Some common scams and how to spot them

Scams are constantly changing, but there are ones you can look out for. They may have slightly different wording to what we have outlined, or be through a phone call, email, text or even social media message – but their purpose is generally always the same, to try and worry or pressure you to an extent that you will reveal personal details.

  • "We've identified a problem with your internet"

    "We've identified a problem with your internet"

    This type of scam involves a fraudster phoning you and pretending to be from a telecommunications company or internet provider. They will tell you that there is problem with your internet and that they can help you fix this. They may also say that your eBanking is at risk.

    The caller will eventually ask you to:

    • log on to your computer and carry out a number of instructions which can lead to you sharing your screen with the caller;
    • give them remote access to your computer while you’re logged on to eBanking;
    • log in to eBanking to check that it’s ok; or
    • share the numbers from you Access ID card, either by telling them the digits or keying them in on screen.

    Keep it safe

    Never allow remote access or share your computer screen with someone else when you log on or are logged on to eBanking. We will never ask you to do this.

  • "Transfer your money to ensure it's protected"

    "Transfer your money to ensure it's protected"

    Payment scams can involve fraudsters contacting you, usually by telephone, pretending to be from a bank or from the police. They’re likely to use alarmist tactics, for example telling you that fraudsters are targeting your bank account, that there has already been fraudulent activity on your account, or you may even be told that a dishonest bank adviser is involved in the fraud.

    Eventually, you will be asked to transfer money from your bank account to another account, in order to supposedly ‘keep it safe’. You will also be asked not to tell anyone about this, not even the bank.

    Keep it safe

    Neither the police, nor a bank will ever ask you to transfer funds to another account ‘for security purposes’.

  • "We’ve changed our bank account, instead please send your payment to…"

    "We’ve changed our bank account, instead please send your payment to…"

    This happens when the fraudsters send you an email which appears to come from someone you are due to pay money to. The address of the incoming email may vary slightly from the genuine email address or may come from the genuine email address which the fraudster has hacked into.

    The email will either:

    • request that you send the funds you are due to pay to a particular bank account identified by a six- digit sort code and an eight-digit account number; or
    • tell you of an amended sort code and account number to that which was previously given to you.

    Keep it safe

    Always confirm the correct sort code and account number for payments by speaking directly with the person you are sending the funds to.

  • "Danske Bank has noticed your debit card was recently used..."

    "Danske Bank has noticed your debit card was recently used..."

    Smishing is a form of phishing, where fraudsters text you in a bid to make you call a fraudulent number and reveal your bank details.

    The text may be something like 'Danske Bank has noticed your debit card was recently used on 12-03-2018 12:45:43, at PAYPAL for 1749.00GBP. If not you, please urgently call fraud prevention on 03308080566'.

    Often, the text can appear to be genuinely from your own bank, or another bank or business that you aren’t connected with – they can even appear in amongst genuine texts from the businesses. They will likely use alarmist tactics, for example stating that your bank card has been used for a transaction and needing you to ‘urgently’ confirm it.

    You’ll be asked to ring a number on the text to confirm the transactions and your bank details, like your eBanking logon, 3D Secure password, security code on the back of your card and more - so the bank can supposedly investigate for you.

    Keep it safe

    You shouldn’t phone numbers that are sent in texts like this one. If ever in doubt, look up the company and find a listed number that you can contact them with genuinely. Remember, we’ll never ask you for details like PINs, eBanking logons, security codes or passwords and you should report anyone who does.

  • "Congratulations - you've won £1,000,000!!!"

    "Congratulations - you've won £1,000,000!!!"

    Unexpected prize or lottery scams often involve you requiring to send a sum of money in order to claim your prize. Normally, you won’t have even entered the competition! The contact can be made by post, phone, email text or social media.

    Often the scammers will say the fee to be paid is for insurance, taxes or bank fees and will nearly always ask you to respond quickly or risk missing out, as well as advising you to keep the win to yourself.

    Keep it safe

    If you haven’t entered any competitions or lotteries – you can’t win. If someone asks you to pay upfront to receive a prize or winnings, it’s almost always a scam. Never send money or give credit card, online account details or copies of important personal documents to anyone you don’t know or trust.

Types of phishing

  • Real-time phishing

    Real-time phishing

    In a real-time phishing attack, the fraudsters will steal your logon and password as you are entering them into what looks like your usual online banking page. Then they will use these details to log on to the real version, before doing exactly as they wish with your money.

    This can happen either through a fake site that is indistinguishable from your actual online banking page, or through your computer being infected with malware.

  • Vishing

    Vishing

    Vishing is similar to phishing except the fraudster phones you, usually pretending to be your bank. They ask you to reveal personal and sensitive information. They might make a number of calls to gather small pieces of information. For example, one week they may ask which bank you are with, the next they may introduce themselves as being from that bank. They're very clever in how they operate, so always be alert. 

    If you decide that you want to ring the caller back to authenticate the call, you should always make sure that you source the number from your own records, rather than redialling the number they have called you on, and ensure that the original connection with the caller has been terminated first. You can do this by using a different phone or by phoning someone else you know first.

Malware (trojans, viruses & malicious software)

Malware is malicious software installed on your computer without your consent. Once there, it can record keystrokes, re-direct your browser, or display fake websites, all in an effort to impersonate you in online banking transactions. Your computer can become infected through documents attached to emails, links contained in emails, infected search engine results, or by clicking on links, videos, and documents on legitimate websites, particularly social networking sites.

Remember to keep your antivirus software updated and be cautious with software you download. Use an anti-spam product and treat unwanted emails with suspicion.

Spyware

Spyware is a program or file that often arrives as a hidden part of “free” programmes, and it monitors what you look at on the Web before reporting back to companies who sell the information. Some can pick up everything you type. Remember to keep your antivirus program up to date and be cautious with the free software you download.

Identity theft

Fraudsters employ many techniques to gather personal information with which they then attempt to target the finances of their intended victim. These techniques include masquerading as a genuine entity and contacting the intended victim and tricking them into providing personal and financial details.

You should exercise extreme caution before responding to any communication, including emails and telephone calls, which ask you for such details – even if those communications are alarmist in nature.