Verified By Visa Scam

Customers of Bank of America, Chase, Wells Fargo and other major Visa-issuing banks are frequent targets of this scam. Make sure you understand how it works so that you can avoid becoming a victim!

If you’re not familiar with Verified by Visa, it is a free feature that allows you to add an extra layer of security for online shopping with your credit card.  Here’s how it works:

1. Activate the feature
This can be done either through your bank’s website or on a participating merchant’s website, below is a screenshot of the latter.

2. Use the extra password when shopping
This password adds an additional level of authentication when you use your Visa credit card online at participating merchants.You will be required to enter it in addition to the all the information you normally provide (account number, expiration and security code). The drawback, however, is that a significant number merchants don’t participate in the program. It’s mainly some of the big national retailers that are in the program. It’s really a great service but unfortunately, like anything on the internet, some bad actors have gotten involved and started to ruin things for everyone.

activation steps for Verified by Visa shopping

What’s the scam?

The Verified by Visa scam has been sweeping the net for a few years now and just doesn’t seem to go away. It’s phishing scam that usually goes something like this:

You receive an official-looking bank email
An urgent and very legitimate looking email shows up in your inbox from the bank that issues your Visa credit card stating that you need to enter your login credentials to verify your account. Even if the email address is from a,, etc. that does not mean it’s legit. Scammers can forge the address field to have it say whatever they want. If you hover your cursor over the official looking return address you’ll see a different masked address popup. That will verify that it’s from a fraudulent source.

This is an example of an actual scam email:

“Your Bank of America card has been automatically enrolled in the Verified by Visa programme. To ensure your Visa card’s security, it is important that you protect your Visa card online with a personal password. Please take a moment, and activate for Verified by Visa now.”

You are sent off to the fake website
Upon clicking on the link in the email to activate/setup the service, you are re-directed to a dummy website which is designed to look like it’s authentic Visa or bank website.

Once there, the fake site will ask for your account information and possibly other private data like your Social Security, address, and more in order to setup Verified by Visa. Of course what they’re really doing is just tricking you into entering this information so they can exploit it.

It’s highly unlikely the scammer knows your bank! One of the reasons people fall for this scheme is because the bank or credit card company listed in the fake email might be identical to the one they’re using, which makes it seem even more authentic. However the truth is this is nothing but a numbers game for the scam artists – they send out tens of millions of emails using the names of big banks, because they know at least X% of those recipients will indeed be customers of the given bank. Many large banks like BofA have tens of millions of customers, so there’s a very high probability for these scammers to find their marks without much effort.  This is why the Chase and Bank of America Verified by Visa scams seem to be the most common… they are the two largest banks in the U.S. so the crooks frequently target their names.

How to protect yourself?

Neither Visa nor your bank will ever send you emails like this, so if you receive one with a link asking you to setup the service, it is a scam for sure.

In order to avoid falling victim, you should only access your bank by typing in their official address in the URL bar (i.e. type in Once on the site, make sure there is an “s” after the http – that means the site is using Secure Sockets Layer (SSL) technology (and all banks are required to use that by law).

https example on Bank of America's website

Whether it’s setting up the Verified by Visa service or just general account management, always access the credit card issuer’s website directly through the address bar and NOT through a link in an email (this advice really applies to all of your online accounts, not just your card issuer). You should never respond to an email by clicking an embedded link in order to address some issue that is claimed within the message. Always close the email and verify that the issue exists by going directly to the website in question or by calling the bank or company involved. So, if you do receive a suspicious-looking email purporting to be from your bank go directly to the bank’s secure website – they will have an address you can forward it to (like to in order for their fraud investigators to review.

Written or last updated November 2015

The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser's responsibility to ensure all posts and/or questions are answered.

The VbV program is a marketing SCAM & PUTS YOU AT RISK !


Because it demands you type in your social security number & more private information.

Then they sell your purchase transactions on the open market place, destroying yojr privacy.

Additionally, this puts merchants at risk,
because competition can buy THEIR transactions, see what they are selling & for how much, and then undercut the prices – robbing merchants of their best selling products AND stealing away their high dollar clients too ! A double damage injury.

Finally, hackers can get the VbV info too – & seeing a lot of transactions at a particular website means “well, here is a fat wealthy target !”

VbV puts the busiest and wealthiest websites at increased risk.

Not to mention “How do I check this is a REAL VbV webpage?” problem ?

Bad news and all the more reason to use a protected PayPal account.


Hello Customer:
You have been selected to participate and win a vacation in Europe; you choose the country, and we cover all expenses.
All we need from you is to complete the entry form with your details, to ensure that no mistake has been made in contacting you and you are the right person to apply for the offer.
Kindly click here: and enter your details.
As soon as we receive your application, we shall inform you of your ticket number.
Thank you for your pathronage,
Happy New Year!
Visa Team.


received one today, these people are lame…

Here is another possible scam:

received this email today Nov. 19,2013

once if read the info, i just laughed to myself and put it in my scam email folder that I may or may not send onto my federal fraud department for possible Investigation.

Protect your Visa card for online
Your bank has signed up for your Visa Card for Verified by Visa to protect your card against unauthorized use.

You have to confirm the registration of the card by filling out the form below, press “To Continue, Click Here” and then create your Verified by Visa password.

When you continue acting in an internet business with a Verified by Visa logo, you will be prompted to enter your Verified by Visa password to approve the purchase.

To Continue, Click Here.

Copyright Visa Canada 2013. All rights reserved.

I received this message, do you think it was from Verified by Visa?

“We found out that someone was using your credit card without your permission. for your protection, we have suspended your Credit Card.for raising this suspension: Click Here”

NOTE: if you will not complete the steps before 21th Marsh, we will be forced to suspend your credit card because it can be used for fraud.

I don’t have a credit card to my name, only my debit card. I did not click on the link. I did check my account and saw no unexplained purchases. How do I verify this?

That’s a phishing scam. Do NOT click the link in the email.

Have any of you read the TOC when conducting the creation of the password while purchasing at these “participating retailers?” Please do… You will be SHOCKED.

It clearly states that transaction information belongs to Visa. It can be sold, distributed, etc. So, if you are buying a pair of underwear – don’t be surprised how fast commercial cockroaches will attack you to buy their underwear (from the same gang VISA sold its services to). You have NO CONTROL over your information with this SCAM. It’s simple as that – it’s LEGAL because they say so.

Had to complete a transaction yesterday and was literally forced (there was no option to opt-out) to create a password. Verified by Visa 800-472-3071 confirmed that it was them. Some retailers request (services sold to them by Visa) “secondary verification” and thus – Verified by Visa.

Visa is an intermediary. A utility. But it has become a self-imposed money-making monster… INSANITY

We are changing banks. To the one that offers MasterCard.

I may have gotten scammed earlier today placing an online order through Wal-Mart. How do I find out for sure and what should I do???

New variant?

January 18, 2012

Verified by Visa Inc.
244 Salcedo St,
Hyattsville, MD 20789

Dear valued customer,

Since you are one of our longtime valued customers, we would like to thank you for your patronage by giving you a Verified by Visa/Interswitch customer bonus of $50,000 redeemable within 72 hours.

To redeem your bonus, kindly send us your day time numbers for easy communication and secondly the nearest airport to your location.

We encourage you to use more of our services.


Juan Dela Cruz
Verified by Visa MD.

I think I just got into such a scam yesteray. The site claimed to be Visa-Verified by Visa. I wanted to get my visa card verified. I gave them my card number (nothing else: no name, bank, address, etc).

How dangerous is it? What shall I do now?
Thank you.

What is the site which did this? Click on “Forum” at the top of the page and post your story- myself and others will respond to try and help you out.