While fraud and scams are not new, advances in technology give criminals more ways to attempt to access your money. Getting to know the techniques they use can help you protect yourself and your money.
Fraud or scam?
In everyday use, the words fraud and scams are used interchangeably. However, we think it’s useful to use clear definitions.
Fraud happens to you, scams happen with you.
Examples of fraud would be having your card skimmed, identity theft and computer malware which steals your details. In these cases, you're not aware of what the criminals are doing and haven't given your authorisation.
Examples of scams would be where a criminal attempts to convince you to send them money, give away access to your bank details or launder money. Scams actively involve you as the account owner and work though engineering a situation to make you believe it’s genuine, so you give your authorisation.
Below we’ve listed some of the most common types of fraud and scams. Please also check our Latest fraud updates page for the latest techniques we see being used by criminals.
If you think you've responded to a scam or been a victim of fraud, call us anytime on 0800 9 123 123 and report it to Action Fraud on 0300 123 2040.
Remember the following advice so that if someone contacts you pretending to be someone they're not, you can spot them easily.
- Take time to think about what they are saying and hang up or end the conversation if you are unsure.
- Don’t feel under pressure to act straight away – talk to family and get a second opinion if you feel uncomfortable. No genuine organisation will mind you doing this.
- A genuine bank or organisation will never contact you unsolicited to ask for your PIN, full password or to move money to another account.
- Don’t give out personal or financial details unless it's to use a service that you've signed up to, and you’re sure that the request for your information is directly related to that service.
- Never let somebody talk you into downloading software, or to log on to your computer or other devices, such as your mobile phone or a tablet, remotely during or after a cold call.
- Never agree to transfer or hand over money to anybody without independently double-checking the details are genuine.
If you do get a suspicious looking email or text, here's some important advice.
- Look very carefully at emails or texts that come out of the blue supposedly from a bank or another trusted organisation.
- An unsolicited text or email from your bank or other genuine organisation will never ask you to provide passwords, personal or financial information in a message.
- Be extremely wary of links and attachments and never enter your banking details after clicking on a link. An email link may take you to a fake website which imitates Santander.
- Watch out for language that says things such as ‘you must act’.
- If you get an email or text from somebody asking you to change some payment details don’t do it without checking it out thoroughly first.
- If in any doubt at all, don’t reply. Phone the organisation sending you the text or email on their official phone number which you can look up on their website.
If you're concerned or think you've responded to a scam email or text or given your details out to the wrong people, you should call us first on 0800 9 123 123 and report it to Action Fraud on 0300 123 2040.
Remote access scam
Remote access scams attempt to convince you to allow them access to your Online Banking. These are often cold calls from scammers who say that they're from telecommunication or computer companies or (for businesses in particular) an IT department or Technical Support.
The warning signs are:
- a cold-caller says they can fix your slow computer or refund you money
- an unexpected call from someone claiming to be from your IT department or Tech Support
- the caller asks you to give permission for them to remotely access your computer
- the caller asks for your banking or personal details.
These callers will ask you to log on to your Online Banking, to check it's not been impacted by the fault, and then attempt to remotely access the computer to 'help' you with the problem.
Giving anyone remote access allows them to release malicious software and gain access to personal data.
Phishing - email scams
Email scams, or phishing, is one of the most popular ways for scammers to find victims. These days criminals will send out emails that can look very convincing. It might be that they pretend to be your bank or a utility company, or possibly pose as a builder or solicitor you use. They might also offer you too good-to-be-true investment opportunities or even pretend to be someone you know.
Here are a few tell-tale signs to help you spot a phishing email:
- the sender’s email address doesn’t match the website address of the organisation it says it’s from
- the email is impersonal and doesn’t address you by your name e.g. it just says Dear Sir/Madam
- there’s a sense of urgency, asking you to act immediately
- there’s a request for personal information
- there’s a website link which may seem like the proper company address, but on close inspection is slightly different from the real address
- there are spelling or grammatical mistakes.
Smishing - text scams
Just as with email scams, sometimes it can be very difficult to know if a text message from your bank is real or not.
Criminals will sometimes use a tactic called ‘number spoofing’ where they make it look as if their text is from your bank (or other organisation) – they can even make them appear in the same thread alongside genuine messages.
This is used as another way to hook you in to a conversation and trick you to take action to reveal information or send money.
Invoice scams send an invoice or bill requesting payment or request changing your payment details.
Often appearing as being sent from legitimate suppliers, they attempt to either convince you to make a payment or change the existing payment details of genuine suppliers so you pay into the criminal's account.
The contact email address given may only include a minor amendment, giving the impression it's correct. Or you may receive an email directly from an individual that you have dealt with previously, this email account may have been hacked so look out for unusual grammar or requests to change your usual payment details.
If the request comes in postal form on headed paper, look out for minor discrepancies such as a change in font or a change in the usual payment details.
Telephone or courier scam
This is where criminals persuade customers to hand over their credit and debit cards or to transfer funds from their account. This scam usually involves a call purporting to be from Santander, the police or another financial institution.
The caller may:
- suggest you call the number on the back of your card or 999 for verification (the scammer does not hang up and stays on the line while doing this)
- want to arrange to have your debit and credit cards collected by a courier
- ask you to key in your PIN using your telephone keypad
- advise that another account has been set up to keep your money safe and urge you to transfer your money to the new account immediately
- insist that it is necessary for you to act urgently to protect your funds
- ask you to withdraw and handover cash along with your card as needed for forensic evidence
- ask that you do NOT discuss the reason for withdrawal with branch staff.
Free trial scam
There are an increasing number of 'free trial' offers on the internet, for products such as Acai berries, slimming products, teeth whitening or a free credit report and score. Unfortunately these offers are not always as good a deal as they appear to be and there are often hidden costs in the terms and conditions.
Some of these 'free trial' offers are outright scams, others are simply misleading and rely on you not reading the additional terms and conditions.
The warning signs are:
- you may be offered a product trial where you only have to pay a small fee for shipping and handling
- you need to enter your card details but there appears to be no reason for doing so
- the deal probably seems too good to be true
Spoofing (caller ID scam)
Telephone number spoofing is when a caller deliberately falsifies how their phone number appears on the Caller ID to disguise their identity. Criminals are increasingly targeting consumers over the phone; posing as bank staff, police officers and other officials or companies in a position of trust. They try to persuade their victim their accounts are at risk and they must move their money to a new account.
If you question the caller about giving out personal details or moving your money, they ask you to check the caller ID of the phone number they’re calling from, which they have masked, or ‘spoofed’ to look like your bank’s phone genuine number.
Be wary of all contact made out of the blue and always follow our top tips to help protect yourself.
Changes to the pension laws in 2015 gave people the opportunity to take money out of their pension once they reach 55 years old. The unwanted side effect of these pension freedoms is that criminals now targeting the over-55s to withdraw their pension and place it into other 'adventurous schemes'.
The warning signs are:
- unsolicited approaches about releasing money from your pension before you're 55 (you cannot release money if you’re younger than 55)
- unsolicited approaches about investing money from your pension under the new rules
- being asked for personal details such as phone number or financial information
- being offered 'cash back' or a 'savings advance' from your pension
- being promised high returns on investments or joining up bonuses
- being asked to move money quickly (sometimes offering an express courier service for documents to be signed).
Advance fee scams
Advance fee scams contact people by email, letter, or phone asking for help moving money from one country to another with the promise you'll receive a commission for doing so. They ask for an admin fee from you to start the process, which you never get back.
These often involve countries such as Nigeria, Togo, Ivory Coast, Iraq, or South Africa.
The warning signs are:
- a badly-written email or letter
- asked for an upfront fee to help release the larger amount of money.
People persuaded to unwittingly launder money are known as 'money mules'. Criminals look to dupe people into laundering money on their behalf by offering what looks like a legitimate job often advertised on the internet or in the newspapers.
The job involves receiving money into your account and withdrawing those funds and sending the money on, while retaining a proportion of the funds as your commission.
Please be aware that:
- the money you are asked to transfer is normally stolen or the proceeds of crime
- handling the proceeds of crime could result in criminal prosecution
- your accounts could be frozen and potentially closed
- wages retained by you as part of the transfer will be recovered from your account, and you may be liable for the full value of the funds you received
- details of your involvement may be shared with other banks, making the opening of another bank account difficult.
This is where someone is persuaded to bank a cheque on behalf of someone else.
This can be a new acquaintance, or friend of a friend, asks to bank a cheque, withdraw the funds and pay them. A variation is when selling an item online, the buyer sends a cheque for a greater amount and asks you to forward or transfer back the excess amount.
Although different scenarios the outcome is the same. The cheque normally bounces and the customer suffers the loss.
Investment scams are better known as boiler room fraud due to the intense, high pressured sales techniques used to convince you to invest in worthless and or non existent shares.
Contact is made out of the blue by an individual who appears professional and may offer investments in a variety of commodities such as land purchase, carbon credits or vintage wine to name a few. The share offer is supposed to provide the investor an excellent return in a short time frame.
The warning signs are:
- unsolicited or cold calls
- a persistent sales technique
- limited-time only offers giving you no time to consider the nature of the investment
- company names which sound very familiar or have a slight variation to a legitimate company
- secrecy of your investment is encouraged to ensure maximum returns
- issue of false share certificates, research reports or other documentation to make the investments seem credible
- professional looking websites in order to make their business appear legitimate.
Please remember that cold-calling to sell shares or investments is illegal. Dealing with an investment criminal will almost certainly result in you losing your money.
SIM swapping happens when fraudsters ask their victims' mobile phone operator to issue a new SIM card so that they can access mobile banking messages. The victim’s SIM card is deactivated and the messages are instead received on the fraudster’s device. Fraudsters often obtain the details required about the victim’s mobile phone through phishing (see above).
Santander has developed award-winning SIM swapping detection technology, but customers should be aware of any issues with their mobile phone which could be related to SIM swapping.
The warning signs are:
- receiving an unexpected text message advising that your SIM is transferring
- losing network connection for an unusual length of time in a place where you would normally have a connection
- your phone showing the message ‘invalid SIM’ or ‘no SIM’.
If you think any of the above has happened with your phone please contact your mobile phone service provider immediately using the number displayed on their website.
How to protect yourself:
- set a secure password with all phone service providers
- dispose of your phone bills securely
- keep your phone switched on at all times – this way you’ll notice if it’s not working.
Identity theft affects over 100,000 people every year. With a few personal details, a criminal can open new bank accounts, get new credit cards, claim benefits and apply for official documents like a driving licence - all in your name, and all traceable to you.
The warning signs are:
- 'lost' mail, for example your bank statements or credit card bills suddenly stop arriving
- your rubbish bags have been tampered with
- you start getting bills you don't recognise
- strange Direct Debits or payments appear on your account.
How to protect yourself:
- shred sensitive information - never simply throw it away or recycle it
- delete suspicious emails from organisations requesting personal information – remember, we'll never ask for such information by email
- think twice before giving out personal information
- if you move house, redirect your mail
- use online bank statements instead of printed, posted ones.
Contactless card fraud
Contactless payments are relatively new, and a quick and convenient way to pay especially if remembering a PIN or using a fiddly number pad is a problem.
Contactless card fraud can occur if your card is stolen or temporarily taken away from you, allowing criminals to tap it at payment terminals or skim the card details.
Banks have controls in place to limit this but to keep yourself safe just make sure you keep hold of your card all the time. And if you do lose your card or have it stolen, report it to your bank as soon as possible.
And don’t believe some reports in the media about ‘in pocket’ contactless machines that mean fraudsters can steal your money by just walking close to you, it’s nonsense!
Cash machine skimming
Using a cashpoint is easy, convenient and almost always safe. But sometimes criminals tamper with cash machines to steal your card information, or PIN.
Here are a few things to look out for when you use a cashpoint.
- A device might be placed over the card slot which scans your card details, or a fake keypad may have been placed over the top of the real one. Look out for parts of the cashpoint machine that appear a different colour or material to the rest.
- Tiny cameras the size of a pinhead can be drilled into cash machines which photograph you and your card while you take cash out. Look out for damage or possibly stickers that could be trying to cover up damage where holes have been drilled.
- Someone could simply be looking over your shoulder while you’re taking out cash to try and see your PIN. Then they find a way to take your card by distracting you.
Keeping yourself safe at the cashpoint:
- if the cash machine looks like it has been tampered with, don't use it
- when entering your PIN, cover it with your hand
- look out for anybody standing too close or trying to distract you.