Fake Halifax websites spotted by Which?

Don't be conned by fake emails, texts and calls from 'Halifax'
Chiara CavaglieriSenior researcher & writer

Chiara is an award-winning investigative reporter who specialises in banking and fraud, joining Which? in 2015 following six years as a personal finance journalist at a national newspaper.  

Halifax logo at a bank branch

Two fake Halifax websites have been shut down this week – after being reported by Which? – but we're warning customers to be on high alert for texts, emails and calls claiming to be from the bank. 

An uptick in online searches related to 'Halifax text scams' prompted us to do a little digging and we spotted two copycat websites within hours, both clearly aimed at tricking Halifax customers into sharing their online banking details. 

No business is immune to fraud, so scammers may impersonate any bank, but it's common for certain banks to be hit harder than others at different times. 

Here, we show you recent examples of Halifax bank scams and explain how to report phishing to protect others. 

Sign up for scam alerts

Our emails will alert you to scams doing the rounds, and provide practical advice to keep you one step ahead of fraudsters.

Sign up for scam alerts
Sign up

Fake Halifax emails, texts and calls

Some of the most convincing scams feature domains (the unique, easy to remember 'address' for a website on the internet, such as which.co.uk) that seem connected to genuine companies. 

We searched for likely permutations until we found one that was clearly aimed at impersonating Halifax, as it referred to 'halifaxbankuk' (the real Halifax online banking domain is halifax-online.co.uk). We found another fake website that was still live thanks to a report sent to our Scam Sharer Tool, which used Halifax branding in an attempt to steal login details, as you can see from the screenshot below. 

We immediately reported these to Halifax and both were taken down later that same day. 

Which? also regularly shares details of suspicious websites reported to us with the National Cyber Security Centre (NCSC), helping to get many more shut down. 

Other examples of Halifax phishing attempts shared with us in recent weeks include:

  • Fake Halifax emails claiming that 'in line with Financial Conduct Authority (FCA) regulations, from 22 August 2025, biometric authentication will be required for all account access. To ensure you can continue to access your account without interruption, please complete the re-authentication process'.
  • Scam phone calls from the 'Halifax fraud department' about 'suspected fraud of over £800' – one member reported that the call was highly convincing until the scammer got insistent about replying to a text. The real Halifax later confirmed a £900 purchase had been pending. 
  • Bogus Halifax text messages about attempted Argos transactions asking 'Do you recognise this? Reply 'N' for NO, or 'Y' for YES'.

Halifax told Which?: 'Protecting our customers from fraud is our priority, and we actively search for fake websites which try to impersonate our brands. We have taken the appropriate steps to have these websites removed, however this also requires prompt action from the registrar hosting the domain itself. Fraudsters relentlessly target the customers of large companies, which shows why it is vital that tech firms do more to crack down on the criminals using their platforms to impersonate major brands.'

Screenshots of fake Halifax websites created by scammers

How to spot banking scams

Your best defence against any fake you might come across is time, so don't rush or panic when you're contacted by someone claiming to be from your bank or any other business – take a minute before you act. 

The safest thing to do is contact that business using a trusted source (such as the number on the back of your debit card or on its official website) to ensure the message or phone call was genuine. Barclays, Monzo and Starling even let customers quickly confirm if a call is genuine via their apps. 

You can also make some checks yourself. 

Remember that you can't always trust the phone number or sender ID displayed on your phone when you receive a call or text message, as these can be spoofed. But, if a message is directing you to click a link, does the web address look right? Is that the usual email address your bank uses?

You can also discover information about a website, including details of the registrar and the date it was created, using a tool such as ICANN.

If a website was only recently created, it doesn't belong to your bank. 

Reporting bank scams

Banks and the registrars who inadvertently sell domains to scammers must work together to remove malicious websites quickly, to limit the damage and spread. 

You can do your bit too. 

If you come across a suspicious website, report this to the National Cyber Security Centre (NCSC). Google also offers a 'Safe Browsing' tool in a bid to remove malicious content from its search results. 

You can forward suspicious emails to the NCSC at report@phishing.gov.uk and flag fake messages as 'phishing' to your email provider to help stop scams in their tracks. 

For fake text messages, forward the text to 7726 so that your network can investigate the message and block the sender.

More on this

About Us

Which? Limited is registered in England and Wales to 2 Marylebone Road, London NW1 4DF, company number 00677665  and is an Introducer Appointed Representative (FRN 610689) of the following:


1. Inspop.com Ltd for the introduction of non-investment motor, home and travel insurance, who are authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, and travel insurance products (FRN310635). Inspop.com Ltd is authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel insurance products (FRN310635) and is registered in England and Wales to Greyfriars House, Greyfriars Road, Cardiff, South Wales, CF10 3AL, company number 03857130. Confused.com is a trading name of Inspop.com Ltd. 


2. LifeSearch Partners Limited (FRN656479), for the introduction of Pure Protection Contracts and Private Health Insurance, who are authorised and regulated by the FCA to provide advice and arrange Pure Protection Contracts and Private Health Insurance Contracts.  LifeSearch Partners Ltd is registered in England and Wales to 3000a Parkway, Whiteley, Hampshire, PO15 7FX, company number 03412386.


3. HUB Financial Solutions, for the introduction of equity release advice and an annuity comparison service, who are authorised and regulated by the Financial Conduct Authority (‘FCA’) to provide advice and guidance on financial products for those who have retired or are approaching retirement (FCA Firm Reference Number: 455713). HUB Financial Solutions is registered in England and Wales to Enterprise House, Bancroft Road, Reigate, Surrey RH12 7RP, company number 05125701.


4. Alan Boswell Insurance Brokers Ltd (FRN 301), for the introduction of non-investment landlord insurances, who are authorised and regulated by the Financial Conduct Authority to provide advice and arrange insurance contracts. Alan Boswell insurance brokers Ltd is registered in England at Prospect House, Rouen Rd, Norwich NR1 1RE, company number 02591252.


5.Stickee Technology Limited for the introduction of non-investment pet insurance, who are authorised and regulated by the Financial Conduct Authority (FCA) to arrange non-investment pet insurance products (FRN916665). Stickee Technology Ltd is authorised and regulated by the Financial Conduct Authority (FCA)  in England and Wales; 3rd floor, 1 Ashley Road, Altrincham, Cheshire, UK WA14 2DT Registered company number 06711740


6. Travel Insurance Facilities Plc (FRN306537), for the introduction of travel insurance, who are authorised and regulated by the Financial Conduct Authority (FCA) to arrange non-investment insurance contracts. Registered in England under company number 3220410 at Suite 12, 20 Churchill Square, Kings Hill, West Malling, Kent, ME19 4YU.

 

Other financial services:


Mortgage service provided by London & Country Mortgages (L&C), Unit 26 (2.06), Newark Works, 2 Foundry Lane, Bath BA2 3GZ. London & Country are authorised and regulated by the Financial Conduct Authority (registered number: 143002). The FCA does not regulate most Buy to Let mortgages. Your home or property may be repossessed if you do not keep up repayments on your mortgage.


We do not make, nor do we seek to make, any recommendations or personalised advice on financial products or services that are regulated by the FCA, as we’re not regulated or authorised by the FCA to advise you in this way. In some cases, however, we have included links to regulated brands or providers with whom we have a commercial relationship and, if you choose to, you can buy a product from our commercial partners. 


If you go ahead and buy a product using our link, we will receive a commission to help fund our not-for-profit mission and our campaigns work as a champion for the UK consumer. Please note that a link alone does not constitute an endorsement by Which?.