![Logo](https://www.lcfcu.org/wp-content/themes/ncr-child-theme/images/img-logo.png"){kind=logo}
![Logo](https://www.lcfcu.org/wp-content/themes/ncr-child-theme/images/img-logo-icon.png"){kind=icon}
SCAM: Push Bombing
Stories from the Stacks Blog
May 01, 2026
Push Bombing: A Growing Scam Members Should Know About
Most of us are used to quick security checks when logging into our accounts. A message pops up on your phone asking if you want to approve the login.
It’s quick, convenient, and designed to protect you.
But like many security tools, scammers are always looking for ways to misuse it. One tactic that has been appearing more often is called push bombing.
What Is Push Bombing?
Push bombing happens when a fraudster repeatedly sends login approval notifications to your phone hoping you will eventually tap “approve.”
It often starts when a scammer gains access to your username and password through phishing emails, data leaks, or other scams. When they attempt to log in, your security system sends a notification asking you to confirm the login.
Instead of stopping after one attempt, the fraudster keeps trying. You may suddenly receive multiple login approval notifications within a short period of time.
Eventually, they hope you’ll approve one just to stop the notifications.
Sometimes scammers even follow up with a phone call or text pretending to be from a bank or IT department, asking you to approve the request to “fix” a problem. In reality, they are trying to gain access to your account.
Why This Scam Works
Push bombing works because it plays on confusion and frustration. When your phone keeps buzzing with the same alert, it’s easy to assume there’s a glitch or that approving the request will make the notifications stop.
That moment of annoyance is exactly what scammers are counting on.
What to Watch For
Push bombing attempts often include these warning signs:
- Multiple login approval notifications in a short period of time
- Alerts appearing when you are not trying to log in
- Phone calls or messages asking you to approve a login request
- Urgent language pressuring you to act quickly
A simple rule helps: if you didn’t start the login, DON’T APPROVE the notification.
What You Should Do
If you receive a login notification you didn’t request:
- Do not approve it
- Ignore or deny the request
- Change your password if you think your credentials may have been exposed
- Contact your financial institution if the alerts continue
Taking a moment to pause before tapping “approve” can prevent a scammer from gaining access to your account.
We’re Here to Help
Helping members stay informed about evolving scams is one of the ways we work to protect our community. If a login alert or notification doesn’t feel right, reach out to us directly.
It’s always better to pause and check than to guess.
Staying aware of scams like push bombing helps ensure that the tools designed to protect you continue to work exactly as they should.
