Phishing is a common type of internet fraud. Phishing emails are designed to appear as though they are from a legitimate source, but intend to steal personal information that can be used to access your account.
Do not respond to any email that asks for any information in relation to your internet banking log in details. If you have received a suspicious email, do not respond and call us if you need any further information.
Our Contact Team are available from 8am-6pm Monday-Friday, and 10am-4pm on weekends for fraud-related enquiries only. Outside of these hours you can request a call back using our automated system. Our Contact Team will call you back as close to the time you request as is operational possible. Alternatively please email us at email@example.com from the registered email address we hold for you and mark it urgent in the subject line.
Was this helpful?
As you'd expect from a bank, we take security very seriously - here are some things we do to keep you safe. To help you spot fraud, we’d also like you to know the things we’d never do.What we do
- Provide around the clock debit card transaction monitoring
- We are available 24 hours a day, seven days a week for all calls relating to debit card queries (such as lost or stolen cards)
- Give you the ability to block your card by sending us a text message
- Temporarily block accounts and debit cards if fraudulent activity is suspected
- Log you out of internet banking and the app after a period of inactivity
- Keep you up-to-date with the fraud protection advice
- Use a secure three-stage log in with a digipass for personal current account holders
- As a personal account customer you can receive alerts by text message when online or card transactions are made
- Temporarily suspend your internet banking if left dormant for a long time
- Only contact you via your registered details
We will never contact you out of the blue to ask you:
- for your digipass PIN
- for your card number or PIN
- for your mobile app passcode
- to transfer money out of your account
- to click a link in an email to our internet banking
If in doubt, call us on the number on our website, or delete the email without opening it.
Was this helpful?
Money mules are people used to help launder money, often without realising that’s what they’re doing. They help move illegitimate funds (money gained illegally) between accounts so that the money then appears to be legitimate. They may be asked to receive money into their account, then withdraw it and put it into another account, sometimes in another country. Sometimes the money mules are offered compensation or commission.
Even if money mules don’t know the money they’re transferring is fraudulent, they are still committing fraud and money laundering, and could be sentenced to time in prison or to pay a fine.
Money mules are often recruited into this activity through false job adverts, or social media posts that promote quick money-making opportunities. Sometimes they are duped by fake social media profiles that pretend to want a romantic relationship with the victim to gain their trust and affection before asking this favour or blackmailing them. This is also known as romance fraud.
Never move money between accounts you don’t know and trust, especially because someone else has asked you to, or if you don’t know where that money has come from. If you are suspicious of money laundering, call us immediately on 0330 355 0355.
Was this helpful?
Do not respond to any email that asks you for information about your internet banking log in details. If you have received a suspicious email, do not respond and call our Contact Team as soon as you can during our opening hours on 0330 355 0355 to check if it is a genuine email.
Our Contact Team is available 8am-6pm Monday-Friday, and 10am-4pm on weekends for fraud related enquiries only.
Outside of these hours you can request a call back using our automated system. Our Contact Team will call you back as close to the time you request as is operational possible. Alternatively please email us at firstname.lastname@example.org from the registered email address we hold for you and mark it urgent in the subject line.
Was this helpful?
Vishing is where a fraudster uses voice messages or phone calls to try to steal identities, and financial information like your PIN, card details and Digipass code.
The term comes from the combination of ‘phishing’ and ‘voice’. Phishing is where fraudsters use email, regular phone calls and fake websites to dupe people into giving them personal details and financial information.
Vishing is specifically the use of a VOIP service (Voice Over Internet Protocol, or an internet phone service), which enables fraudsters to communicate with their potential victims via automated voice messages and the phone keypad.
Vishers can create fake caller ID profiles so that their phone number seems legitimate, and vishing requests sound urgent, to panic the victim into acting without thinking.
Examples of vishing:
- Your bank account has been compromised
You receive call from what appears to be Triodos Bank’s phone number. When you answer, you hear a recording pretending to be from Triodos, saying that your bank account has been compromised, and you need to call a freephone number to reset your security details. Calling this number, you would hear another automated message asking for your bank account number, Digipass code or other personal details via the phone keypad.
- You’re eligible for a loan
You are offered loan or credit terms too good to be true (they probably are), and to receive the money, you just need to pay an upfront fee or provide your security details.
- You’re due a refund
You receive a message that says you are due a refund. This is usually someone claiming to be from a trusted organisation. If you opt in – usually by pressing a number on your telephone - you will be redirected to a call centre agent who will attempt to defraud you or steal your information.
- Don’t miss this investment opportunity
An automated voice message tells you about an investment opportunity too good to turn down. You’ll be encouraged to transfer money to invest in a company or service that doesn’t exist.
- You’ve won a prize
Victims hear an automated voice message about a free offer or prize, and just need to pay postage, redemption or admin fees to claim. There’s often a deadline to hurry people into handing over their card details.
What you can do
If you receive an unexpected phone call with an automated response, hang up, search for the company’s genuine contact details online and check whether the call was legitimate. If it was, the company will be able to help you, and if it was a vishing attempt, letting the company know enables them to take action, and you will have protected yourself from fraud.
How to report a vishing scam
If you think you have been a victim of a vishing attack, call us immediately on 0330 355 0355. Then report to the FCA using their reporting form.
If you have lost money to suspected investment fraud, report it to Action Fraud on 0300 123 2040.
Was this helpful?
Identity fraud happens when someone steals and uses your personal information to buy products or services. They get hold of this information in many ways - taking post from your bin, looking for information about you online, or contacting you directly, pretending to be from a real organisation.
There are several things you can do – offline and online - to protect your personal information. Here are a few tips.
Protect yourself offline:
- Shred your post
Shred or cut up your post before putting it in the bin, so your name and address cannot be stolen.
- Redirect your post
If you move house, ask Royal Mail to redirect your post for at least a year.
- Be tidy
Don’t leave things like bills or personal documents lying around for others to see. Even on your work desk.
- Know your bank
This sounds like an odd one, but knowing how your bank will and won’t contact you can help you spot fraudulent emails, texts or calls claiming to be from your bank. If a bank statement or new bank card doesn’t arrive, tell your bank or card company immediately.
Protect yourself online:
- Create complex passwords
Create strong passwords and different passwords for every online account you have (email, online banking, social media, retail websites etc). Avoid using personal information in passwords, like names of family, school, pets, cars. This will reduce the likelihood that someone could guess or hack your password and access other platforms you use. You might find a password management tool useful.
- Use anti-virus software
Protect your internet-connected devices with up-to-date security software, and make sure you install all official software updates and security fixes on your devices.
- Connect with those you know
Don’t accept invitations from people you don’t know on social media sites.
- Be wifi wise
Public wifi connections and Hotspots can be hacked and used to see what you’re doing online. Whilst it’s fine to use public wifi for browsing, never use it for buying something, logging in, online banking, filling in forms – or anything else that requires your personal or card data.
- Be private
Double-check that your social media profiles are private so that you’re only sharing information with people you know.
- Think before you post
Before you post anything on social media, forums or online platforms, make sure you’re not revealing any personal information – even pictures of your car registration can be used to get your address from DVLA records.
Was this helpful?
- Contact us immediately on 0330 355 0355 (or if abroad on +44 (0)1179 739339) if:
- You’ve lost your card or suspect it has been stolen
- You’ve lost any of your security details or think they have been stolen
- You think someone else may be able to use your card or security details
For card related queries, we're available 24/7. For other fraud related queries, we're available 8am-6pm Mon-Fri, and 10am-4pm weekends.
2. Once you've contacted us:
- We'll ask you for all information you have about the loss or theft and may require you to report it to the police
- If you find your card after reporting it as lost or stolen do not use it. Destroy your card immediately by cutting through both the magnetic stripe and chip
3. Once you’ve let us know, you can also report it to Action Fraud – the UK’s national fraud and cyber crime reporting centre:
- Call: 0300 123 2040
- Report it online: actionfraud.police.uk
Was this helpful?
Identity theft is when someone steals your personal details. They might go through your post or rubbish to find bank and credit card statements. Or they might use social media sites, forums and other online platforms to steal your personal information.
Identity fraud is when someone uses your stolen identity to buy products or services, like credit cards, loans or mobile phone contracts.
You might not know your identity has been stolen until you get a bill, invoice or delivery for something you didn’t buy. Or until you receive a letter from debt collectors for debts that aren’t yours.
There are ways you can protect yourself, however. Read our How-to guide on how to protect yourself from identity theft and identity fraud.