Starling Bank Scam Texts UK

Spot fake Starling Bank fraud-alert texts — and the in-app chat rule that defeats them

Last reviewed: 12 May 2026 · ScamSupport research

The Starling Bank impersonation pattern — and the rule that defeats it

Starling Bank is a fully licensed UK digital bank (authorised by the PRA since 12 July 2016) with several million UK personal and business customers. Like Monzo and Revolut, Starling’s primary support channel is the in-app chat — though Starling does maintain a fraud phone line for emergency situations on the back of the card. The critical rule for scam-text defence: Starling will never proactively phone you, never ask you to phone an unfamiliar number, and never send you to a third-party verification domain.

Three Starling scam-text variants currently in circulation

From: Starling (spoofed sender ID; lands in the same SMS thread as real Starling alerts)

Body: “Starling: A payment of £642.50 to AMAZON UK was attempted on your card. If this was not you, call 020 XXXX XXXX to dispute.”

Red flags:

  • Real Starling fraud alerts don’t embed a phone number. They direct you to open the Starling app to either approve, reject or freeze the card in-app. The fraud line printed on the back of the card is the only number you should ever call about Starling fraud.
  • When you call the number from the text, a “fraud agent” walks you through transferring your balance to a “safe account”. That account is criminal-controlled.
  • Spoofed sender ID: SMS sender IDs aren’t authenticated; a scam can land in the same thread as a real Starling notification.

From: Starling (spoofed)

Body: “Starling: Your account access has been restricted following suspicious activity. Re-verify at: starling-secure-uk[dot]com”

Red flags:

  • Starling never sends customers to third-party verification domains. Real notifications direct you to the Starling app or starlingbank.com. Anything-Starling-anything is a clone.
  • The phishing page asks for your Starling username, password, debit card details, security code, and a one-time verification code. The OTP is what the criminal needs to access your account from their device in real time.
  • Some clones also ask you to take a photo of your driver’s licence or passport — identity-theft material that can be re-used for credit-card and loan fraud months later.

Phone call claiming to be from Starling fraud, often shortly after an SMS

The caller knows your full name, sort code, and recent retailer transactions. They tell you a fraudulent transfer is in progress and you need to move your balance to a “protected Starling internal account”. They may ask you to read out an OTP or enable screen-sharing.

Red flags:

  • Starling will never proactively phone you. If you have a fraud query, you call the number on the back of your card — the bank never calls first.
  • Caller-ID spoofing. The displayed number can be set to 0207 930 4450 (Starling’s real fraud line) or anything else the criminal chooses.
  • Banks never ask customers to move money for their own safety. Hang up immediately if you hear the “safe account” phrase.
  • Screen-sharing requests let the criminal watch your screen as you enter credentials. Never enable.

How to verify a Starling text is real

  1. Never call a number from the text. Real Starling fraud alerts direct you to the Starling app or to the number on the back of your card.
  2. Open the Starling app to verify. Every genuine Starling alert is also visible in the app’s message centre and activity feed. If the SMS isn’t reflected in the app, it’s a scam.
  3. Never read OTPs or your security passcode to anyone on a phone call. Starling has other ways to verify your identity.

If you’ve already transferred money or shared an OTP

  1. Open the Starling app immediately — tap Help → Chat. The fraud team is 24/7 and responds within minutes for active fraud. They can freeze the card, freeze pending transfers, and initiate the PSR reimbursement claim.
  2. Or call Starling fraud on 0800 048 4448 using the number on the back of your card. Use the phrase: “This was an authorised push payment scam. Please log it under the PSR reimbursement scheme.”
  3. The PSR Mandatory Reimbursement Scheme requires Starling to reimburse APP fraud victims up to £85,000 for transfers made after 7 October 2024 unless the bank can prove gross negligence. Submit in writing within 13 months.
  4. Report to Report Fraud at reportfraud.police.uk — crime reference needed for Financial Ombudsman escalation.
  5. Read our UK Recovery Guide for the full first-60-minutes playbook.

Related scam guides

Use the Scam Message Scanner →