| M&S Bank |
Fraudsters will pretend to be someone they are not – like your Bank – and may spoof the number they are calling from to appear on your device as ‘M&S Bank’ or one of our contact numbers. We would never ask you for your security details, passwords or codes generated by your M&S Pass, to transfer money to a ‘safe account’ or to take any action bound by time pressure. On our website, we offer guidance for our customers to identify malicious contact. If you’re not sure it is your Bank calling, emailing or texting, stop. Just give us a call on the contact numbers you can find on our public website and on the back of your card. We also utilise various security controls including: One-time passcodes - this service provides a more secure online shopping experience for Visa and MasterCard® users. When making online purchases at a participating 3D Secure merchant you will receive a 6-digit passcode for some purchases, via text message to your registered mobile number, that needs to be entered to complete the transaction. Phone contact - If we notice something suspicious or need to get in touch with you, we may send you an alert by call or text message. While we may ask you to reply to messages, we’ll never: • Include a link to a log in page • Ask for your complete security number, password, or card number • Ask you for answers to your security questions. |
https://bank.marksandspencer.com/security/useful-information/ |
| TSB |
We will contact our customers using phone calls and text messages. Customers should always take the necessary precaution to ensure they are talking to who they think they are. Text Alerts - If we notice something suspicious or need to get in touch with you, we may send you an alert either by text message or an automated call. If it’s a text, it’ll be from “TSB”, While we may ask you to reply to messages, we’ll never: • Include a link to a log in page • Ask for your complete security number, password, or card number • Ask you for answers to your security questions. If you’re not sure whether a text or call is genuine, please give us a call on 0345 835 7998 One-time passcodes - When we need to verify who you are, we’ll send a unique code to the mobile you have provided us with. The text will state exactly what the code is for, like creating a new payee or resetting your password. You should never disclose what this code is. If you get a one-time passcode message you’re not expecting, please call us on 0800 096 8669 Calls – we might also call you. This could include an automated call. While we may ask you to verify your identity, we’ll never: • Ask for your PIN • Ask for your complete security number or card number. |
https://www.tsb.co.uk/fraud-prevention-centre/how-we-protect-you/ |
| Starling Bank |
We contact our customers in a number of different ways: • in-app messaging • phone calls • effective in-app warnings • email • one-time passcodes for 3DS via SMSWhenWhen our fraud prevention systems find something we think is unusual, we will take action immediately and endeavour to contact customers within 24 hours of noticing potentially high-risk behaviour on their accounts, or if we require any additional information. We also aim to reply to customer queries regarding account status within 24 working hours. By acting quickly, we’re helping to ensure accounts are as safe as possible. We always advise customers take the necessary precautions to ensure they are talking to who they think they are - we will never phone customers requesting any of the following:• security information • one-time passcodes via SMS • ask you to transfer money to a ‘safe account’ If customers are unsure whether a message is genuine, they can call us immediately on the number on the back of their debit card. |
https://www.starlingbank.com/mobile-banking-security/fraud/banking-fraud-control-comparison-data/ |
| Smile |
When fraud is suspected we will contact our customers using email, phone calls and text messages. Customers should always take the necessary precaution to ensure they are talking to who they think they are. We also utilise various security controls and offer guidance for identifying malicious contact on our website. Examples of the controls / guidance we offer include; *One-time passcodes - When we need to verify who you are, we’ll send a unique code to the mobile you have registered with us. The text will state exactly what the code is for, like creating a new payee. You shouldn’t tell anyone what this even somebody claiming to be from the Bank. If someone asks for the code but for a different reason than is stated in the text message, you shouldn’t answer them. If you get a one-time passcode message you’re not expecting, give us a call on +44(0)3457 212 212. Text Alerts - If we notice something suspicious or need to get in touch with you, we may send you an alert by text message. Email Alerts - If we notice something suspicious or need to get in touch with you, we may send you an alert by email. Phone call Alerts - If we notice something. |
https://www.smile.co.uk/global/security |
| Santander |
Online and Mobile Banking is designed to help make sure that you pay the right person and not a fraudster. Bank name - When you enter the sort code for the account you’re paying, we’ll show you the name of the bank it’s going to so that you can check it’s the right bank. Payment purpose - We’ll ask you to choose a reason for the payment. This lets us show you a message to help protect you from scams. For example, if you choose ‘House or large purchase’ we’ll show you a specific message asking you to check the bank details personally with your payee, to protect you against scammers who intercept emails and replace the payment details in them. Pay at a later time - You’ll be given the choice to make your payment straight away or to send it at a later date. Waiting to make the payment gives you time to change your mind, which is helpful protection as fraudsters are known to pressurise their victims and push them into making payments quickly. Confirmation to proceed - We’ll ask you to take a moment to check that:with the payment - the information you’ve given us is correct- you’ve read the messages we’ve shown you before you confirm you want to go ahead with the payment. If you use Telephone Banking or our branches to make payments, we’ve similar checks to help protect you. |
https://www.santander.co.uk/personal/support/fraud-and-security/our-approach-to-fraud-prevention |
| Royal Bank Of Scotland |
• We will send you a text when you create or update a payee using Online or mobile banking, with some details of the update • We will text or email you when you have updated your personal information, like your address, and advise us how to contact us if this isn’t right. • Sometimes we will send you updates via email, which might be about your account or about new products that might interest you. We will never send you a link to a login page for your Online banking• If we send you a text message, we will never include a link to login pages • Where we are concerned about a payment being made on your account, we may contact you either by text message or a phone call (using your most up to date mobile number) to alert you to any suspicions we have. This may require you to respond and confirm whether the transaction was genuine or not. • We advise customers if they have any suspicions, or if the call doesn’t feel right, to call us back from an independently verified phone number (such as the number on the back of your bank card) • We will never contact you and ask you to disclose your Online banking PIN or password. • We will never ask you to disclose card reader codes, app passcodes or activation codes. • Never transfer money from your account, either online or in branch, after being instructed to do so, even if that person claims to work for the bank. |
https://personal.rbs.co.uk/personal/fraud-and-security/fraud-control-data.html |
| Natwest |
• We will send you a text when you create or update a payee using Online or mobile banking, with some details of the update • We will text or email you when you have updated your personal information, like your address, and advise us how to contact us if this isn’t right. • Sometimes we will send you updates via email, which might be about your account or about new products that might interest you. We will never send you a link to a login page for your Online banking • If we send you a text message, we will never include a link to login pages • Where we are concerned about a payment being made on your account, we may contact you either by text message or a phone call (using your most up to date mobile number) to alert you to any suspicions we have. This may require you to respond and confirm whether the transaction was genuine or not. • We advise customers if they have any suspicions, or if the call doesn’t feel right, to call us back from an independently verified phone number (such as the number on the back of your bank card) • We will never contact you and ask you to disclose your Online banking PIN or password. • We will never ask you to disclose card reader codes, app passcodes or activation codes. • Never transfer money from your account, either online or in branch, after being instructed to do so, even if that person claims to work for the bank. |
https://personal.natwest.com/personal/fraud-and-security/fraud-control-data.html |
| Nationwide Building Society |
Nationwide use a variety of methods to contact members about potential fraudulent activity, including phone calls, text messages, emails and letters. If a member is ever in doubt that they are talking to Nationwide, they should hang up and call back on the number found on our website or on the back of their payment card. Fraudsters can be very convincing but knowing what to look for can help keep personal details and money safe. Our key messages: Remember, Nationwide will never ask you to:• log directly into the Internet Bank via an email, text or social media message,• answer security questions by email, text or direct message,• use, re-enable or re-sync your card reader over the phone,• update your information, directly from a link in an email, direct message or text,• transfer your money to a safe account for protection or “security purposes”,• Share with anyone any security codes, one time passcodes, card generate codes or PINs. And we'll always: • include the last four digits of your card number if we email, text or message you querying a suspicious transaction on your card,• include your postcode in any letters or emails, so you know it is Nationwide contacting you. Further information is available online related to our Automated Customer Contact and Card reader and text message codes including some helpful FAQ’s. |
|
| Metro Bank |
We get in touch with our customers in a number of different ways, including email, phone and text. We give them the following messages: Always take care if you’re contacted by anyone saying they’re from Metro Bank. If you’re not sure, disconnect the call and call the number on the back of your card (0345 08 08 500). We use one-time passcodes to verify a customer’s identity or a payment they have requested. We may send a unique code to the mobile number you’ve given us. The message will state exactly what the code is for, like creating a new payee. You shouldn’t tell anyone what the code is, other than to a Metro Bank colleague or entering it into the banking platform you’re on. If you get a one-time passcode you’re not expecting, or if someone asks for the code for a different reason than it says in the text message, don’t give it to them. Call us straightaway on 0345 08 08 500.Remember, although we may sometimes ask you to reply to text messages or send you e-mails with links, we will never: • Include a link to a log-in page • Ask for your complete security number, password or card number • Ask you for answers to your security questions • Ask you to transfer money to a ‘safe account’ If you’re not sure whether a SMS or email is genuine, please call us on 0345 08 08 500.Never post any personal or banking information on social media. |
|
| Lloyds Bank |
We will contact customers using phone calls, text messages and onscreen notifications. Customers are encouraged to always take the necessary precaution to ensure they are talking to who they think they are. We also utilise various security prevention and detection controls, which can trigger manual and automatic customer contact, examples include: One-time passcodes - When we need to verify who you are, we’ll send a unique code to the mobile we have registered for you. The text will state exactly what the code is for, and you shouldn’t tell anyone what this code is other than the bank. • New Beneficiary Recipient – When you set up a new beneficiary we will send confirmation to the mobile number we have registered for you. The text will state the date and time this was added to your account, and what to do if this wasn’t you. While we may ask you to reply to messages, we’ll never: • Include a link to the log in pages of our own websites. • Ask for your complete security number, password, or card number. • Ask you for answers to your security questions. We offer guidance for identifying both scam calls and messages on our website, however if you’re not sure whether a call, text or email is genuine, you can contact us on the following numbers: 03453 000000 – Lloyds. |
https://www.lloydsbank.com/help-guidance/protecting-yourself-from-fraud/bank-safely-how-we-protect-you.asp |
| Bank Of Ireland |
We will contact our customers using email, phone calls, text messages and by letter. Customers should always take the necessary precaution to ensure they are talking to who they think they are. We also utilise various security controls and offer guidance for identifying malicious contact on our website. Examples of the controls / guidance we offer include; One-time passcodes - When we need to verify who you are, we’ll send a unique code to the mobile you gave us when you opened your account. The text will state exactly what the code is for, like creating a new payee. You shouldn’t tell anyone what this code is other than a Bank ABC colleague. If someone asks for the code but for a different reason than is stated in the text message, you shouldn’t answer them. If you get a one-time passcode message you’re not expecting, give us a call on 0345 309 8099Text Alerts - If we notice something suspicious or need to get in touch with you, we may send you an alert either by email or text message. While we may ask you to reply to messages, we’ll never: • Include a link to a log in page • Ask for your complete security number, password, or card number• Ask you for answers to your security questions. If you’re not sure whether a text or email is genuine, give us a call on 0345 309 8099. |
https://www.bankofirelanduk.com/help-and-support/security-zone/ |
| Investec |
We contact our clients using phone calls, text messages, and emails. All clients should take care to ensure they are talking to a genuine member of staff. Investec will never: • Ask for your PIN • Request personal details or other sensitive information via email • Request you click on a link to access your account. Instead, we may interact with you in the following ways: One-time passcodes - When we need to verify who you are, we’ll send a unique code to the mobile phone number you gave us. The text will state exactly what the code is for, like creating a new beneficiary. These one-time passcodes should never be shared, and should only be used for the transaction they are intended for. Transaction SMS notifications – We send transaction notifications when you spend on your card as well as when a payment is made from your online bank account. This ensures you know what’s happening on your account when there is unusual spending. Email notifications – If suspicious activity is identified on your account and we can’t reach you through other means, we may email you requesting that you make contact. If you are unsure whether a call or email is genuine, do not hesitate to stop all communication (hang up or don’t respond to the email), and call us using a number from a trustworthy source or the 24/7 global client service centre. |
https://www.investec.com/en_gb/legal/know-fraud/data-transparency-fraud-prevention.html |
| HSBC Bank |
One-time passcodes - When we need to verify who you are – like when you need to swap your digital secure key from an old phone to a new phone or you pay for something online with your card – we’ll send a unique code to the most up to date mobile number we have for you. The text will say exactly what the code is for, like creating a new payee. This code should only ever be typed into your digital banking and never shared with anyone, including us. If you get a one-time passcode message you’re not expecting, give us a call on 03456 002 290.Text Alerts - If we notice something suspicious or need to get in touch with you, we may send you an alert either by email or text message. Check our text messages page to see what our regular text messages look like and also see some messages commonly sent by fraudsters. While we may ask you to reply to messages, we’ll never: • Ask you for self-generated codes from your secure key • Include a link to a log in page • Ask for your complete security number, password, or card number • Ask you for answers to your security questions. If you’re not sure whether a text or email is genuine, Stop. Don't click on any links. Don't open any attachments. Just forward the email to [email protected] and we'll investigate it or call us on the numbers below. |
https://www.hsbc.co.uk/help/security-centre/ |
| Halifax |
We will contact customers using phone calls, text messages and onscreen notifications. Customers are encouraged to always take the necessary precaution to ensure they are talking to who they think they are. We also utilise various security prevention and detection controls, which can trigger manual and automatic customer contact, examples include: One-time passcodes - When we need to verify who you are, we’ll send a unique code to the mobile we have registered for you. The text will state exactly what the code is for, and you shouldn’t tell anyone what this code is other than the bank. • New Beneficiary Recipient – When you set up a new beneficiary we will send confirmation to the mobile number we have registered for you. The text will state the date and time this was added to your account, and what to do if this wasn’t you. While we may ask you to reply to messages, we’ll never: • Include a link to the log in pages of our own websites. • Ask for your complete security number, password, or card number. • Ask you for answers to your security questions. We offer guidance for identifying both scam calls and messages on our website, however if you’re not sure whether a call, text or email is genuine, you can contact us on the following numbers: • 03457 203040 – Halifax. |
https://www.halifax.co.uk/aboutonline/security/protecting-yourself-from-fraud/bank-safely-how-we-protect-you/ |
| First Direct |
One-time passcodes - When we need to verify who you are when you need to swap your digital secure key from an old phone to a new phone we’ll send a unique code to the most up to date mobile number we have for you. The text will say exactly what the code is for, like creating a new payee. This code should only ever be typed into your digital banking and never shared with anyone, including us. If you get a one-time passcode message you’re not expecting, give us a call on 03456 100 100Text Alerts - If we notice something suspicious or need to get in touch with you, we may send you an alert either by email or text message. Check our Security Centre to find out more about fraud text alerts While we may ask you to reply to messages, we’ll never: •Ask you for self-generated codes from your secure key • Include a link to a log in page • Ask for your complete security number, password, or card number • Ask you for answers to your security questions. If you’re not sure whether a text or email is genuine, Stop. Don't click on any links. Don't open any attachments. Just forward the email to [email protected] and we'll investigate it. Alternatively, you can give us a call on 03456 100 100Or if you’re abroad, please call us on +44 113 234 5678. |
https://www.firstdirect.com/help/security-centre/ways-we-keep-you-safe/fraud-prevention/ |
| Danske Bank |
We will contact our customers using email, phone calls, text messages, secure mail from within our online channels and by letter. Customers should always take precautions to ensure they are talking to who they think they are. Fraudsters can ‘spoof’ genuine phone numbers, so never rely on this a verification that you are speaking to a member of Bank staff. Fraudsters often ‘spoof’ the number from the back of your debit card in an effort to make their call appear more legitimate. Text Alerts - If we need to get in touch with our customer, we may send them an alert either by secure mail to their eBanking or Business eBanking/District system or by text message. If it’s a text, it’ll be from the sender “Danske Bank”, however be aware fraudsters can make a message appear within the same conversation as a genuine message so care is required when they receive any message from us. If a customer is not sure whether a communication they receive from us, or purporting to be from us is genuine, they can give us a call on 0345 6031 534 (outside the UK: 0044289049219).Transaction Screening – We may contact our customers to discuss a payment created via our online channels. The purpose of this call will be to establish if this is a genuine transaction and some details relevant to the transaction. Whilst we will ask you some security questions to identify that we are speaking with the account holder, we will NEVER ask for your password or unique codes from your eSafeID device or codes sent to you by text message. We will also NEVER ask you to download any software when you are on a call with us nor will we ever ask for remote access to your computer, mobile device or tablet. |
https://danskebank.co.uk/personal/fraud-prevention |
| Co-Operative Financial Services |
When fraud is suspected we will contact our customers using email, phone calls and text messages. Customers should always take the necessary precaution to ensure they are talking to who they think they are. We also utilise various security controls and offer guidance for identifying malicious contact on our website. Examples of the controls / guidance we offer include; *One-time passcodes - When we need to verify who you are, we’ll send a unique code to the mobile you have registered with us. The text will state exactly what the code is for, like creating a new payee. You shouldn’t tell anyone what this even somebody claiming to be from the Bank. If someone asks for the code but for a different reason than is stated in the text message, you shouldn’t answer them. If you get a one-time passcode message you’re not expecting, give us a call on +44(0)3457 212 212. Text Alerts - If we notice something suspicious or need to get in touch with you, we may send you an alert by text message. Email Alerts - If we notice something suspicious or need to get in touch with you, we may send you an alert by email. Phone call Alerts - If we notice something. |
https://www.co-operativebank.co.uk/global/security |
| Clydesdale & Yorkshire Bank |
We contact our customers using email, phone and SMS. We authenticate customers using various security controls e.g. one time pass code, commensurate with the nature/risk of the activity being undertaken. |
|
| Barclays |
We contact you using phone calls, text messages or by letter. You should always take the necessary precaution to ensure who you are talking to is genuine, but if you are suspicious of who’s calling, a dedicated telephone number checker is found on the Barclays Website to verify it’s a Barclays number calling – head over to https://www.barclays.co.uk/digisafe/phone-number-checker/ to find out more.One-time passcodes - When we contact you, we will attempt to verify who you are, we’ll send a unique code to the mobile you gave us to verify your identity. The text will state exactly what the code is for, like creating a new payee or verifying an online secure transaction. You shouldn’t tell anyone what this code is other than one of our colleagues. If someone asks for the code but for a different reason than is stated in the text message, you shouldn’t answer them. If you get a one-time passcode message you’re not expecting, call our customer service team on 0800 400 100.Text Alerts - If we notice something suspicious or need to get in touch with you, we may send you an alert either by email or text message. If it’s a text, it’ll be from Barclays. While we may ask you to reply to messages, we’ll never:• Include a link to a login page. • Ask for your complete security number, password, or card number. • Ask you for answers to your security questions. Barclays Mobile App notifications - When you download our app, we will keep you updated with push notifications and reminders of the current fraud trends to keep you protected while online. If you’re not sure whether a text or email is genuine, give us a call on 0800 400 100 or (+44)2476 842 099.If you need to update your telephone number, contact the team using 0800 400 100 or simply log into your Barclays account online or via the app. |
https://www.barclays.co.uk/digisafe/ |
| Bank of Scotland |
We will contact customers using phone calls, text messages and onscreen notifications. Customers are encouraged to always take the necessary precaution to ensure they are talking to who they think they are. We also utilise various security prevention and detection controls, which can trigger manual and automatic customer contact, examples include: One-time passcodes - When we need to verify who you are, we’ll send a unique code to the mobile we have registered for you. The text will state exactly what the code is for, and you shouldn’t tell anyone what this code is other than the bank. • New Beneficiary Recipient – When you set up a new beneficiary we will send confirmation to the mobile number we have registered for you. The text will state the date and time this was added to your account, and what to do if this wasn’t you. While we may ask you to reply to messages, we’ll never: • Include a link to the log in pages of our own websites. • Ask for your complete security number, password, or card number. • Ask you for answers to your security questions. We offer guidance for identifying both scam calls and messages on our website, however if you’re not sure whether a call, text or email is genuine, you can contact us on the following numbers: 03457 213141- Bank of Scotland. |
https://www.bankofscotland.co.uk/securityandprivacy/protecting-yourself-from-fraud/bank-safely-how-we-protect-you.html |
| Ulster Bank |
• We will send you a text when you create or update a payee using Online or mobile banking, with some details of the update • We will text or email you when you have updated your personal information, like your address, and advise us how to contact us if this isn’t right. • Sometimes we will send you updates via email, which might be about your account or about new products that might interest you. We will never send you a link to a login page for your Online banking • If we send you a text message, we will never include a link to login pages • Where we are concerned about a payment being made on your account, we may contact you either by text message or a phone call (using your most up to date mobile number) to alert you to any suspicions we have. This may require you to respond and confirm whether the transaction was genuine or not. • We advise customers if they have any suspicions, or if the call doesn’t feel right, to call us back from an independently verified phone number (such as the number on the back of your bank card) • We will never contact you and ask you to disclose your Online banking PIN or password. • We will never ask you to disclose card reader codes, app passcodes or activation codes. • Never transfer money from your account, either online or in branch, after being instructed to do so, even if that person claims to work for the bank. |
https://digital.ulsterbank.co.uk/personal/security-centre/reporting-fraud.html |
