Banks are warning about a recent string of fraudulent text messages which aim to convince people something is wrong with their accounts so they unwittingly hand over their personal details to scammers.
Santander is the latest in a series of high street banks that have been imitated by the scammers. It is warning people to delete the text immediately.
The text scam, also known as ‘smishing’, is designed to convince victims to hand over their personal details, pay money or download a virus – all attempts to scam people out of money.
How the scam works
The fraudsters are using specialist software to alter the sender ID so the message appears to come from Santander. And it can often be added to an existing chain of messages on the victim’s phone.
The message says that their security team has tried to get in touch about the person’s online account and urges them to click a ‘secure link’ to avoid account suspicion.
Santander has used its social media accounts to warn anyone who has received the text not to click on the link, delete the message and to email the bank at smishing@santander to report the text.
Have you received a message like this pretending to be from Santander? If so, do NOT click the link – it is a scam. Remember, never enter your online banking details after clicking on a link in an email or text. https://t.co/eqxYRB4qVd pic.twitter.com/CGSv298sYW
— Santander UK (@santanderuk) March 16, 2018
Many people who have replied to the social media warnings have said they’ve received the message even though they don’t bank with Santander.
Halifax, Lloyds, NatWest have also been plagued by the scam.
How to protect yourself from smishing
Smishing scams can be sophisticated, closely resembling legitimate messages from well-known banks or credit card providers. But you can take steps to avoid falling prey to these tactics.
- Be wary of unsolicited text messages: If a financial provider contacts you out of the blue, proceed with extreme caution. If your bank does need to contact you, they will generally ask you to call their customer service centre rather than seeking an answer on the spot.
- Call your financial institution for confirmation: Any time you receive a message claiming to be from your bank or credit card provider, always call its customer service centre to confirm its validity.
- Check for inaccuracies or spelling mistakes: While mistakes can happen, financial firms rarely issue messages with spelling and grammar errors. Scammers sometimes use bad English on purpose to ensure that only the most vulnerable people take their bait.
- Don’t respond if an SMS seems fishy: Any response to a smishing message may confirm that your mobile number is active, potentially exposing you to future scam attempts. If you think there is any chance the message may be fraudulent, don’t text back at all
- Report scams to the police: If you believe you’ve received fraudulent text, report it to the Action Fraud at www.actionfraud.police.uk or by calling 0300 123 2040
Tips from the banks
The banks have all posted warnings on their websites and given some tips on how to avoid the scams. All of them said they would never:
- ask you to confirm personal or financial information.
- link to their online banking sign-in page, or a page that asks for security or personal details.
- ask you to carry out a test payment online.
- ask you to move money to a new sort code and account number, even if it’s described as a ‘secure’, ‘safe’ or ‘holding’ account.