A 65-year-old California caretaker lost $162,000 after a caller who identified herself as “Miss Barbara,” a supposed bank representative, convinced the victim to hand over security codes that unlocked her accounts. The case fits a pattern federal agencies have been warning about with increasing urgency: criminals posing as bank employees to intercept one-time passcodes and drain funds in real time.
Why caretakers face outsized risk from bank impersonation calls
People who manage finances on behalf of others, whether as professional caretakers, family guardians, or fiduciaries, tend to hold larger combined balances and field more frequent account-verification contacts than a typical retail customer. That routine creates a dangerous familiarity with security prompts. When a caller like “Miss Barbara” asks for a one-time passcode, it can sound like just another step in a process the account holder already performs regularly. The FBI has documented this mechanism: criminals impersonate financial-institution support staff, walk victims through what feels like a standard verification, and capture the multi-factor authentication codes that grant full account access.
A single successful call can wipe out years of savings. For a caretaker earning modest wages while managing someone else’s medical or living expenses, $162,000 may represent an irreplaceable sum, not a temporary setback. The speed of the theft compounds the damage. Once a one-time passcode is entered on the attacker’s device, transfers can begin within seconds, often routed through intermediary accounts that make recovery difficult.
Caretakers and family managers are also more likely to be juggling multiple logins, third-party billing portals, and insurance platforms. That complexity makes it harder to keep track of which security prompts are legitimate and which are injected by a scammer. Attackers exploit that confusion by creating a sense of urgency: they may claim a large withdrawal is pending, that the account will be frozen, or that the caretaker could be held responsible for fraud if they do not cooperate immediately.
Federal agencies confirm the playbook behind the “Miss Barbara” scheme
Three separate federal bodies have outlined tactics that match this case. The Consumer Financial Protection Bureau stresses that legitimate institutions do not ask customers to provide full account details or security codes in response to unsolicited outreach. While that guidance focuses on email and text, the same principle applies to surprise phone calls: if you did not initiate the contact, you should not share sensitive information.
The FDIC, in guidance published in June 2025, highlights bank impersonation as a growing text-based scam category, drawing on complaint trends reported to the FTC. In many cases, a text warning about supposed suspicious activity is followed by a phone call from someone claiming to be a fraud specialist. The FDIC advises consumers to hang up and call their bank using a number printed on their card, monthly statement, or the institution’s official website, rather than any number provided by the caller or in a message.
The FBI’s alert on account-takeover fraud describes a nearly identical chain of events: a scammer reaches out, claims to represent the bank’s fraud or security team, and tells the victim they must quickly verify a transaction or prevent account closure. While the victim is on the line, the attacker initiates a login or transfer that triggers a genuine one-time passcode from the bank. The victim, believing they are confirming their identity, reads that code aloud, unknowingly giving the attacker the final credential needed to bypass two-factor authentication and seize control of the account.
Investigators urge victims to preserve as much information as possible. Phone numbers used by the caller, the exact name of the financial institution they claimed to represent, screenshots of texts, and records of unauthorized transfers can all help trace broader networks behind individual scams. Even when stolen funds cannot be fully recovered, timely reporting can prevent additional victims from being targeted with the same spoofed numbers or scripts.
What to do if you shared a code or account details
Anyone who has already given a one-time passcode, online banking password, or other sensitive detail to an unsolicited caller should act immediately. The first step is to contact the bank or credit union using a trusted phone number-such as the one on the back of a debit card-and explain that your credentials may have been compromised. Ask the institution to review recent activity, freeze or close affected accounts, and issue new cards or login credentials as needed.
Next, change passwords and enable multi-factor authentication on email and financial accounts, making sure that recovery options like phone numbers and backup email addresses have not been altered. If any unauthorized charges or withdrawals appear, file a dispute with the institution as soon as possible; many banks have strict timelines for contesting fraudulent transactions.
Victims should also consider placing a fraud alert or credit freeze with the major credit bureaus if personal identifying information was exposed. While the “Miss Barbara” scheme focused on draining existing balances, similar social-engineering tactics are often used to open new accounts or lines of credit in a victim’s name.
Finally, report the scam to federal and state authorities, including the FBI’s Internet Crime Complaint Center and consumer protection agencies. Detailed complaints help regulators and law enforcement refine warnings, pressure financial institutions to improve verification practices, and identify repeat offenders. For caretakers and others managing vulnerable people’s finances, sharing these experiences can also serve as a critical warning to peers who may be fielding the same kinds of calls.