Sharp rise in fake TSB text messages and phishing emails

Action Fraud is warning the public about a sharp rise in fraudsters sending out fake text messages and phishing emails claiming to be from TSB.

Since the start of May, there have been 321 phishing reports made to Action Fraud – an increase on the previous month where 30 reports were made.
In the same reporting period, there have been 51 reports of cybercrime to Action Fraud which mention TSB – an increase on the previous month, where 24 reports were made.
Action Fraud and TSB are working together to combat fraud and help keep all consumers safe.

How is this happening?

The increase in the number of reports being sent to Action Fraud is in part linked to the system issue some TSB customers have experienced over recent weeks. Opportunistic fraudsters are using TSB’s system issue to target people with this type of fraud. TSB, or any bank, will never ask for a PIN, password or full memorable information by email or text.

Fraudsters are commonly using text messages as a way to defraud unsuspecting victims out of money. This is called smishing (SMS + fishing). Of the smishing attempts reported to Action Fraud, 80% requested that the recipient click onto a website link. The second most common delivery technique reported has been email.

Fraudsters are using specialist software which changes the sender ID on text messages so that it looks like messages are being sent by TSB. In some instances, this spoofed text is being added to existing TSB message threads on victim’s phones.

Should someone click on the link within a spoofed text message and enter their personal information, the fraudsters then call the victim back and persuade them to hand over their one off code from their mobile phone. The fraudsters can then empty the victim’s account.

How to protect yourself

Don’t assume an email or text is authentic:
Always question uninvited approaches in case it’s a scam. Phone numbers and email addresses can be spoofed, so always contact the company directly via a known email or phone number (such as the one on the back of your bank card).
Clicking on links/files:
Don’t be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected text or email. Remember, a genuine bank will never contact you out of the blue to ask for your full PIN or password.
Report it:
If you think you have received a phishing email or text, report it to us.
If you have received a suspicious TSB email, please do not respond to it, report it to us and also forward it to emailscams@tsb.co.uk

If you have been affected by this, or any other scam, report it to Action Fraud by calling
0300 123 2040, or by using the online reporting tool at www.actionfraud.police.uk

By clicking on one of these links you are departing from the regulatory site of Polestar IFA Neither Polestar IFA nor Positive Solutions is responsible for the accuracy of the information contained within the linked site.

Interested in any of these topics?

(01252) 626200