We have been notified that clients are receiving calls from people pretending to be from their bank’s fraud team. The calls can be automated or from a real person.
We would like to remind all clients to NEVER disclose your One Time Passcode or PIN over the phone.
If you are not sure who you are talking to, hang up and call the telephone number on the back of your card.
If you have clicked on a link recently from any suspicious emails or text messages (e.g. Royal Mail, DVLA, HMRC etc.) or if you think you may have been the victim of fraud, then please report to your bank immediately.
Keeping you safe
Many people and businesses are feeling anxious about their future right now, and it can be easy to fall victim to what looks like a genuine offer of help or support.
During these uncertain times, sadly opportunistic fraudsters remain at large and their scams evolve quickly, so it is important to remain cautious to keep yourself safe.
We have seen examples of emails purporting to be from the World Health Organisation claiming to offer cures and vaccines for coronavirus, or seeking requests for donations for victims of the virus. With the number of people working from home, we anticipate an increase in phishing (email) and vishing (telephone) scams. These may claim to be from HMRC or your bank.
As a quick reminder:
- Your bank or the police will never ask for your PIN, full password or login information, ask you to withdraw or move your money for safekeeping, or set up a ‘safe’ account.
- If someone asks you to call them to confirm any information such as account details or recent transaction history, always use the number you have for them – or the one on their website rather than the one they ask you to call.
- Always check the email address – does this look right? Fraudsters can use email addresses which look official, but double check against the one you hold on file or check their official website.
- Even if you are expecting an invoice, call the supplier to confirm the bank account details, especially if these have changed since the last invoice you received.
- When buying online, use websites that have https and a padlock sign.
- Fraudsters may make their request sound urgent – If you are worried or unsure, immediately hang up and take some time to think before taking any action.
- If you think you may have been the victim of fraud, contact us immediately.
Recently, UK Finance issued a warning about ‘smishing’ scams during the coronavirus outbreak. These are where criminals send text messages pretending to be organisations like banks, the NHS or even the Government. Criminals are also using a technique called “spoofing”, which can make a message appear in a chain of texts alongside previous genuine messages from that organisation. They then attempt to trick people into giving away personal and financial information or money. People are urged to avoid clicking on any links contained within text messages, and to always log into their bank account to update their information or make any legitimate payments.
For more information on how to stay safe, please visit our fraud pages or www.takefive-stopfraud.org.uk, contact your relationship manager, or call us on 020 7012 2500.
Reporting a fraud
If you believe someone has made a fraudulent attempt on your account, copied your card, obtained your PIN or if you need to report a lost or stolen card, please contact us immediately on 020 7012 2500 (available 24 hours).
Protect yourself from fraud
Taking care of your cheques, cards, PINs and other security information is essential to help prevent fraud and protect your accounts. We strongly recommend that you follow the do’s and don’ts, listed below.
- Memorise your PIN and destroy the PIN notification promptly after receipt.
- Keep your log on and password to internet banking confidential.
- Only deal with reputable companies when using your card for purchases over the phone or through the internet.
- Keep your cards in your possession and never let them out of your sight.
- Check and keep your card receipts and other information about your account containing personal details safe (for example, statements) and get rid of them carefully.
- Take care when storing or getting rid of information about your accounts. People who commit fraud use many methods such as ‘bin raiding’ to get this type of information. Shred anything containing personal data when you want to throw it away.
- Take care when others close by may be trying to see you enter your PIN.
- Be aware that your post is valuable information in the wrong hands. If you don’t receive a bank statement, card statement or any other expected financial information, contact us.
- Respond to ‘phishing’* emails requesting information (account details, card numbers, PINs or passwords). We will never request information from you by email and it is our policy not to send personal data to you by email.
- Share your PIN with anyone.
- Leave gaps on cheques.
- Keep large sums of cash at home.
*Phishing is an increasingly common type of spam that can lead to theft of your personal details such as credit card numbers or online banking passwords. Phishing attacks work by the scam artist sending “spoof” emails that appear to come from a legitimate website that you have online dealings with. The email may ask you to reply with your account details in order to “update security” or for some other reason.
Phishing is a practice whereby fraudsters send you an email claiming to represent well-known organisations (e.g. a bank or social media site) and request personal information such as your bank details for verification or recording purposes.
Some phishing emails will threaten to delete any accounts you hold with the organisation they claim to represent, in order to scare you into providing the requested information.
Though these threats are very concerning, we advise that you:
- Do not respond to any emails of this nature.
- Limit the amount of personal information you share online.
- Contact the organisation from where the email claims to represent to check if it is genuine.
- Ensure you only enter your bank details on secure networks, signified by a padlock in the top left hand corner of the browser window.
Malware is malicious software designed to interfere with the performance of electronic devices such as computers, tablets or mobile phones.
Your device can become infected with malware viruses if you open links or download software or files from suspicious websites and emails. These viruses can log personal information and passwords that you input onto your infected phone or computer and pass them on to a device controlled by the fraudster.
In order to protect your electronic devices from viruses, we suggest that you:
- Install and keep up-to-date antivirus software on your computer.
- Ensure your Firewall is switched on.
- Avoid opening any links contained in pop-up adverts and irregular emails.
Boiler Room Scams
Boiler room scammers call your home or mobile phone claiming to be from reputable organisations. Using high pressure tactics, they attempt to persuade you to buy a fraudulent investment. These investments are often worthless or have minimal value and are unlikely to appreciate over time.
If you are uncertain about a call of this nature, you should:
- Record the name of the person calling and the firm they claim to represent.
- Check the firm against the FCA Financial Services Register.
- Call the FCA’s consumer helpline on 0800 111 6768 to check whether the salesperson is on the register and has the authority to make investment sales.
- Conduct an independent check by calling the company to confirm the salesperson is genuine and employed by them.
Investing in Fine Wine
Fine wine investment scammers will often call with offers on great deals and not-to-be-missed opportunities. They will send paperwork and sometimes the wine too. Often everything appears normal – until the victim decides to cash in their investment.
It is at this stage the fraudster prolongs the procedure with excuses such as ‘we would advise you to wait three weeks for a better price’ or ‘there is no one buying this wine at the moment’.
The company then suddenly vanishes or goes into liquidation.
Before you commit to an investment, make sure you:
- Are dealing with an honest, reputable business with a successful track record in the trade.
- Know the wine you are buying comes from a reliable origin.
- Understand the small print.
- Don’t fall for hard sales tactics.
Identity fraud is the criminal activity of using a stolen identity to obtain goods or services by deception. Fraudsters start with the most basic information to build a picture of your financial affairs. Once fraudsters have sufficient information they can use your identity to:
- Open bank accounts.
- Take over existing bank accounts.
- Obtain genuine documents.
- Borrow money.
We advise that you:
- Shred documents which feature personal information such as receipts, bank statements etc.
- Password protect your laptop, mobile phone and any other devices. Create strong passwords. Please click here for some guidance: https://www.cyberaware.gov.uk/passwords
- Install anti-virus software on your laptop and any other devices. Make sure you keep it up-to-date.
- Take care on public Wi-Fi because fraudsters are able to hack or mimic them. If you are using them, avoid using sensitive apps such as mobile banking.
- Redirect your post if you move address to help prevent your personal details falling into the wrong hands. Action Fraud recommend redirecting your post for 12 months when you move address https://www.actionfraud.police.uk/fraud_protection/identity_fraud
This type of fraud covers instances where fraudsters use stolen credit or debit cards, or the details, to buy goods or services. It is particularly important to be aware of card fraud given the development of contactless payment technology. Those using stolen cards will not need your PIN to process payments in stores with contactless card readers.
We advise that you:
- Memorise your PIN and shield the number pad when entering it at a cash point or retail store.
- Never share your PIN with anyone.
- Always keep your card secure in your wallet or purse.
- Always keep your card within your sight when handing it over to a cashier.
- If your card is retained by a cash machine, contact the owner of the cash machine immediately and notify your bank to cancel the card.
- Counterfeit cheque fraud is where fraudsters create fake cheques using genuine account details.
- Forged cheque fraud is when a genuine cheque has been stolen and used by a fraudster with a forged signature.
- Fraudulently altered cheques are genuine cheques that have been altered by a fraudster before being paid in.
In order to protect yourself against cheque fraud we advise that you:
- Draw a line through all unused space after both the payee name and the amount.
- If you make an error, sign against any corrections or better still, destroy the cheque and write another.
- Never sign a cheque and leave the payee blank.
- Never accept a cheque from someone, unless you know and trust them. Be especially wary when accepting a high–value cheque; for instance if you are selling a car.
This involves a criminal posing as a legitimate business to gain access to your personal information or to encourage you to transfer funds to their accounts. Examples include:
- Fake websites, social media accounts or emails which are pretending to be genuine companies. They may offer deals which appear attractive, such as savings accounts with very high interest rates. What they are attempting to do is steal data through the completion of application forms or have you transfer deposits into bank accounts controlled by criminals.
- Being contacted by someone claiming to be from your bank to advise you that your account has been accessed by fraudsters. They may ask you to transfer your money into a ‘safe account’ to protect it, however the account is controlled by the criminals.
- Being contacted by your Internet Service Provider to try and improve your internet speed. They may ask to connect to your computer and ask you to log into various applications or folders to test the speed of your connection. What they are doing is getting access to secure passwords and login information.
- Being contacted by the police to help with a fraud investigation. You may be asked to transfer money or withdraw cash to aid the investigation however the reality is that they are criminals, posing as the police to steal your money.
We advise that you:
- Treat any requests out of the blue, whether via phone, email, or social media with suspicion especially where you are being asked to provide personal information or to transfer money.
- Fraudsters will frequently put you under pressure e.g. ‘you need to act now to protect your assets’, ‘if you don’t comply you are breaking the law’, ‘this offer is for a limited time and expires shortly’. Take time to consider the request and carry out further investigations to validate the request.
- Validate information you receive with other sources. Does the information match the company website? Do email addresses match previous communication?
- If considering a potential investment, make sure you check the FCA register and the FCA warning list to make sure you are dealing with a genuine firm. (Be aware that some scammers will use an FCA-registered firm’s genuine Firm Reference Number (FRN) so that when you check the FCA Register, they appear to be genuine.)
- Fraudsters can clone telephone numbers (displayed on caller ID) and can keep telephone lines open when you hang up. If you are making a call back to validate information; call a number from your bank statement or the company website and use a different telephone where possible. If you are a client, ask to speak to someone you know.
- Fake websites and social media accounts can at first sight appear convincing. Take time to read the content. Look for issues such as spelling mistakes and formatting errors. Navigate the website to see if the all the pages look as professional as the front page and click on the logo to see if it navigates back to the home page. Double check the website address / domain name looking for suspicious entries e.g. Arbuthn0t.com, Arbuthnot.net. Check the website is secure (https as opposed to http), or that there a padlock in the address bar. On social media accounts, review posts to see if there is regular business content. Review comments for indications there are concerns with the account.
- Finally, if an offer sounds too good to be true, it usually is.