Scottish Building Society supports the industry awareness campaign Take Five, which offers straight-forward and impartial advice to help you protect yourself against financial fraud.
If you receive a request to provide personal or financial information, you need to take a moment to reflect and step back from the situation. Yes, even if they say they’re the bank or other trusted organisation, you still need to take the time to stop and think about what’s really going on.
Deep down, you probably already know these basic rules on how to beat financial fraud – you just need to take a breath and stay calm enough to remember them.
Requests to move money:
A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account. Only give out your personal or financial details to use a service that you have given your consent to, that you trust and that you are expecting to be contacted by.
Clicking on links/files:
Don’t be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected email or text.
Always question uninvited approaches in case it’s a scam. Instead, contact the company directly using a known email or phone number.
Don’t assume an email or phone call is authentic
Just because someone knows your basic details (such as your name and address or even your mother’s maiden name), it doesn’t mean they are genuine. Be mindful of who you trust – criminals may try and trick you into their confidence by telling you that you’ve been a victim of fraud. Criminals often use this to draw you into the conversation, to scare you into acting and revealing security details. Remember, criminals can also make any telephone number appear on your phone handset so even if you recognise it or it seems authentic, do not use it as verification they are genuine.
Don’t be rushed or pressured into making a decision
Under no circumstances would a genuine bank or some other trusted organisation force you to make a financial transaction on the spot; they would never ask you to transfer money into another account for fraud reasons. Remember to stop and take time to carefully consider your actions. A genuine bank or some other trusted organisation won’t rush you or mind waiting if you want time to think.
Listen to your instincts
If something feels wrong then it is usually right to question it. Criminals may lull you into a false sense of security when you are out and about or rely on your defences being down when you’re in the comfort of your own home. They may appear trustworthy, but they may not be who they claim to be.
Stay in control
Have the confidence to refuse unusual requests for personal or financial information. It’s easy to feel embarrassed when faced with unexpected or complex conversations. But it’s okay to stop the discussion if you do not feel in control of it.
If you’ve taken all these steps and still feel uncomfortable or unsure about what you’re being asked, never hesitate to contact your bank or financial service provider on a number you trust, such as the one listed on their website or on the back of your payment card.
Your bank or the police will never:
Phone and ask you for your PIN or full banking password, even by tapping them into your phone keypad.
Ask you to withdraw money to hand over to them for safe-keeping.
Ask you to transfer money to a safe account for fraud reasons, even if they say it is in your name.
Send someone to your home to collect cash, PIN, cards or cheque books if you are a victim of fraud.
Ask you to purchase goods using your card and then hand them over for safe-keeping.
Fraud over the phone – or Vishing – is when a fraudster calls claiming they’re from your bank or some other trusted organisation. It is easy for them to convince you too, since they can both fake the telephone number on the screen and do their research to find out some of your basic bank and personal details. Remember though, a genuine bank will never ask you for personal or financial details like your PIN number or full banking password (even by tapping it into your phone keypad).
5 things to look out for on a scam phone call:
The caller doesn’t give you time to think, tries to stop you speaking to a family member or friend or is insistent and makes you feel uncomfortable.
The caller asks you to transfer money to a new account for fraud reasons.
They phone to ask for your 4-digit card PIN or your online banking password. Even if they ask you to give it to them by tapping into the telephone keypad rather than saying the numbers out loud, this is a scam.
They ask you to withdraw money to hand over to them for safe-keeping.
They may say that you are a victim of fraud and offer to send a courier to your home to collect your cash, PIN, payment card or cheque book.
Text Message Scams
A text might not be from who you think – Smishing is when criminals pretend a message is from your bank or another organisation you trust. They will usually tell you there has been fraud on your account and will ask you to deal with it by calling a number or visiting a fake website to update your personal details. Please take a moment to stop and think and realise this is the fraud…
3 signs a text message might not be genuine:
It asks you to provide sensitive personal or financial information, passwords, or to make transactions by following a link in the message.
It asks you to call a certain number but that number is unknown to you. In this case, call your bank on a number that you trust to check the number and message is authentic. E.g. – such as the number on the back of your card.
The sender uses an urgent tone, urging you to ‘act now’.
Criminals don’t just try and contact you by phone and text, they also ‘phish’, contacting you by email too. So always be suspicious of unsolicited emails that are supposedly from your bank or some other trusted organisation because the address can easily be faked. Never automatically click on any links they contain either, not before stopping to check if they seem genuine first.
7 ways to spot an email you’ve been sent is a scam:
The sender’s address doesn’t match the website address of the organisation it says it’s from. Roll your mouse pointer over the sender’s name to reveal its true address.
The email doesn’t use your proper name – using something like “Dear customer” instead.
There’s a sense of urgency, asking you to act immediately.
There’s a prominent website link which may seem like the proper address, but with one character different.
There’s a request for personal information.
There are spelling and grammatical errors.
The entire text of the email is within an image rather than the usual text format and the image contains an embedded hyperlink to a bogus site. Again roll your mouse pointer over the link to reveal its true destination.
Online fraud covers everything from online shopping to online banking, but one thing can help prevent both: take the time to install the built-in security measures most browsers and many banks offer.
These can help protect you whether the criminals are trying to dupe you with fake pop-ups in your online banking window, sending you ‘scam alert’ messages hiding malware, or faking retailer websites to make you input your financial details.
They contain vital security updates which help protect your device from viruses and hackers. Security updates are designed to fix weaknesses in software and apps which could be used by hackers to attack your device and steal your identity. Installing them as soon as possible helps to keep your device secure. You can choose to install updates at night when you are asleep and your device is plugged in or set your mobile or tablet to automatically update your apps when you are connected to Wi-Fi and an update is available. You can also set laptops and desktops to automatically install software updates when an update is available.
For more information: