By clicking a retailer link you consent to third-party cookies that track your onward journey. This enables W? to receive an affiliate commission if you make a purchase, which supports our mission to be the UK's consumer champion.

Scam warning: fake Barclays text directing victims to phishing site

The bogus text leads victims to a website designed to steal online banking login details
Chiara CavaglieriSenior researcher & writer

Which? is urging bank customers to watch out for fake text messages, after uncovering a new Barclays phishing website designed to steal online banking login details.

In this latest example of a fake bank website, fraudsters first sent texts that told recipients a fictional new payee 'R Davies' had been added to their account before inviting them to click a link if this wasn't authorised.

This led potential victims to a website that used images and wording copied from the real Barclays website, asking for login details including their membership number, card details and proof of identity.

At present, Which? is not aware of any customers entering their details on this fake site. Anyone who is concerned that they may have done so, should contact the Barclays fraud department immediately.

Be more money savvy

free newsletter

Get a firmer grip on your finances with the expert tips in our Money newsletter – it's free weekly.

This newsletter delivers free money-related content, along with other information about Which? Group products and services. Unsubscribe whenever you want. Your data will be processed in accordance with our Privacy policy



Watch out for this fake Barclays text

The text below, shared by a keen-eyed Which? member, has been doing the rounds.

We've also shared a similar fake HSBC text that was spotted a few weeks ago and shared on our social channels to warn others.

Gallery

1 / 2

  • caption
  • caption

A large collection of images displayed on this page are available at https://www.which.co.uk/news/article/scam-warning-fake-barclays-text-directing-victims-to-phishing-site-aMZjY0T3VglB

A closer look at the fake Barclays site

The fake Barclays text includes a link to a website that wouldn't immediately arouse suspicion in the average person, particularly one who was distracted by the content of the message.

However, as we explain in this news story about fake shopping sites, you should work backwards from the end of the full web address to identify the unique domain name.

In this example, the real domain is highlighted - https.//barclays.uk.detect-attempts.com/ - and the subdomain (barclays.uk) is being used to make it seem like a genuine Barclays site.

According to Whois.net, the website in question was registered on 7 May 2020. By the time Which? came across this site on 11 May, most web browsers had already identified it as malicious - with the notable exception of Internet Explorer - although the website was still live.

We immediately reported detect-attempts.com to both Barclays and the domain registrar (Namesilo.com).

The site, shown below, has at the time of publishing still not been taken down.

What are banks doing to protect customers from phishing?

Criminals bet on the fact that texts such as the one involved in this scam look familiar - many banks do send messages like this, asking customers to confirm transactions for security purposes.

Last year, Barclays told Which? it has a Group-level policy that bans the use of phone numbers and URLs in any customer alerts or notifications, which was introduced following our annual online banking security test.

So, if you receive a text with a link or a phone number claiming to be from Barclays, our advice is to report it, then delete it.

Which? believes that other customers should know exactly what to expect when they receive a genuine message from their bank to make spotting fakes that much easier.

If a criminal uses your details to make unauthorised payments, these should be refunded by your bank under the Payment Services Regulations -as long as you haven't acted fraudulently or with 'gross negligence' (a high bar that goes beyond ordinary carelessness).

How to spot a bank scam

Your bank, and any other firm holding your financial details, should make it clear what it will NEVER ask you to do.

If you receive a message and you're concerned there really is a problem, give the organisation a call using a number you trust, not the number on the email. You'll find your bank's number on the back of your card.

Here are some other tips:

Do...

  • Check the wording of messages carefully. Does it address you impersonally or try to create a sense of panic? Both are common phishing tactics.
  • Pay attention to the URL of any website. Is there a spelling error or an unexpected domain?
  • Keep your browser and security software up to date, and run regular virus scans.
  • Mark unwanted emails as junk, as you can train these filters to recognise spam by marking offending emails as 'junk' rather than just deleting them.

Don't...

  • Click links or download attachments from emails and texts. Type web addresses into the address bar of your browser manually instead.
  • Rely on the caller display on your phone, as this can be spoofed, and never enter your card Pin into the keypad.
  • Let someone access your computer, or other devices such as a phone or tablet, unless you know the caller and their intentions.

Which? has launched a free Scam Alert email service. Sign up to receive warnings and examples of scams straight to your inbox as we uncover them.

More on this

Related articles

About Us

Which? Limited is registered in England and Wales to 2 Marylebone Road, London NW1 4DF, company number 00677665  and is an Introducer Appointed Representative (FRN 610689) of the following:


1. Inspop.com Ltd for the introduction of non-investment motor, home and travel insurance, who are authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, and travel insurance products (FRN310635). Inspop.com Ltd is authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel insurance products (FRN310635) and is registered in England and Wales to Greyfriars House, Greyfriars Road, Cardiff, South Wales, CF10 3AL, company number 03857130. Confused.com is a trading name of Inspop.com Ltd. 


2. LifeSearch Partners Limited (FRN656479), for the introduction of Pure Protection Contracts and Private Health Insurance, who are authorised and regulated by the FCA to provide advice and arrange Pure Protection Contracts and Private Health Insurance Contracts.  LifeSearch Partners Ltd is registered in England and Wales to 3000a Parkway, Whiteley, Hampshire, PO15 7FX, company number 03412386.


3. HUB Financial Solutions, for the introduction of equity release advice and an annuity comparison service, who are authorised and regulated by the Financial Conduct Authority (‘FCA’) to provide advice and guidance on financial products for those who have retired or are approaching retirement (FCA Firm Reference Number: 455713). HUB Financial Solutions is registered in England and Wales to Enterprise House, Bancroft Road, Reigate, Surrey RH12 7RP, company number 05125701.


4. Alan Boswell Insurance Brokers Ltd (FRN 301), for the introduction of non-investment landlord insurances, who are authorised and regulated by the Financial Conduct Authority to provide advice and arrange insurance contracts. Alan Boswell insurance brokers Ltd is registered in England at Prospect House, Rouen Rd, Norwich NR1 1RE, company number 02591252.


5.Stickee Technology Limited for the introduction of non-investment pet insurance, who are authorised and regulated by the Financial Conduct Authority (FCA) to arrange non-investment pet insurance products (FRN916665). Stickee Technology Ltd is authorised and regulated by the Financial Conduct Authority (FCA)  in England and Wales; 3rd floor, 1 Ashley Road, Altrincham, Cheshire, UK WA14 2DT Registered company number 06711740

 

Other financial services:


Mortgage service provided by London & Country Mortgages (L&C), Unit 26 (2.06), Newark Works, 2 Foundry Lane, Bath BA2 3GZ. London & Country are authorised and regulated by the Financial Conduct Authority (registered number: 143002). The FCA does not regulate most Buy to Let mortgages. Your home or property may be repossessed if you do not keep up repayments on your mortgage.


We do not make, nor do we seek to make, any recommendations or personalised advice on financial products or services that are regulated by the FCA, as we’re not regulated or authorised by the FCA to advise you in this way. In some cases, however, we have included links to regulated brands or providers with whom we have a commercial relationship and, if you choose to, you can buy a product from our commercial partners. 


If you go ahead and buy a product using our link, we will receive a commission to help fund our not-for-profit mission and our campaigns work as a champion for the UK consumer. Please note that a link alone does not constitute an endorsement by Which?.