How to protect

: 00

Helpful hints and tips to protect yourself against fraud

Telephone fraud

Vishing is a type of phishing scam that happens on the phone. The word vishing is a combination of ‘voice’ and ‘phishing’.

These are unsolicited phone calls from fraudsters which encourage you to give out your personal details, such as your card, PIN, Mobile Banking App activation/passcodes or card reader codes. The fraudsters can pretend to be your bank, the police, or any other official company.

 

  • How to avoid becoming a victim of voice phishing
  • Never give out your Mobile banking App activation codes and passcode
  • Never give your full Online Banking PIN, full Online Banking password or card reader codes to anyone over the phone, even a caller claiming to be from your bank or the police
  • If you get a call asking you for this information, end the call immediately
  • If you receive a suspicious or unexpected call, always verify the caller using an independently checked phone number such as a contact number from our website
  • If you receive a request to download software to connect to your computer, and you have not initiated the conversation with the company, decline to do so.

Text message fraud

Smishing is when a fraudster sends a text message to say there's a problem with your bank account and ask you to call a phone number. If you do so, fraudsters will try to trick you into giving away your personal and security information.

 

Other messages may be from fraudsters pretending to be your bank, saying that personal information about you has been posted on the internet and ask you to visit a website. Using the link in the message may lead to an attempt to infect your computer or mobile device with a virus.

 

The text may ask for sensitive information, such as pins or passcodes, tell you that you’re owed a refund, or that there is a problem with your account. There will be a sense of urgency to the message, encouraging you to act fast, open a link or respond to the message.

 

Remember to forward any suspicious texts referring to NatWest to the number 88355

 

How to protect yourself from smishing

 

  • Never give your full Online Banking PIN, full password or card reader codes to anyone via text
  • Do not text back the number or reply with 'stop' as this shows the number is live
  • Do not phone the number included in the message, as fraudsters will try to trick you into giving away personal information
  • Do not click on any links or type them into your browser, as your device or computer could be infected with malicious software
  • If you have already clicked on a link, it is advised to run a scan with your antivirus software to check your device for any malicious software.
  • Keep your phone's operating system up to date

 

Reporting a smishing text

If you think you have been targeted by a smishing scam, let us know. We will never ask you for your full PIN and full password by text or email.

 

Forward any suspicious texts referring to NatWest to the number 88355.

 

This is not a premium rate number. Standard network rates apply, please contact your network provider for more information on charges.

Sim Swap

SIM swap is a genuine service which allows you to keep your existing phone number and change between different SIM sizes or phone providers.

It is also a technique which is becoming increasingly common amongst fraudsters as it can provide them with the ability to utilise your mobile phone number, benefiting from all the functionality and services that would provide, such as receiving and making phone calls, receiving and sending SMS messages as well as using any provisioned data allowance.

 

If you have any concerns you should phone your telephone provider immediately to confirm whether a SIM swap has been undertaken, if it is confirmed you must phone your Bank/s, who may hold your mobile number as a contact for you.

 

How could it affect you?

 

If a fraudster is in control of your phone number they are able to contact individuals at your cost or at least at a cost to your phone provider.

If you utilise services with any providers who confirm activity, provide security login information or confirm transactions, fraudsters may use SIM swap as a way to intercept these messages, resulting in financial loss.

 

What should you do?

 

SIM swaps will be conducted by your phone providers either via requests in their shops, on their websites or verbally via their call centres. Sometimes you will receive SMS messages or email prior to a SIM swap taking place and if you hadn't actioned this request you must contact your Bank/s and phone provider immediately.

 

A SIM swap completion will also result in your phone losing signal or becoming unable to make calls, send messages or use data.

 

This can sometimes happen if there are wider issues impacting your phone provider, however if you lose service in a location that is normally good, it is worth considering why that might be. If you have any concerns you should phone your telephone provider immediately to confirm whether a SIM swap has been undertaken, if it is confirmed you must phone your Bank/s, who may hold your mobile number as a contact for you.

 

If there is a risk to your account, your Bank will confirm the best way forward to protect you from any risk.

 

Social media

Social networking sites such as Facebook, Twitter and LinkedIn are becoming more and more popular. The nature of these sites creates security risks, so you should always be cautious when using them.

These types of sites promote personal connections and communications, and require you to provide a certain amount of personal information.

However, the more information available, the easier it becomes for others to take advantage of your identity. In some cases, criminals could fraudulently exploit this to obtain products and services in your name.

Personal information could also be used to conduct a 'social engineering attack'. Predators may form relationships online and then convince unsuspecting individuals - often young people - to meet them in person, which could lead to a dangerous situation.

Top tips to help keep you safe whilst using social networks

  • Always limit the amount of information you provide - do not post information that could be used by third parties, such as your address home, school or workplace, date of birth, postcode, job title or information about your schedule or routine
  • Always read and understand privacy policies - some sites may share information such as email addresses or user preferences with other companies. For example, Facebook Inc. owns Instagram so shares data between platforms. It also may lead to an increase in spam and other unwanted emails.
  • Remember that the internet is a public resource - so think about how others will view any information you provide.
  • Don't speak to strangers - the internet makes it easy for predators and cyberbullies to attack, hiding behind their screens in the safety of their own homes. Be aware of people who seem too good to be true.
  • Be sceptical and maintain your integrity - don’t believe everything you read online. People may post misleading information about various topics, including their own identities, to lure you into a false sense of security

Social Networking Advice for Parents

Children may be more at risk from threats on social media than others. Parents should inform their children about internet safety and be aware of their online habits. Some useful tips are:  

 

  • Make sure your children understand how social media works and what happens when they postinformation online.
  • Keep your PC in a central, public part of your home
  • Set clear rules for your children's internet use
  • Use family safety or parental controls software

Using privacy settings to stay safe

All social networks have security settings that allow you to protect your information as much or as little as you like. Of course, stricter, less public settings are important if you want to keep potential fraudsters at bay. Make sure you understand how the privacy settings work on each of your accounts to help keep your social profiles secure

Email fraud

Sometimes you get emails pretending to be from legitimate sources,but they’re asking you to give away personal or private information.

This is called phishing.

What does phishing look like?

A phishing email may be disguised as one from the bank, or it may be a more obvious scam with strange logos and poor spelling

 

There are a few things to look out for:

  • The email address is different to usual emails from your bank
  • The message isn’t personalised or uses the wrong name 
  • The message says you need to take action to stop something from happening

 

If you do receive a suspicous email you can report it to us by forwarding it to phishing@natwest.com

 

Here are a few simple tips on how to spot a phishing email.

 

  • When you receive an email you should check it for signs that it may not be from the company it appears to be from.
  • Check the email address. Is it the same as the email address you usually receive emails from, or just similar?
  • Check the email subject line; anything along the lines of “There is a secure message waiting for you”, “Security Alert”, “System Upgrade” and so on should be treated as suspect.
  • Check the message is personalised with information like your name, your postcode or part of your account number. If it isn’t personalised at all then you should be suspicious.
  • Look for a prompt to click on a hyperlink or a button, or to download a file – something like “Verify your account or password” or “update your security details”. These will likely take you to a copycat website where you will be prompted to enter your full details.
  • Be suspicious of any message that creates a sense of urgency, such as “If you don’t respond within 48 hours, your account will be closed”. A legitimate company will not create a false sense of urgency.
  • Remember, never respond to any suspicious emails and don’t click on any links or attachments within them.

NatWest will never ask you for your full Online Banking PIN, full Online Banking password, activation codes or card reader codes.

 

Protect yourself from phishing

 

Fraudsters will ask for personal details that the bank or other real companies will never ask for. They may also ask you to take actions that seem suspicious.

 

Here are some examples of what a fraudster may ask you to do:

 

Hand over your Online Banking login details, activation codes, card reader codes or PIN numbers

Transfer money to an account giving you the details

Click through to a website that's not the bank's official website - check the address at the top.

 

How to report a phishing scam

 

If you think you have been targeted with a phishing email, let us know. 

 

Forward the email to us at phishing@natwest.com. You can also forward the email to Action Fraud, the National Fraud & Cyber Crime Reporting Centre at NFIBPhishing@city-of-london.pnn.police.co.uk.

Find out more info on staying safe whilst using our app