Social engineering is the act of manipulating people into doing what you want. In terms of online fraud, it usually involves tricking people into disclosing passcodes, login details or other confidential information.
You can protect yourself by:
- Not disclosing confidential information over the phone unless you're sure that the caller is really who they say they are. If in doubt, ask for the caller's phone number, satisfy yourself that it is genuine, and only then call them back
- Never sending confidential information by email. It can easily be intercepted by a third party, and companies like ours will never ask you to email personal details, account information or passcodes
- Keeping your credentials (PINs, passcodes and memorable words) confidential at all times. Banks, including us, will never ask you to disclose this type of information.
Phishing, vishing & smishing
Phishing is the process of attempting to acquire confidential information by sending out emails that direct you to bogus websites or phone lines. These emails claim to be from a particular company, but are actually sent by fraudsters, often at random. Any information you disclose on these bogus websites or phone lines is captured by the fraudsters.
Similar techniques are used over the telephone using Voice (vishing) or the use of SMS (smishing).You can protect yourself by treating any unsolicited emails, calls or texts that ask for confidential information as suspicious. If in doubt, contact the company that supposedly sent you the message to make sure that it's genuine.
The courier scam is when fraudsters call and trick you into handing your cards and PIN numbers to a courier on your doorstep. There are many variations of the scam, but it usually follows this method:
- A fraudster will cold call you on a landline, claiming to be from your bank or the police. They’ll tell you their systems have spotted a fraudulent payment on your card or it is due to expire and needs to be replaced
- In order to reassure you that they’re genuine, they suggest that you hang up and ring the bank/police back straight away. However, they don’t disconnect the call from the landline so that when you dial the real phone number, you’re actually still speaking to the fraudster
- They then ask you to read out your PIN or type it on your phone keypad. They may ask for details of other accounts you hold with the bank or financial service provider
- Finally, they send a courier to you to collect your bank card. The fraudster will have then obtained your name, address, full bank details, card and PIN.
Protect yourself against courier fraud:
- Your bank will never send a courier to your home
- Your bank and the police will never collect your bank card
- Your bank and the police will never ask for your PIN
- If you receive one of these calls end it immediately.
W-8BEN Form scam
The W-8BEN form is a legitimate US tax exemption document, however fraudsters have been using the W-8BEN format to get personal details such as mother's maiden name, passport number, date of birth, PIN numbers and passcodes. The fraudulent forms are being sent under the guise of anti- money laundering regulations claiming to review client information and asking that the form be completed.
Please be advised that we’ll never ask you for your passcode or memorable word in this manner. If you receive such a form do not reply to it.
If you believe you may have replied and provided this information please contact us immediately.
Barclays job offer email scam
This scam involves someone offering, via an email or website, an opportunity to gain employment within Nigeria at "THE NEW BARCLAYS NIGERIA BANK PLC" office. In this scam you are asked to provide various personal details although ultimately you will be accepted for the role. The scam also requires that, before your employment can start, you must pay an advanced fee in lieu of your starting date.
Please note that Barclays is in no way associated with THE NEW BARCLAYS NIGERIA BANK PLC, nor with this scam and the offer of employment which it promises. Moreover, the Barclays office in Nigeria is in Lagos only. Therefore, please ignore any request which conforms with this scam and delete the email.
Additional income email scam (money mules)
Most UK bank accounts won't let you make online cross-border transfers from overseas. Since most online fraudsters tend to be based outside the UK, they need money mules to launder the funds they receive from their scams.
Money mules receive funds into their accounts and send it to the fraudsters using a wire transfer service, minus their commission. They're recruited through a variety of methods, including spam emails, genuine recruitment websites, approaches to people whose CVs are available online, instant messaging and newspaper ads.
This scam offers you the chance to earn some easy money for a few hours' work each week, but beware: handling money that's been obtained fraudulently is a crime. You can protect yourself from becoming involved by:
- Treating any unsolicited job offers with suspicion, especially if the company is based overseas
- Verifying the details of any company that you're considering working for
- Not giving your bank account details to anyone that you don't know and trust
- Remember the golden rule: If it sounds too good to be true, it probably is.
Lotto prize and advance fee scams
These scams are variations of the same type of fraud, in which the victim is asked to make a payment in return for receiving a substantial amount of money. Advance fee fraud is also known as West African or 419 fraud. In both types of scam, the fraudster will claim the money is available but a payment is needed to help cover transfer or administrative costs.
Lotto fraud payments tend to be low to start with and increase as the victim becomes more engaged with the scam. In contrast, the payment requested in advance fee fraud is usually quite high - often £15,000 or more.
To protect yourself:
- Treat any such requests for money with suspicion
- Be aware that these requests can be made not only by phone, but by email, letter, or even in person, and can look and sound legitimate
- Don't respond to any unsolicited communications promising prize money in return for payment
- The Metropolitan Police website contains detailed information about these frauds. If you'd like to learn more, see lotto fraud and advance fee fraud.
Boiler room scams
Boiler room scams are scams where 'companies' contact clients generally out of the blue either by post, email or telephone and offer them shares in a company at a supposedly heavily discounted price. They’ll often use hard sell tactics to persuade the client to buy the shares e.g. creating a sense of urgency or using a persistent and aggressive style. This pressurised tactic is why they’re referred to as boiler room scams.
The company that they’re trying to sell may be listed on an illiquid market so the shares cannot be sold. Or they could be a small unquoted company that the broker claims is planning to list. In other cases the company itself may not exist or the share certificates delivered are fake.
The Financial Conduct Authority has published a list of firms that they are aware operate in this manner.
In general the bulk of these firms operate overseas with hotspots being in Spain, Switzerland, Dubai, Japan, Bermuda and the US and are therefore outside the remit of the Financial Conduct Authority. However, these firms are likely to have a UK registered address and a name which suggests legitimacy.
Both inexperienced and experienced people have been affected by this type of scam with a typical victim losing around £20,000.
Further information on boiler room scams can be obtained from the Financial Conduct Authority.