NatWest phishing scam: how to spot a dodgy bank email

Look out for a scam email that claims the phone number on your account has been changed
Tali Ramsey

Scammers are impersonating NatWest in phishing emails designed to scare recipients into handing over their bank details. 

These emails involve fraudsters attempting to deceive NatWest customers into entering their online banking login information on a dodgy website.

Read on to learn more about how the scam works and for advice on spotting a phishing email. 

 Outsmart the scammersour free scam alert service can help you spot and avoid the latest scams

NatWest scam email

This email informs you that you have successfully updated the mobile phone number on your account, and says a one-time passcode has been sent to your old phone number to carry out the request. 

This is designed to panic you into thinking someone has accessed your account and changed the contact details without you knowing. 

The email then tells you to click on a link to cancel the request if you didn’t make it.

This message might look genuine at first glance, but there are a couple of giveaways that it’s a scam. First, the email doesn’t come from an official NatWest email account (ending @natwest.com). Instead, it comes from an address ending @natwestsecure.com. 

The email also begins ‘Dear Customer’, rather than addressing you by name.

NatWest phishing website

If you click on the link in the email, you’ll be taken to a page that mimics NatWest’s online banking login page. However, if you look at the URL at the top of the page, you’ll see that it contains a string of random words rather than a genuine NatWest domain.

Additionally, you’ll notice that the email contains strange formatting and errors, most noticeably in the phrase ‘Online Bankingservices’.

If you enter your customer number and password on this website, you’ll be handing them to the scammer, giving them access to your bank account.

Reporting scam emails and websites

A genuine email from NatWest will always contain at least one identifiable piece of information, such as your name or partial postcode.

If you’ve entered your bank details on a dodgy website, inform your bank immediately using the phone number on its website or on the back of your card. You should also report the scam to Action Fraud.

You can forward scam emails to report@phishing.gov.uk. To report them to your email provider, select ‘Report Spam’ on Gmail, ‘Report phishing’ on Hotmail or forward emails to abuse@yahoo.com from a Yahoo account. 

Dodgy websites can be reported to the National Cyber Security Centre.

More on this

Related articles