We're dedicated to protecting your account and personal details - learn how to stay safe by recognising and reporting fraud
We're dedicated to protecting your account and personal details - learn how to stay safe by recognising and reporting fraud
Take Five is a campaign from Financial Fraud Action UK and Her Majesty’s Government. It aims to put consumers and businesses back in control to help prevent financial fraud. Watch out for scams like this.
As you'd expect from a bank, we take security very seriously - here are some things we do to keep you safe. To help you spot fraud, we’d also like you to know the things we’d never do.
Think you've been a victim of fraud? Report it to us right away - we're here to help. We'll secure your account and look into the incident.
Phishing is a common type of internet fraud. Phishing emails are designed to appear as though they are from a legitimate source, but intend to steal personal information that can be used to access your account.
Do not respond to any email that asks for any information in relation to your internet banking log in details. If you have received a suspicious email, do not respond and call us if you need any further information.
Our Contact Team is available from 8am-6pm Monday-Friday, and 10am-4pm on weekends for fraud-related enquiries only. Alternatively please email us at firstname.lastname@example.org from the registered email address we hold for you and mark it urgent in the subject line.
Do not respond to any email that asks you for information about your internet banking log in details. If you have received a suspicious email, do not respond and call our Contact Team as soon as you can during our opening hours on 0330 355 0355 to check if it is a genuine email.
Our Contact Team is available 8am-6pm Monday-Friday, and 10am-4pm on weekends for fraud related enquiries only.
Alternatively please email us at email@example.com from the registered email address we hold for you and mark it urgent in the subject line.
Vishing is where a fraudster uses voice messages or phone calls to try to steal identities, and financial information like your PIN, card details and Digipass code.
The term comes from the combination of ‘phishing’ and ‘voice’. Phishing is where fraudsters use email, regular phone calls and fake websites to dupe people into giving them personal details and financial information.
Vishing is specifically the use of a VOIP service (Voice Over Internet Protocol, or an internet phone service), which enables fraudsters to communicate with their potential victims via automated voice messages and the phone keypad.
Vishers can create fake caller ID profiles so that their phone number seems legitimate, and vishing requests sound urgent, to panic the victim into acting without thinking.
Examples of vishing:
What you can do
If you receive an unexpected phone call with an automated response, hang up, search for the company’s genuine contact details online and check whether the call was legitimate. If it was, the company will be able to help you, and if it was a vishing attempt, letting the company know enables them to take action, and you will have protected yourself from fraud.
How to report a vishing scam
If you think you have been a victim of a vishing attack, call us immediately on 0330 355 0355. Then report to the FCA using their reporting form.
If you have lost money to suspected investment fraud, report it to Action Fraud on 0300 123 2040.
As you'd expect from a bank, we take security very seriously - here are some things we do to keep you safe. To help you spot fraud, we’d also like you to know the things we’d never do.What we do
We will never contact you out of the blue to ask you:
If in doubt, call us on the number on our website, or delete the email without opening it.
Money mules are people used to help launder money, often without realising that’s what they’re doing. They help move illegitimate funds (money gained illegally) between accounts so that the money then appears to be legitimate. They may be asked to receive money into their account, then withdraw it and put it into another account, sometimes in another country. Sometimes the money mules are offered compensation or commission.
Even if money mules don’t know the money they’re transferring is fraudulent, they are still committing fraud and money laundering, and could be sentenced to time in prison or to pay a fine.
Money mules are often recruited into this activity through false job adverts, or social media posts that promote quick money-making opportunities. Sometimes they are duped by fake social media profiles that pretend to want a romantic relationship with the victim to gain their trust and affection before asking this favour or blackmailing them. This is also known as romance fraud.
Never move money between accounts you don’t know and trust, especially because someone else has asked you to, or if you don’t know where that money has come from. If you are suspicious of money laundering, call us immediately on 0330 355 0355.
If you receive a call from Triodos, we’ll be happy for you to question who we are and call us back on the number published on our website, just to make sure. If you can, call us back from a different phone, as an extra safety precaution. Fraudsters can clone numbers, so it may look like the number we use to call you.
We will never call you to ask you to transfer money or for your Digipass codes, and we will never ask you to download software onto your device. If someone calls pretending to be from Triodos, and they ask you to do these things, hang up immediately and report it to us on 0330 355 0355.
Identity fraud happens when someone steals and uses your personal information to buy products or services. They get hold of this information in many ways - taking post from your bin, looking for information about you online, or contacting you directly, pretending to be from a real organisation.
There are several things you can do – offline and online - to protect your personal information. Here are a few tips.
Protect yourself offline:
Protect yourself online:
If the text is from a sender you know, or from a shortcode (five to eight digits long):
If the spoof text message (sometimes known as smishing) is from an unknown sender, or from an organisation you’re not familiar with:
For card related queries, we're available 24/7. For other fraud related queries, we're available 8am-6pm Mon-Fri, and 10am-4pm weekends.
2. Once you've contacted us:
3. Once you’ve let us know, you can also report it to Action Fraud – the UK’s national fraud and cyber crime reporting centre:
Identity theft is when someone steals your personal details. They might go through your post or rubbish to find bank and credit card statements. Or they might use social media sites, forums and other online platforms to steal your personal information.
Identity fraud is when someone uses your stolen identity to buy products or services, like credit cards, loans or mobile phone contracts.
You might not know your identity has been stolen until you get a bill, invoice or delivery for something you didn’t buy. Or until you receive a letter from debt collectors for debts that aren’t yours.
There are ways you can protect yourself, however. Read our How-to guide on how to protect yourself from identity theft and identity fraud.
Investment fraud comes in many forms, but is typically when someone poses as an investment service provider, Financial Advisor or fund manager to convince you to transfer large sums of money into a company or service that doesn’t actually exist.
They can create convincing-looking websites and adverts, and send you emails, texts and automated voice messages offering investments that sound too good to be true. They often are.
Before you transfer any money:
Genuine financial services will never:
As a general rule, if it sounds to good to be true, it probably is. Beware of promises of high returns and guaranteed returns with no risk.
If you authorised a card payment or any other payment from your account, you will be responsible for it. If your card or security details are used to make a payment or transfer without your permission, we will refund the full amount (minus £35 where applicable) of the payment as soon as is operationally possible. This includes repayment of any interest or charges incurred as a result of the payment. However, you must notify us as soon as possible and no later than 13 months after the debit date. After this time we will not be able to issue a refund.
You may have to pay up to £35 if:
You may be responsible for money taken from your account up until the point you report it to us, if you:
You will not be responsible if you’re unable to notify us because our phone lines are unexpectedly unavailable or closed, as long as you call us when our lines open the next day.
To report your card lost or stolen please call us on 0330 355 0355 (or +44 (0)1179 739339 if calling from abroad) to speak to our 24/7 card services department. Unfortunately we do not have a facility to offer emergency cash in the instance where your card has been lost or stolen. A new debit card should arrive at your home address within five working days.
If you cannot find your card, you can put a temporary block on it by texting TRIODOS LOCK, followed by your six digit access code, followed by the last four digits of the sixteen digit number on the front of your card to 57887. For example, TRIODOS LOCK 123456 1234.
Your access code and the last four digits of your card number can be found in internet banking. This block can be lifted if the card is later found in a safe place
When you open an account with us, we need to obtain sufficient proof of your identity and address. We do this to satisfy our legal obligations and protect you, the public and Triodos Bank against fraud and misuse of the banking system. To help us verify your identity, we may use the details you provide to do electronic searches about you at credit reference agencies. They will supply us information from databases, including information from the Electoral Register and fraud prevention agencies.
It’s important to keep your codes and PINs secret and your digipass safe. Here are some precautions you can take:
We will never contact you to ask you to reveal your internet banking PIN or password and we will never send you any emails asking for your security information.
In order to safeguard your personal information and money we require a three stage login process for internet banking, one of which involves the use of a digipass. This is similar to the card reader facility at some other banks and is used along with other systems to ensure your finances are kept safe. We constantly review our security measures and publish guidance on steps that can be taken to prevent fraud such as the Take 5 campaign through FFA UK.
If you authorise a payment from your account, you will be responsible for it. Where you tell us a payment from your account was not authorised by you, you can ask us for a refund. However, you must notify us as soon as possible and no later than 13 months after the debit date. After this time we will not be able to issue a refund.
Contact us immediately on 0330 355 0355 (or +44 (0)1179 739339 if calling from abroad) if you think you've lost any of your security details or if you think they have been stolen or may be known by someone else.
You can request a password reset letter on our website at any time. This will cancel the old password to prevent access to your account by internet banking using the old password.
Our card department provides 24 hour transaction monitoring on the Triodos Debit Card and will block a transaction or a card if required. In this event they will send a text message asking you to call them. The will ask standard identity questions around your personal details and investigate the transaction with you. They will not ask for the card PIN, three-digit CVV code on the back of the card or any information regarding your digipass.
If you think someone is being targeted by fraudsters or has fallen victim already, speak to them about it and reassure them that they aren’t to blame – fraudsters use various tactics to trick people into giving them money or private information, and anyone could be taken in. Many people can feel ashamed or embarrassed by falling victim to fraud, so it’s important for them to know there’s support available.
Help them to report it to Action Fraud. If they bank with Triodos, report it to us immediately by calling 0330 355 0355.
They could also talk to Victim Support - a charity that provides practical and emotional support to people affected by crime.
For more information, download a factsheet from Independent Age: Scamwise: Spotting, avoiding and reporting scams.
We undertake monitoring on customer accounts and transactions to identify suspicious activity that could potentially be fraudulent. If we identify suspicious activity on any of your accounts, we will contact you to verify whether it is genuine. We may delay or decline transactions, or block your account until we can confirm the authenticity of requests received. When we contact you, we will ask you security questions but these will not include any information about your internet banking log in details. If you receive a call claiming to be someone from Triodos Bank and you are suspicious call us back on 0330 355 0355 and our Contact Team will be able to confirm if it was a genuine call.
Fraud can affect anyone, and you can help protect your friends, family and neighbours by telling them about different types of scams to help them be savvy about fraud.
You can also help by looking out for signs that could mean they are being targeted by fraudsters:
We recommend you check that you have the necessary secure (SSL) connection with Triodos Bank.
How to check your secure connection with Microsoft Internet Explorer:
To prevent unauthorised access and viruses being downloaded onto your computer, you should use a firewall and anti-virus software.
A personal firewall is software that protects your computer against abuse from hackers and warns you if someone tries to gain access to your computer.
This type of protection is very important for computers that have a permanent internet connection, e.g. with an (A)DSL (broadband) or cable connection.
Here are some tips for using your firewall and anti-virus software effectively:
Do not save encrypted pages on your hard drive. It is standard practice not to save encrypted pages in your browser. This ensures that other users of the same computer cannot access these pages when you are finished with them. You can check and if necessary change the security setting for your browser. With Microsoft Explorer proceed as follows: