Social engineering

Whilst you might not be familiar with the term 'Social Engineering' it is one of the most common tactics used by Fraudsters today. Social Engineering is the attempt to manipulate an individual into willingly transferring their funds or surrendering full access to their Digital Banking over to the fraudsters under the belief that this is a genuine action when it is not.

Fraudsters will pose as genuine companies, such as Microsoft, the police, or even your own bank or utility company / internet service provider in an attempt to have you willingly transfer funds to them. This could be disguised as a 'refund', returning part of an overpayment or transferring money to a 'safe account' to prevent fraud. It is becoming more and more common for fraudsters to trick their victims into downloading 'remote access' software (such as Teamviewer), usually under the guise of fixing an issue on the computer or internet. Once the software has been downloaded and the fraudster has full access to the machine, the fraudster will then have their victim log into Digital Banking before turning the screen blank - this leaves the criminal with full and open access to your Digital Banking via your own machine. No genuine company would ever require access to Digital Banking following a remote access.

These particular criminals can sound genuine; however there are a few key things to remember:

  • The call will always be unexpected and involve some form of incentive. This could be a claim that you are due a refund for goods you purchased some time ago, perhaps computer software.
  • If the fraudster poses as a member of our fraud team, you may be asked to move your money to a holding account - of course this is not a holding or 'safe' account, it is the criminal's account.
  • They will often suggest that you hang up and call back (either using the number on the back of your bank card or even dialling 999!) however, some fraudsters have the ability to forcefully keep a phone line open for up to 2 minutes, meaning that you will just reconnect to the fraudster who will confirm that they are genuine. This loophole in some phone lines is actively being closed down by the telecoms companies but is currently a live issue that you must be aware of.
  • If the fraudster advises that you are due a refund they may ask you to tell them or directly input the 4 digit security code from your internet banking, into our automated authentication call - remember, our authentication calls are only used to make payments, never to receive a refund. Inputting this code will be sending money out of your account NOT receiving it.
  • Some fraudsters will seek your permission to access your computer remotely, this may be to 'remove software' or perform a 'system clean'. Never allow access to your machine by people you don't know.
  • We will never ask you to transfer your own money as a result of confirmed or potential fraud.
  • If you receive a suspicious phone call, hang up and wait for over 2 minutes before calling us or simply dial from another phone number (fraudsters can only hold a landline open, this isn't currently possible on a mobile).
  • If you receive an automated call with a 4 digit security number - you are paying money out of your account, this action is never used as part of a refund.
  • Never allow remote access to your computer to anyone you don't know or whilst logged into Internet Banking.

Report it

If you think you are a potential victim of fraud, please contact us as soon as possible. 

Call: 03459 758 758

Textphone: 0345 835 3843

If you have received a suspicious email, please do not respond to it but forward it to emailscams@tsb.co.uk

External Support

For more information on how to keep yourself secure online, you might find the following useful.

Get Safe Online
Cyber Aware

Call

Call

Bank over the phone 24/7 using our automated service - call 03459 758 758.

Telephone Banking
Visit

Visit

Find your nearest branch or cash machine using our Branch Locator tool.

Find branches