Email fraud and phishing

What is it, how to avoid it and what to do if it happens

What is phishing?

It's when you get emails pretending to be from legitimate sources, but they’re asking you to give away personal or private information.

How to spot a phishing email

Do they address you as sir or madam, or even just a general ‘loyal customer’? A genuine email will address you by your full name:

‘Dear Sir/Madam.’ ‘Dear loyal customer.’

Check the grammar and spelling

Are there sloppy spelling mistakes? Or poor grammar? This can be a big giveaway of a scam email. A real bank or company would not make mistakes like this:

‘Their seems to be a money taken out of you’re account. Pl3ase transfer to safe account asap.’

Phishing emails will usually include a harmful link. This might look like your bank’s genuine address, but will in fact direct you to a fake Pharming website; if you enter any personal details or Online Banking information into the fake site, the fraudster will see it.

Occasionally you could be asked to open an attached file to complete, and this too will capture your details and might also infect your PC with malware. Be wary of any email attachments or prompts to download any antivirus software. 

'There has been unusual login activity on your account. Open this link and enter your login details.’

Scare tactics are often used by scammers to make you worry so you’ll act without thinking it through. By taking a moment to think whether the email is genuine, you can stop yourself from playing into the fraudsters hands:

‘You are under attack! Someone is making fraudulent payments off your account! Act fast by transferring your money into this safe account.’

‘We’ve detected some suspicious activity on your account. Act fast or risk your money being taken.’

Is your account being threatened? No bank will close your account if you don’t do what they say.

‘Someone has attempted to access your account. Please click this link and login to your account. Failure to do so within 24 hours will result in restricted access to your account.’

Are you being offered something unexpected? Unfortunately, being the winner of a competition you never entered doesn’t happen. So don’t fall for it.

Protect yourself

Fraudsters will ask for personal details that the bank or other real companies will never ask for. They may also ask you to take actions that seem suspicious.

Here are some examples of what a fraudster may ask you to do:

Hand over your Online Banking login details, activation codes, card reader codes or PIN numbers

Transfer money to an account giving you the details

Click through to a website that's not the bank's official website - check the address at the top

Phishing can lead to pharming cyber attacks if the email contains a harmful link. Take a look at our guide to pharming so you know how to spot it.

What should you do if you’ve been a victim of fraud?

If you think you’ve fallen victim to a phishing scam, report it. 

Not only is it important to report phishing scams so we can handle any information you might have given away, but it’s also crucial to report these phishing emails so we can beat fraud.

Fraudsters will try and target as many people as they can, so if you report the phishing email to us, we can prevent it spreading further. 

Make sure you’re staying safe against all scams. Browse our fraud guide so you’re up to speed with the different types of scams. 

Something else we can help you with?