Text message fraud | Ulster Bank

Overlay

Guidance

Text message fraud

What is text message fraud or ‘smishing’?
  • Some fraudsters use text messages to trick you into divulging sensitive information, like PINs and passwords. The message will often appear to be from a legitimate source and may ask you to click on a fake link or open an attachment.
  • Links and attachments may lead to an attempt to infect your device with a virus or redirect you to a fake website which could compromise your account details.
  • Fraudsters can send messages using ‘alpha tags’ from genuine companies to make their fake messages appear real (the alpha tag is the name at the top of the message, telling you who sent it).
What to look out for
Accordion

Icon expand Criminals sending these texts will try to alarm you

Criminals might try to scare you into believing your bank account has been accessed. They might use capital letters or frightening language to encourage you to act.

Remember that fraudsters have no way of accessing your account, so don’t click any links or reply with personal information. Never reveal the details of PINs, passwords or smartcard codes to anyone via text in any circumstances, even if the sender claims to be from the bank or a company you trust.

Our text messages may contain links to our websites, but never links to pages that ask for your Online Banking or full card details.

Example fraudulent message:

“WARNING we’ve noticed some suspicious activity on your account. For your security, your account will be suspended if you do not get in touch. Click this link to contact our fraud team.”

Accordion

Icon expand They might use shocking numbers

By telling you a specific amount has been withdrawn from your account, fraudsters want to make you panic. Don’t respond to them. Check your bank balance using Online Banking , or our mobile banking app for peace of mind.

Example fraudulent message:

“A withdrawal of £1566.04 has been made from your account. If this wasn’t you, please call the fraud team on XXXX XXX XXXX immediately.”

Accordion

Icon expand They’ll often try to rush you

Telling you to “act fast” is one way criminals can get you to act without thinking. They might claim that your account has been accessed at a specific time to make the text message seem genuine, or make you feel responsible by implying you’ve missed important calls or emails from your bank.

Example fraudulent message:

“Our security team need to speak with you urgently. Your bank account was accessed at 14:35PM. If this wasn’t you, please call our fraud team immediately on XXXX XXX XXXX.”

Accordion

Icon expand They might tell you a certain device was used

A fraudulent text message can feel genuine because it says a specific device was used to log in to your Online Banking. They may tell you an unauthorised or unknown device was used. We will never ask you to secure your account or click any links via text messages.

Example fraudulent message:

“An unknown device has just been used to log into your bank account. Your account may be at risk. Please visit www.afakelink.com to secure your account immediately.”

Accordion

Icon expand They’ll try and sound helpful

Another way a criminal will try to trick you is by using language you’d expect to hear from a bank or a company you trust. They might use friendly words or even include some of the slogans and phrases you’ve come across before.

Example fraudulent message:

“Someone tried to access your account today, but thankfully we stopped them in time. To protect you we’ve put a temporary block on your account. All you need to do is use this secure link to log in: www.afakesite.com. Just follow the helpful steps to unlock your account and reset your password.

Report anything suspicious to us straight away. Together we can fight fraud.”

Accordion

Icon expand They may follow up a smishing text with a call

There have been cases where fraudsters send a text and then quickly follow up with a phone call, to make the scam appear more real. When a fraudster uses a phone call to try and trick you into telling them your financial information, it’s known as vishing.

Actions you can take now
  • Never text back or reply STOP to suspicious messages.
  • Never call the number in the message. Always contact the bank using a number you know and trust.
  • Exercise care when using public Wi-Fi networks. Consider using a Virtual Private Network (VPN) instead.
  • Keep your phone's operating system up to date and don’t install apps from untrusted sources. Consider using anti-virus software for your phones and tablets.
  • Share this page with employees and colleagues, so they know what to look out for. Put training in place, so people know how to spot suspicious texts and other threats. You can use our webinars and resources to help.
  • For the latest cyber security advice and resources, visit the National Cyber Security Centre (NCSC).
  • If you’ve clicked on a suspicious link, run a scan with your antivirus software to check your device for any malicious software.
  • Forward any suspicious texts referring to Ulster Bank to the number 88355. Standard network rates apply.
Always think twice and make double checking second nature
Take Five to stop fraud

Take Five is a national campaign that offers straight-forward and impartial advice to help everyone protect themselves from preventable financial fraud. This includes email deception and phone-based scams as well as online fraud – particularly where criminals impersonate trusted organisations.

Visit Take Five

Need to report a fraud or a scam?
Set Tab for lightbox