Security Centre lightbox

Phishing

Criminals will sometimes attempt to lure you into entering your details at a fake but genuine looking website. Fraudsters then use your details to access your accounts and steal your identity or money. Criminals can also use links or attached files within emails as a way to infect your computer or device with malicious software (malware) - these are known as phishing emails.

Here's how to spot a phishing scam:

When you receive an unsolicited email you should check it for signs that it may not be from the person/company it appears to be from.

  • Check the email address - Is it the same as the email address you usually receive emails from, or just similar.
  • Check the email subject line - anything along the lines of "There is a secure message waiting for you", "Security Alert", "System Upgrade" and so on should be treated as suspect.
  • Check the message title - if it reads 'Dear Customer' or 'Dear Valued Customer' or if isn't personalised at all, then you should be suspicious. Phishing emails will not usually include your name.
  • Be wary if the email asks you to click on a hyperlink or a button to download a file. Wording such as 'verify your account or password' or 'update your security details' should be viewed as suspicious – they are likely to take you to a copycat website where you may be prompted to enter personal details which can be used to commit fraud.
  • Be suspicious of any message that creates a sense of urgency, such as 'If you don't respond within 48 hours, your account will be suspended'. A legitimate company will not create a false sense of urgency.
  • Check the grammar and spelling for mistakes or inconsistencies.

Top Tip! You can hover your mouse pointer over hyperlinks (or buttons) to see the underlying website URL.


Remember:

  • Ulster Bank will never ask you for your full PIN or password.
  • Never respond to any unexpected or suspicious emails.
  • Don't click on any links or attachments within unexpected or suspicious emails
  • Report suspicious emails
  • If you have received a fraudulent or suspicious email, and not responded to it, please forward the email to phishing@Ulster Bank.com

If you have responded to the email and/or you think that any of your accounts have been accessed by someone other than yourself, call us immediately on 0370 010 1913. When calling from abroad please dial +44 125 230 8047.

Find out more on staying safe online:

-Text message (SMS) phishing

-Voice phishing (telephone approaches)

-How to protect yourself

Distraction theft

...at an ATM

Don't get distracted...when using your card and PIN at a cash machine. Criminals may use distraction techniques at ATMs to steal your card and/or cash. They may tap you on the shoulder to get your attention or act as a “helpful stranger”.

For example they may tell you that you have dropped some money, and while your attention is elsewhere, another member of the criminal team steals your card and/or cash. Once the criminal has your card and has viewed you entering your PIN, they will carry out fraudulent card transactions.

...or in a shop

Criminals have also been known to target victims after watching them enter their card PIN in a shop; while one criminal asks for directions or change, another steals their card.

How can you protect yourself from becoming a victim of distraction theft?

  • Don’t let anyone distract you during your transaction at a cash machine or in a shop, even if they seem to be a “helpful stranger”
  • Be aware of others around you when using a cash machine. Avoid using a cash machine if you see suspicious individuals nearby
  • Remember to always shield your PIN at a cash machine or while paying by card
  • When you’ve finished a transaction, take your cash quickly and discreetly put your card away before leaving the cash machine

If your card is lost or stolen, or kept by an Ulster Bank cash machine, you should report it to us immediately. 

More about the latest threats
Secure Banking Promise We put your safety and security first

Whether you’re banking online or using our Mobile Banking app, rest assured you are protected by our Secure Banking Promise.

1.We'll refund any money paid out of your account by a fraudster, as long as you’ve kept your security information secret

2.We'll protect you 24/7 by monitoring your account and using the latest technology to keep you safe

3.We'll help you protect yourself with tips on staying secure and free tools for extra protection

Remember to take sensible precautions

We suggest you keep your antivirus and firewall software up to date and download our free Rapport security software from Trusteer.

Suspicious emails

Criminals will sometimes attempt to lure you into entering your details at a fake but genuine looking website. Fraudsters then use your details to access your accounts and steal your identity or money. Criminals can also use links or attached files within emails as a way to infect your computer or device with malicious software (malware) - these are known as phishing emails.

Here's how to spot a phishing scam:

When you receive an unsolicited email you should check it for signs that it may not be from the person/company it appears to be from.

  • Check the email address - Is it the same as the email address you usually receive emails from, or just similar.
  • Check the email subject line - anything along the lines of "There is a secure message waiting for you", "Security Alert", "System Upgrade" and so on should be treated as suspect.
  • Check the message title - if it reads 'Dear Customer' or 'Dear Valued Customer' or if isn't personalised at all, then you should be suspicious. Phishing emails will not usually include your name.
  • Be wary if the email asks you to click on a hyperlink or a button to download a file. Wording such as 'verify your account or password' or 'update your security details' should be viewed as suspicious – they are likely to take you to a copycat website where you may be prompted to enter personal details which can be used to commit fraud.
  • Be suspicious of any message that creates a sense of urgency, such as 'If you don't respond within 48 hours, your account will be suspended'. A legitimate company will not create a false sense of urgency.
  • Check the grammar and spelling for mistakes or inconsistencies.

Top Tip! You can hover your mouse pointer over hyperlinks (or buttons) to see the underlying website URL.


Remember:

  • Ulster Bank will never ask you for your full PIN or password.
  • Never respond to any unexpected or suspicious emails.
  • Don't click on any links or attachments within unexpected or suspicious emails
  • Report suspicious emails
  • If you have received a fraudulent or suspicious email, and not responded to it, please forward the email to phishing@Ulster Bank.com

If you have responded to the email and/or you think that any of your accounts have been accessed by someone other than yourself, call us immediately on 0800 161 5151. When calling from abroad please dial +44 125 230 8047.

More on reporting fraud
Security Credit card fraud

To report credit card fraud call 0370 600 0459. If you are calling from abroad, please call (+44) 126 850 0813. (Calls may be recorded, and calls from overseas may cost more).

More on reporting fraud
Security Debit card, cheque and bank account fraud

If you are calling from abroad, please call (+44) 131 549 8186 (Calls may be recorded and calls from overseas may cost more).

 

More on reporting fraud
Card and PIN scams

Fraudsters will sometimes attempt to trick you into handing over your bank cards and PINs - this is ofter known as a courier card scam.

What to look out for

- The scam starts with an unexpected phone call from someone claiming to be from the bank's fraud department, the police, or National Fraud Authority.

-The caller will claim to have identified fraudulent transactions on your account and that your card has been compromised.

-To gain your trust they may ask you to verify the call by phoning the telephone number printed on the back of your card, or give you another number to call.

-This technique holds your phone line open, so that when you try to dial out, they can intercept and re-answer the call, claiming to be the Bank or Law Enforcement.

-The fraudster will advise that your bank card must be collected to protect your card and assist an investigation. Usually they ask you to put your card into an envelope for a courier to collect and provide you with a fake reference number.

-Now you'll be asked to enter your PIN into the phone, or put it into the envelope with the card. 

-A courier comes to your home and collects the card. With your card and PIN, they can now gain access to your account and carry out fraudulent transactions.

PLEASE NOTE: The bank may genuinely call you for fraud prevention purposes to verify whether a transaction is genuine. We will NEVER ask to collect your card, for your PIN number, card details or online/telephone banking login credentials.

How to avoid a courier card scam

NEVER hand over your bank card, your PIN, card details or online/telephone banking log-in credentials.

If you receive a call asking for your PIN, card details or online/telephone banking log-in credentials, end the call immediately.

With any suspicious or unexpected call, always verify the caller using an independently-checked telephone number and use a different phone line (where possible). Where a second phone line is not available, try calling a friend on the line first. The fraudster will find it difficult to impersonate a voice that is known to you.

Money mules

Money mules receive funds into their account which they then withdraw and send overseas using a wire transfer service.

How to avoid becoming a money mule

  • Never respond to this type of request, no matter how attractive the payments may seem
  • Remember that assisting a criminal transfer of money may make you subject to a criminal investigation, which could lead to prosecution
Security Operating system updates

The latest operating systems from companies such as Microsoft and Apple can keep themselves up to date. This means you can have updates automatically downloaded as soon as they're available, which will help keep your computer safe.

It is important to keep all software up to date, including Adobe and Java.

Strong passwords

The best password is one that's easy to remember, but impossible for anyone else to guess. Once you've chosen your password, make sure you change it regularly.

Never share your passwords with anyone, and don't write them down or store them on your computer.

 

How to choose a good password

  • Use letters from a phrase or song lyric, with a combination of upper and lower case letters
  • Use a mixture of characters including upper and lower case, symbols and numbers
  • Don't use your PIN or reuse other passwords
  • Don't use family names or birthdays - they are easy for fraudsters to guess
  • Don't misspell common words as fraudsters are likely to try these combinations as well
Security Wireless network protection

Many wireless routers are delivered without their security features turned on. Leaving your wireless network unprotected leaves it open for nosy neighbours and malicious attackers. Attackers who access your network could hijack your internet connection and steal personal information stored on your computer.

How to secure your wireless router at home

 

  • Check the documentation you got with the router to find out how to turn on the security features
  • Make sure that every device using your router has a firewall
  • Use a strong password to access the router
  • Enable WPA2 encryption where possible as it is stronger than a WEP solution

Get Safe Online gives more information on how to protect a wireless network

Hints and tips
  • Keep your computer's security up to date and download our free security software
  • Install anti-virus software on your computer and keep it up to date
  • Many such packages include anti-spyware software to stop fraudsters being able to see your personal information
  • Ensure the firewall on your computer is turned on, and that it's set to monitor incoming and outgoing internet traffic, to control the information that enters and leaves your system
Investment scams

Investment fraud and scams

It's estimated that £1.2bn is lost each year in the UK to Investment Fraud. High yield investments have become attractive to online fraudsters due to higher returns.
 

Ponzi and Pyramid schemes

These schemes promise you high returns or dividends not usually available through traditional investments. The schemes collapse when new investors dry up, and investors usually find most or all of their money is gone.

A Ponzi scheme will ask you to invest in something, whereas a Pyramid schemer encourages you to recruit new investors for a commission. These scams can also be called franchise fraud, multi-level marketing or a chain referral scheme.

Often Ponzi or Pyramid schemes are used when committing Affinity fraud, which occurs when criminals target members of a group – such as community, religious, ethnic, elderly or professional groups. The fraudsters pretend to be members of the group they are targeting sometimes over the course of years, making the scams emotionally as well as financially damaging.

Share sale scams (boiler room fraud)

A Share Scam (also known as Boiler Room Fraud) is a scam that tries to persuade you to invest in what is essentially a worthless scheme, and usually begins with a cold call.

The fraudster will appear professional, knowledgeable and sympathetic, and the company they represent often sounds very similar to a well known financial company.

The shares they attempt to sell you won't be quoted on the stock exchange and will be virtually impossible to sell. You may find when you try to contact the fraudster who sold you the 'shares' they have disappeared, making it near impossible to recover any losses.

Criminals will often cold call victims of Boiler Room Fraud offering to help them recover the money they have lost in an attempt to take more money from them.

If you are unsure or concerned remember to seek independent legal and/or financial advice.

Carbon credit schemes

These schemes are a scam where a firm tries to sell you carbon credit certificates or get you to invest directly in a 'green' scheme that will generate carbon credits as a return on your investment.

Carbon credits are sold and traded legitimately from many reputable firms, however fraudsters have picked up on this, meaning an increased number of firms using dubious, high-pressure sales tactics.

Land banking scams

Fraudsters lead you to believe that you are investing in land that will significantly increase in value. They will tell you:

  • the plots are in areas with high house prices
  • the government intends to increase housing on this land
  • the land has already been allocated for development

Like many investment frauds, Land banking scams often take place through high-pressured telephone calls, although they can be via websites, email, mailings or brochures.

The reality is you are being sold land that has no development potential, doesn't belong to the 'seller' or doesn't even exist.

If you are looking to purchase land:

  • be sure to always contact the local council of the land
  • check who owns the land according to the Land Registry
  • check if the land has planning permission

Tips to help you protect yourself

Always consider taking independent/legal advice before you commit to an investment

The Financial Conduct Authority (FCA) also have a list of businesses that they believe are involved in fraudulent activities. You can check this list here 

Check the company is registered at Companies House and the details the caller gives you match up. Does the caller have a track record that can be verified by an independent party?

The FCA has also produced a factsheet on how to avoid share fraud

 

If you think you've been targeted

  • If the suspect is very near, or as a victim you feel at immediate risk, call 999
  • If a police response is needed (e.g. for victim care) or you can easily identify the suspect, call 101 or visit your local police station
  • If you spot anything suspicious or want to report an investment scam, contact Action Fraud on 0300 123 2040
Social networking

Social networking sites such as Facebook, Twitter and LinkedIn are becoming more and more popular. The nature of these sites creates security risks, so you should always be cautious when using them.

These types of sites promote personal connections and communications, and require you to provide a certain amount of personal information.

However, the more information available, the easier it becomes for others to take advantage of your identity. In some cases, criminals could fraudulently exploit this to obtain products and services in your name.

Personal information could also be used to conduct a 'social engineering attack'. Predators may form relationships online and then convince unsuspecting individuals - often young people - to meet them in person, which could lead to a dangerous situation.

Essential tips for protecting your identity

  • Always limit the amount of information you provide - do not post information that could be used by third parties, such as your address (home, school or workplace), date of birth, postcode, job title or information about your schedule or routine
  • Always read and understand privacy policies - some sites may share information such as email addresses or user preferences with other companies. This may lead to an increase in spam and unwanted emails
  • Remember that the internet is a public resource - so consider how others may view any information provided. Avoid using inappropriate language in your profile in blogs and other forums
  • Never converse with strangers - the internet makes it easy for predators and cyberbullies to misrepresent their identities and motives
  • Be sceptical and maintain your integrity - don't believe everything you read online. People may post misleading information about various topics, including their own identities, to lull you into a false sense of security
  • Change passwords regularly - and use a separate email address for social networking sites

Children are especially susceptible to the threats presented by social networking sites. Parents should inform their children about internet safety and be aware of their online habits. Some useful tips are:

  • Keep your PC in a central, public part of your home
  • Set clear rules for your children's internet use
  • Use family safety or parental controls software
Set Tab for lightbox