Skip to main content

What do I do if I’ve received a One-Time Passcode (OTP) from Plaid that I did not request?

Received a One-Time Passcode (OTP) you didn't request? Stay calm. This guide walks you through quick steps to protect your accounts. 

What is happening?

You received a numeric OTP email from noreply@plaid.com or a text, but you didn’t try to connect an app right now. This can mean someone tried to use your banking info without permission, or that a consumer mistyped their phone number when connecting their accounts.

About OTPs

OTPs are used during some connection attempts as an extra security step. Even if someone has your login details, they usually can’t connect an app without that code.The OTP helps block that attempt because only you should have access to your email inbox or text messages.

 

Do not share the code

Plaid Support will never ask you to read your OTP over phone, text, or email. If anyone asks for it, do not share it.

 

What do I do next?

1. Check your accounts

Look for unusual activity (new logins, transfers, or transactions) in your bank/credit union and the financial app named in the email. If you see anything suspicious, contact them directly.

2. Secure your email

Review recent security alerts and your list of trusted devices. Remove any devices you don’t recognize.

3. Change your passwords

  • The bank or financial institution in the email, or your general institutions
  • Any financial apps mentioned, or that you use
  • Your email account
  • Any other account using the same password

 

Tip:

Use strong, unique passwords and a password manager. See our Privacy and Security guides for more tips.

 

When to contact Plaid

For text messages

Likely this is due to a mistyped phone number from another consumer. If you receive multiple messages or suspect fraud, you can do the following to contact Plaid Support:

  1. Go to the Plaid Help Center and open the Plaid Support Assistant chat.
  2. Choose the “Unexpected message from Plaid” option and then select “A text message (SMS)”.
  3. Select “I received a text from Plaid with a code I didn’t ask for” and confirm you want to contact Support.
  4. Fill in your details (including phone number), then submit your support ticket where you will receive an email confirmation that it has been sent.

For email

Your OTP email may include a unique 15‑character Support ID (letters and numbers). Share this with our team if:

  • The email doesn’t list the financial app, and you need help identifying it.
  • You believe data from your financial institution was shared with Plaid and you want us to delete it.

You can also click the support icon at the bottom‑right of this page and include your Support ID.

 

Watch for scams

  • Don’t click links from people asking for your code
  • Plaid will not ask for payments or card numbers
  • Contact your bank or app using official websites

 

Need more help? Use the support icon and include your Support ID or phone number where you received the text.

This page is for general guidance.

Related articles