PNC Bank Issues Phishing Scam Alert

PNC Bank is warning its customers of an uptick in phishing, vishing and smishing scams targeting them under the guise of “unauthorized activity” communications. 

An old cybersecurity scam has been given a fresh coat of paint— now with threat actors targeting PNC Bank customers under the facade of helping with fraudulent activity on their bank accounts.

The communications are being deployed by phishing (email), smishing (text) and vishing (phone)—all methods in which scammers contact people to steal personal information—in this case, online banking credentials and social security numbers.

“Some cybercriminals have shifted their approach and are targeting consumers directly through known and trusted channels of communication. One such scam involves fraudulent outreach via text, e-mail or phone calls,” said a PNC spokesman. “These communications appear to be initiated by PNC, but instead are being sent by a fraudster in hopes of obtaining customers’ personal or account-related information.”

As with other scams, the strategy isn’t groundbreaking, but results are effective enough that scammers continue to deploy these types of campaigns on consumers and financial institutions.

How To Identify Cyber Scams and Protect Your Data

In terms of cybersecurity, the adage of “the best offense is a good defense” rings especially true. Below are a few tips from the Schneider Downs cybersecurity team to help you identify these types of scams and protect your personal information.

  • Avoid Malicious Websites - If you are directed to a website, verify that the website is legitimate by reviewing the URL and typing in the address itself versus clicking on link(s) provided to you.
  • Be Wary of Urgent Narratives - One of the top warning signs you are receiving fraudulent communication is an urgent tone to the message. In most cases the communication says something is very important with dire consequences (i.e., your account will close, or you will owe $$$) with the only remedy to provide private information immediately or by clicking on a link to resolve the concern. Report and ignore these communications.
  • Do Not Answer - The easiest way to avoid identity fraud is to simply not answer or respond. If you receive unsolicited communications, chances are it is a scam. You can always call the verified customer service number on the back of your card or visit the local branch to validate information.
  • Do Not Click on Links - If you receive an unsolicited email or text, do not click on the any of the links. These links may install malware or lead you to a website that’s been set up to steal your information.
  • Do Not Provide Personal Information - While some organizations allow you to provide your social security and account numbers for access, if the communication is unsolicited, avoid providing this type of private information. In its recent alert, PNC Bank makes it very clear that they will never ask for mobile/online banking passwords.
  • Only Use Verified Contact Information - Scammers are smart, to the extent they have fraudulent “customer service” agents waiting for you to call imposter numbers or email bogus accounts. Always verify you are contacting the correct number by looking at the back of your card or statements.
  • Review Your Financial Statements -  Look at your statements for any unauthorized or suspicious activity and speak to the appropriate contacts if you find fraud.

What If You Took the Bait?

If you are a PNC customer who believes they have been targeted or provided information to a scammer, PNC recommends immediately changing your online credentials, e.g., your password, and contacting the bank directly at 1-888-762-2265 (888-PNC-BANK).

You can also forward suspicious emails and/or screenshots of fraudulent text messages to [email protected]. To read more about banking scams, go to

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.

To learn more, visit our dedicated Cybersecurity page or contact the team at [email protected]

Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity, at

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2023 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
How LinkedIn and a Phone Call Led to the Massive MGM Ransomware Attack
Top 5 Identity Fraud Schemes of 2023
Identity Theft vs. Identity Fraud – What’s the Difference?
Ransomware Attack Shuts Down Emergency Rooms Across Four States
MOVEit Data Breach: The Impact on Higher Education
SEC Adopts New Cybersecurity Rule for Public Companies
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.