How fraudsters could contact you
Learn about their tactics
Whether it’s by email, phone or social media, it helps to know how fraudsters may try to gain access to your information. Here, we explore their tactics.
Look out for phishing emails
Have you received an email from someone you don’t know, or from a company asking you to do something? Stop and think – is it fraudulent?
Email fraud is called ‘phishing’. Here’s how it works:
- You receive what looks like a genuine email from a reputable person or company
- The email will ask you to click a link for further information, or to get a refund
- You’ll be asked to download something – typically, this will be malicious software (malware) masquerading as something else
- The software helps fraudsters to access your details, and your money
What you should do
Don’t click on any links in emails you’re unsure about. Delete the email, and make sure you block the sender’s email address – that way, you won’t receive any more emails from that account.
Make sure your computer is protected with regularly-updated anti-virus and anti-spyware software, and a good firewall.
Be wary of vishing phone calls
If you receive a call from someone (claiming to be from your bank, the police or a reputable company), and they want you to divulge personal information about yourself or your bank account, it could be a ‘vishing’ scam.
The term comes from combining the words ‘voice’ and ‘phishing’. Here’s an example of how you could encounter a vishing scam:
- You receive an unexpected phone call about a refund or a problem with your payment card
- To receive the refund or a replacement card, they ask you to confirm your payment or bank account details
- You share the information, and the fraudsters make payments from your account
What you should do
Put the phone down when they ask for your payment or bank account details. Don’t share this information over the phone.
If you accidentally share your details, call your bank immediately. You should use a different phone to the one they called you on. This is because vishing fraudsters can intercept your outgoing calls, even after you’ve ended the fraudulent call – so they could pretend to be your bank, for example, when you try to report them. The number to call should be listed on the back of your payment card.
If you bank with us, you can always use our telephone number checker to make sure the number is genuine.
How to spot smishing text messages
Received a text message from a number you don’t recognise? Or from a company asking you to do something? It could be a ‘smishing’ scam. The name might sound silly, but it’s a real threat.
‘Smishing’ comes from combining ‘SMS’ (Short Message Service) and ‘phishing’ – and here’s an example:
- You receive a text message that you weren’t expecting
- The text contains a link to a website and asks you to click through, or it asks you to call a number you don’t recognise
- When you click or call, you’re asked to provide personal information, such as your bank account password
What you should do
Don’t click on any links, and check any numbers with your bank. As mentioned before, if you bank with us, use our telephone number checker to make sure the number is genuine.
If the number isn’t genuine, delete the text message from your phone.
Protect yourself on social media
Fraudsters have been known to hack social media accounts and impersonate the account owners. Once in, they make contact with the owner’s friends and family, and convince them to part with their money or bank details by pulling on their heartstrings. Here’s how it could happen to you:
- You’re contacted by someone you know who suddenly and desperately needs money
- They say they’ve recently had an accident and need to pay the hospital fees
- They ask you to transfer money to an account, or to share your bank details to cover the costs
What you should do
Always check that an urgent message hasn’t come from a hacked account. Speak to the real person directly to see if their request is genuine, because it could be a fraudster impersonating them.
Our top tips to help you stay digitally safe
- Never give out your PINsentry codes*, Mobile PINsentry codes, passcodes or Online Banking passwords* and other full passwords to anyone – even a caller claiming to be from the police or your bank.
- Don’t click on any link or open any attachments from an unsolicited email.
- Avoid letting someone you don’t know have access to your computer, especially remotely (not face-to-face).
When it comes to fraud protection, remember to always check, act with care, and never share.
*You can provide your security details to authorised companies that require your security information to provide account information services and payment initiation services. When we say authorised, we mean a company which is authorised by the Financial Conduct Authority or another European regulator to provide the relevant service. In the UK, the Financial Conduct Authority’s register will tell you whether a company is authorised. You should always consider the implications of sharing your security credentials and your personal information.
You may also be interested in
Actions to help keep your accounts safe
Are you making it easy for fraudsters?
Learn how to create strong passwords and help protect your social media accounts with our fraud-prevention tips. They’ll help you to stay digitally safe.
Types of scams
Learn how to avoid them
Familiarise yourself with some of the most common types of fraud – and know what to do if you think someone’s trying to trick you.
Take on the fraudsters
How digitally safe are you?
Would you recognise a fake caller, spot a phishing email or know when a fraudster is trying to take control of your computer? Take our interactive challenge to find out.