Phishing

Emails, text messages and websites might not be what they seem. If you receive an email, text message or phone call and you are unsure whether it is legitimate, you should never provide your personal details. Instead, contact the company directly using a number or method you know is genuine.

You receive an email that looks like it comes from us asking you to log on and check your account. It looks real, so you might be tempted to click on the link and enter your personal information, such as user ID / password / security details into the website. Wait a minute. If you do, you will be handing over your details to a fraudster who wants to take your money.

Phishing scams are used by criminals to lure victims, by email, text or phone, into handing over valuable information such as credit card and bank account numbers, passwords and log on details, which can be used to commit fraud. We will never send you an email, text or a website link asking you to enter your Internet Banking or card details.

Impersonal greetings and probing questions

A phishing email will not be personally addressed to you but may begin with 'Dear valued customer'. The fraudster or fraudulent website may ask for lots of sensitive personal information such as passwords, Internet banking log on details, contact details or credit card numbers or even information about the account details of your mobile phone provider.

Urgent warnings

A phishing email may say things like 'we need to verify your account information' or quote 'security issues with your account'. This is designed to create a sense of panic in an attempt to make you respond without thinking.

Bad spelling and formatting

The wording of the email may have poor grammar and spelling. The fake website may look slightly different with an alternative layout or misspelt words, although this isn't always the case.

We will always:

  • Quote your last four digits of your account number at the top of the email. By default this will be your primary account. Remember a fraudster does not know these details.
  • Use links to our official web pages a page on www.tsb.co.uk. - We will never link directly through to our Internet Banking log on page or ask for your personal details.
  • Greet you personally using your name.
  • We will only ever use the following sender addresses - tsb@email.tsb.co.uk, donotreply@tsb.co.uk, tsb@tsbinsurance.co.uk or haveyoursay@email.tsb.co.uk
  • To confirm the email is genuine, make sure all the above apply. If you're not sure, call us using a phone number you know is valid - either on the back of your card or in our 'report it' section.

If you want to update your email address log on to Internet Banking and select Personal details from the left-hand menu.

  • Limit the amount of personal information you make public on the Internet, including social networks. It could be used against you.

  • Treat all email with a degree of caution. The sender's or return address can be faked. The email header and website link can also be manipulated.

  • If you are unsure of any embedded link, hover your mouse over it. This should show you the full web address. If this does not link to a www.tsb.co.uk webpage, it is likely fraudulent.

  • If you are suspicious, don't click on any link embedded in the message as it may link you to a fraudulent webpage or even contain a virus. If you want to be sure, search for the genuine website using a search engine. Remember, we will never link from an email directly through to your Internet Banking log on page or to a page that asks for your security or personal details.

Report it

If you think you are a potential victim of fraud, please contact us as soon as possible.

For all credit an debit card related fraud, please call 0800 023 4113. (Lines are open 24/7)

For disputed transactions, please call 0345 835 7926. (Lines are open between 9am-5pm Monday to Friday)

For all non card related fraud, please call 0800 096 8669. (Lines are open 24/7)

To report a lost or stolen card outside of these hours, please call us on 0800 015 0030.

Some customers have made us aware they're receiving emails, phone calls, texts and tweets claiming to be from TSB. We'd never ask you for security details such as PIN, username or full password. Fraudsters might. If you have received anything suspicious, don’t reply, don’t click any links or open any attachments. Forward it to emailscams@tsb.co.uk and let us take it from there. And, so you know, we won't call you using this number either.

External Support

For more information on how to keep yourself secure online, you might find the following useful.