It’s been said that the British are one of the world’s most polite nations. At times this may be to our advantage but when encountering fraudsters fronting potential phone scams, the opposite is true.  

According to a report by UK Finance, a trade association for the banking and financial services sector, losses from telephone banking fraud rang in at £6.8m in the first six months of 2023.

Phone scams or ‘vishing’ occurs when fraudsters make contact by phone pretending to be a trusted organisation such as your bank, government department or company in order to extract personal information like passwords and financial details. To seem more authentic, they may already have some details about you from a previous data breach.

Our fraud specialist says: “Many of us now refuse to answer telephone calls from an unknown number, for fear that it could be a scam. We dread receiving a text message, purportedly from our bank or a delivery firm, again due to concerns that it might be from fraudsters.”

Letting calls from an unknown number go straight to voicemail allows you to stay in control and gives you time to think about next steps.

• Always be suspicious of a call from your bank. Imagine you’ve been woken up late at night when you would undoubtedly be on high alert and reluctant to give out any information. Do the same with a phone call supposedly from your bank – whatever the time of day.
• Call back at your convenience using an official customer number on a website. If possible, call from a different phone or allow some time in between so you’re sure the scammer hasn’t kept your phone line open.
• The length of the phone call. The bank has seen instances when a vishing call lasted for hours, during which time criminals try to persuade the caller to pass on their security details, he says. Remember a genuine call is unlikely to last for more than a few minutes. 

He also warns businesses and employees to be aware of criminals who ‘spoof’ phone numbers. This is when the number they use to contact you on looks the same as a known organisation. 

UK Finance works with the regulator Ofcom to create a ‘do not originate’ (DNO) list of inbound-only telephone numbers that would not be used to call customers. An example might be the number on a bank card which is reserved for reporting problems to the bank. Any outgoing calls from this number would have been spoofed.

1. An unexpected call from the bank’s fraud department claiming there’s a problem with your account, followed by an attempt to persuade you to reveal security information, including codes to authorise payments. Callers need you to disclose security codes to approve any payments they’ve created during the call.
2. Someone from the bank asking for information regarding your other accounts. “Your bank will already have this information,” he says, “and we won’t ask you to disclose details relating to accounts held with other banks.” 
3. Being asked to install a file on your computer: Your bank won’t ask you to do this. Similarly a cold caller asking you to install a file, open a file or visit a website by scanning a QR code – this is the hallmark of a ‘remote access’ scam. Find out more about malicious software.
4. A caller asking you to visit their social media account as proof of who they say they are. Genuine bank staff won’t ever do this.
5. Being pressured to report a crime to Action Fraud whilst speaking to the bank – this is usually a trick to distract from what could be happening. 
6. Enter a series of numbers into your handset – this could be a ruse to set up ‘call forwarding’ on your phone. Call forwarding means the scammer can intercept all calls intended for you. With access to details like account numbers, they can use valuable information to scam you. 

Visit our Fraud Hub for upcoming webinars and practical tips for protecting yourself and your business from falling victim to fraud.