Banking Fraud

What is it?

Banking fraud is when criminals gain access to your bank account using your personal details and passwords, and take money from your account.

Banking fraud can occur through three channels:

  • Internet banking
  • Telephone banking
  • Mobile phone banking (in-app)

Criminals employ a range of social engineering techniques to trick you into giving away their personal and financial information, such as login details and one-time passcodes. They often impersonate trusted organisations – such as banks, HMRC, broadband providers – to get this information. They may also steal your personal information by intercepting your mail. The stolen details are then used to access your account and make an unauthorised payment.

Criminals may also try to gain access to your bank account through ‘remote access’, meaning they persuade you to give them control of your computer. Criminals claim to be providing support from an internet service provider, for example, and convince you to download programmes to your computer, giving them control of the device. They can then use this to access your accounts.

HOW TO SPOT BANKING FRAUD:

  1. Your business’s account details have somehow been changed and you may not be able to access your account
  2. New payees, direct debits and standing orders have been set up on your business’s bank account that you didn’t authorise
  3. There are transactions on your business’s bank statement you don’t recognise

EXAMPLES OF BANKING FRAUD:

ADRIAN:

Adrian* was trying to keep his children entertained when he received an urgent text message from ‘his bank’ informing him about a problem with his bank account. He was told to ring the number provided immediately to update his personal details. Upon speaking to ‘an employee’ from his bank, who confirmed Adrian’s full name, address and recent transactions, he was told the bank had detected suspicious activity on his account and he needed to provide them with new personal information. The ‘employee’ informed Adrian that in order to process the change of details he would receive a One-Time Passcode which he was to share with them. Moments later, he was told the problem with his account had been resolved.

Unknowingly Adrian had given access to his bank account to a criminal.

A couple of days later, he logged into his internet banking and discovered new payees and direct debits set up which he had never authorised. He contacted his bank immediately to resolve the issue.

JACKIE:

Jackie* was sorting out her household bills one day when she received a call from someone claiming to be from her energy provider. She was told that she was due a refund on a recent transaction due to an administrative error. Jackie questioned the caller’s credentials, but they were able to verify her personal details and her energy account information. The caller asked Jackie to confirm her bank account details so that company could process the refund.

Jackie had no idea how a criminal could have so much of her information so despite some reservations she read out her account details. The caller said it would take a few days for the refund to appear on her account.

The next week Jackie checked to see if the funds had come through but instead found many transactions that she did not recognise. Only then did she realise she had been scammed.

SOPHIE:

Sophie* was working from home one day when she received a call from her broadband provider. Her connection had been rather slow that day and although she was busy she thought it would be useful to take their call as it might speed things up. She knew that criminals made contact over the phone to try and scam people but the caller verified some of her personal information so she stayed on the line and followed their instructions.

The caller convinced Sophie to download some software to improve her broadband speed which she did. The download allowed the caller to take control of her device. The caller advised Sophie to log into her online banking in order to check everything was working okay. Unfortunately, the fraudster was also able to see all of her information due to the software download and access her internet banking information. Days later Sophie realised she’d been scammed when she checked her bank account.

*Case studies are based on insights from partners

If you believe you’ve fallen for a scam, contact your bank immediately on a number you know to be correct, such as the one listed on your statement, their website or on the back of your debit or credit card.

Report it to Action Fraud on 0300 123 2040 or via actionfraud.police.uk. If you are in Scotland, please report to Police Scotland directly by calling 101 or Advice Direct Scotland on 0808 164 6000.

Always remember

Only provide organisations that you trust and have given consent to with your personal or financial details

Question uninvited approaches and contact companies directly using a known email or phone number

Contact your business’s bank immediately if you identify transactions on bank statements that you don’t recognise

Just because someone knows details about your business doesn’t mean they’re genuine

Be wary of unexpected or suspicious looking pop-ups that appear during your online banking session

Check the online banking security options your business’s bank may provide

If you have visited a website you think is suspicious you can report it to the National Cyber Security Centre.

Identity Theft

Summary: Identity theft is when your personal information is stolen and used to open bank accounts apply for plastic cards and loan...
Read more

Payment in Advance

Summary: Also known as an advance fee scam, this is when you’re convinced to pay an upfront fee in order to receive a prize/service...
Read more

Ticket fraud

Summary: If you are thinking of buying tickets to a live event remember to look out for the signs of ticket fraud and follow the Ta...
Read more

News

Summary: People under 35 are more at risk from impersonation scams. People under 35 are more likely than older age groups to have b...
Read more

General Advice

Summary: Criminals use a wide range of methods to commit fraud and scams. In authorised push payment scams (APP), criminals trick...
Read more

Business Advice

Summary: Business owners and senior managers are often unaware of the fraud risks that can affect them. The impact of fraud and sc...
Read more

Toolkit

Summary: We want organisations, businesses and individuals to be able to spread the message and get involved in the campaign so...
Read more

Scam warning: Criminals may purport to be from Take Five, using our official branding on websites, social media posts, literature, on the phone or by text. Take Five doesn’t provide endorsement or approval for any products/services and would never call or text anyone.

Close