signs

- An unsolicited FaceTime call from a caller ID displayed as an email address referencing a bank, government agency, or tech company
- A caller who opens with a specific, urgent problem and frames the next few minutes as your window to prevent damage
- Visual props on camera: a badge, a logo, a case number, shown briefly and never offered for inspection
- An instruction to verify the call using a number the caller provides
- Any request to read back a code just received by text, open your banking app while the caller watches, or share your screen
Three different asks, three different risks
- OTP request: The scammer is attempting to log in or authorize a transaction in real time. End the call immediately.
- Password or full account number: The scammer may be building access for a later attempt. End the call and change credentials now.
- Screen sharing or "open your app while I watch": The scammer can observe your balance, account numbers, and navigation, and may walk you through a transfer framed as a security step.
If you caught it in time
End the call. Contact your bank using the number printed on your card, not any number mentioned during the call.
Report the incident to the FTC at ReportFraud.ftc.gov and to Apple through their phishing and fraud reporting page.
If you already gave them something
Call your bank's fraud line immediately. Tell them you were deceived into providing a one-time passcode or banking access on an unsolicited video call. If money moved, use the phrase "unauthorized transfer."
Expect some friction. Because you completed the authentication step by reading the OTP aloud, the bank's system may initially classify the transaction as authorized. Report it as fraud regardless and let the fraud team assess it, per FTC consumer guidance. Recourse may still exist even when the authentication technically succeeded on the bank's end.
Reporting speed has legal weight. Under Regulation E, consumers who report unauthorized electronic transfers within two business days may limit their liability to $50. That figure can rise to $500 between two and 60 days, with protections potentially diminishing beyond that window, per CFPB's Regulation E guidance. Outcomes vary by account type and case specifics.
Change your banking password and any accounts sharing the same credentials. Revoke active sessions and linked devices through your bank's app or website. Save the Apple ID displayed during the call, the time, and anything the caller said. That documentation supports both your bank's fraud investigation and your FTC report.
The policy gap keeping this scam alive

Traditional telephony now carries federally mandated caller authentication requirements. App-based video platforms do not. That asymmetry is unlikely to close at the platform level anytime soon, which means the trust gap scammers exploit through FaceTime remains open for the foreseeable future.
Bank fraud detection has improved at flagging OTP capture patterns, but those systems act after a code is entered on the attacker's end, not before a victim reads it aloud. The detection happens after the damage. For now, recognizing the ask before complying is the most reliable defense available.
Consumers who want early warning on emerging fraud patterns can subscribe to FTC fraud alerts at consumer.ftc.gov. The FTC also accepts fraud reports at ReportFraud.ftc.gov, and those reports feed the agency's enforcement data, which shapes where federal attention goes next.