Sharp rise in TSB phishing scams, warn Action Fraud

OPPORTUNISTIC fraudsters have been sending out fake text messages and emails claiming to be from TSB.
By David Parker
Published 29th May 2018, 11:11 BST
Updated 29th May 2018, 12:18 BST

There has been a sharp rise in fraudsters sending out texts, known as smishing, and emails, known as phishing, puporting to be from the bank.

Action Fraud, the UK’s national fraud and cyber crime reporting centre, said the rise had come on the back of TSB’s computer system update which resulted in 1.9m users being locked out of their accounts.

Hide Ad
Hide Ad

It said opportunistic fraudsters had used the issue to target people.

Most Popular

    A spokesperson said: “Since the start of May there have been 321 phishing reports of TSB phishing made to Action Fraud.

    “This is an increase of 970% on the previous month.

    “In the same reporting period, there have been 51 reports of cybercrime to Action Fraud which mention TSB - an increase of 112% on the previous month.”

    Action Fraud said frausters were commonly using text messages as a way to defraud unsuspecting victims out of money. Known as smishing, this involves the victim receiving a text message purporting to be from TSB.

    Hide Ad
    Hide Ad

    The message requests that the recipient clicks onto a website link that leads to a phishing website designed to steal online banking details.  

    Although text messages are currently the most common delivery method, similar communications have been reported with fraudsters using email and telephone to defraud individuals. 

    In several cases, people have lost vast sums of money, with one victim losing £3,890 after initially receiving a text message claiming to be from TSB.

    Fraudsters used specialist software which changed the sender ID on the message so that it looked like it was from TSB.

    Hide Ad
    Hide Ad

    This added the spoofed text to an existing TSB message thread on the victim's phone. 

    The victim clicked on the link within the text message and entered their personal information.

    Armed with this information, the fraudsters then called the victim back and persuaded them to hand over their banking authentication code from their mobile phone.

    The fraudsters then moved all of the victim's savings to a current account and paid a suspicious company. 

    Hide Ad
    Hide Ad

    Action Fraud said customers could protect themselves by never assuming an email or text was authentic.

    “Always question uninvited approaches in case it's a scam,” said a spokesperson.

    “Phone numbers and email addresses can be spoofed, so always contact the company directly via a known email or phone number (such as the one on the back of your bank card).”

    Customers should also be wary of clicking on links or files which could give a fraudster access to personal or financial details.

    Hide Ad
    Hide Ad

    “Remember, a genuine bank will never contact you out of the blue to ask for your full PIN or password,” said the spokesperson.

    Anyone who has receieved a suspicious TSB email should report it to Action Fraud by visiting https://www.actionfraud.police.uk/report_phishing

    They should also forward the email to [email protected] 

    Fraud or cyber crime can be reported to Action Fraud by calling 0300 123 2040.

    Related topics:DoncasterSheffieldBarnsley