Fraud advice


Fraud advice

Protect your business from coronavirus-related scams

With remote working increasingly common, remember that anywhere staff might work becomes an extension of your workplace and security needs to be maintained at the same level.

It’s especially important for employees to be aware of the dangers that fraudsters are exploiting the spread of coronavirus to facilitate various types of fraud and cybercrime.

Employees should be continually reminded of the risks of fraud and cybercrime, and what they should do:



Icon expand Invoice Redirection

  • Fraudsters pose as a creditor or supplier and advise you their company’s bank details have changed (due to a coronavirus outbreak).
  • The communication will ask you to make all future payments to a new sort code and account number.
  • Often initiate the bogus instructions by email or on headed notepaper, including official logos, letterheads and signatures to look as convincing as possible.
  • They will have often researched who to contact to request the change and which suppliers you use to make the request look as authentic as possible.
  • The communication will ask you to make all future payments to a new sort code and account number.
  • If the change of details is made all future payments to the supplier are made direct to the fraudster, and the original payment to the actual suppliers account will still need to be made.

Protect yourself and your business from Invoice Redirection

  • Be vigilant, check and challenge any request to change account details.
  • Contact suppliers and creditors independently to check the request is genuine, use contact details you already hold or that have been obtained independently rather than any included in the request.
  • Once a payment has been made confirm with the intended beneficiary that it has been received.
  • Enable dual authorisation on Bankline for payments and changes to payment Templates and Bulk lists so that any payments and changes have to be approved by a second user before the payment is sent or the changes take affect.
  • Don’t make any changes to payment details until you are certain it is genuine, even if they are claiming it is urgent.





Icon expand Phone fraud ‘Vishing’

  • Vishing is fraudulent contact made by phone.
  • Be alert to bogus calls linked to coronavirus as these could be from fraudsters who claim that they’re from the bank, the police, an IT company or an official health organisation or company that you trust.
  • They try to get you to reveal confidential information such as account details, PINs and passwords to get the ‘problem’ resolved.
  • Sometimes you may get a ‘warm up’ call where no information is discussed. This is to prepare for a second call in which they’re likely to ask for information. They’ll then use the information gained to access your accounts and transfer funds. Alternatively, they may ask you to make payments or transfers to either “protect your funds” or to “test” your Bankline profile.

The fraudsters may claim some of the following:

  • There’s a problem with your account that requires urgent action.
  • There’s been some suspicious activity on your accounts.
  • There’s malware on your computer.
  • They’re investigating fraud by bank staff.

Protect yourself and your business from Vishing

  • Treat all unsolicited phone calls with suspicion – never be afraid to hang up.
  • Never reveal the details of PINs, passwords or Smartcard codes over the phone in any circumstances, even if the caller claims to be from the bank or a company you trust.
  • If you receive a request to download software to connect to your computer and you haven’t started the conversation yourself, refuse to do so.
  • You’ll never be asked to transfer funds by either the bank or the police. Don’t make any payments – instead, end the call and contact the bank using the numbers below on a separate device.
  • Be aware that fraudsters can spoof your Caller ID to display a recognised number and make you believe the call is genuine.
  • If you receive a suspicious or unexpected call, verify the caller using an independently checked phone number such as a contact number from our website. Where possible, use a different phone, in case the fraudster has kept the line open and they’re waiting to intercept the outbound call you make to verify the caller. If not, try calling someone else you know first to make sure your line is clear.



Icon expand Email fraud ‘Phishing’

  • Fraudsters are sending out coronavirus-themed phishing emails to trick people into opening malicious attachments or revealing sensitive personal and financial details.
  • Emails which purport to be from medical or government research organisations who contact potential victims over email.

What is Phishing?

  • Phishing is contact made by email.
  • The sender impersonates well know companies such as banks.       
  • The purpose is to get you to click on a link and enter personal details or open/download an attachment.
  • The request will often be something to encourage you to take action, such as ‘Verify your details or your account will be locked’ or ‘Click the below to gain access to your account’. They hope that the recipient will think they need to act urgently and so respond immediately without thinking.
  • These are often sent to thousands of email addresses in the hope that some people will take action. Therefore they don’t usually contain personalised information and will use terms such as ‘Dear valued customer’.

Protect yourself and your business from Phishing

  • Look out for familiar language or tone and casual and informal wording, there may also be poor grammar and spelling.
  • Remember, we will never ask you to enter your full PIN and password details onto the website.
  • When you receive an email, check it for signs that it may not be from the company it appears to be from; is the email address the same as the one the company usually use?
  • Look out for any prompts to click on links or to download a file. Something like ‘Verify/update your account details’ is likely to take you to a copycat website to fill in your confidential details.
  • Never respond to any suspicious emails and don’t click on any links or attachments within them.
  • Check if the email is personalised, does it have information like your name, your postcode or part of your account number? If there is no personalisation at all treat it with suspicion.
  • If you receive a suspicious email you can report it to us by forwarding it to



Icon expand Bogus Boss 'Email spoofing’

  • Bogus emails are sent to staff claiming to be from a senior member of staff within the organisation such as a Director, CEO or Chairman etc. requesting an urgent payment.
  • They will often say that the payment is needed due to exceptional circumstances such as urgent cleaning or medical supplies are required to counter coronavirus and needs to be carried out immediately.
  • The email appears to be genuine as the fraudsters research the company details and locate the senior managers’ details; they then use this for the email address.
  • They can either make an email address look like it is genuine or hack into a user’s email account directly.
  • Thinking it is a genuine request and often not wanting to question a senior director or CEO the employee completes the payment as instructed and the funds are withdrawn by the fraudster.

Spot the fraud

  • The email appears to be genuine as the fraudsters research the company details and locate the senior managers’ details; they then use this for the email address
  • Contact the sender independently to verify the request
  • Do not use any contact details within the request

Protect yourself and your business from Bogus Boss

  • Challenge and question these types of requests, even if they are from someone senior.
  • Contact the sender independently to verify if the request is genuinely from them; don’t use the contact details in the request.
  • Have a specific documented process for the arrangement of payments. Any requests outside of this process, particularly if they are by email, should be treated as suspicious until verified with the individual directly.
  • Enable dual authorisation on Bankline for payments, so that any payments have to be approved by a second user before it is sent.



Icon expand Purchase Scams

  • Watch out for emails, social media posts, texts or phone calls offering you a deal for products relating to coronavirus. It could be anything from facemasks and vaccines to access to testing kits. Any deals that look too good to be true usually are.  
  • These approaches are very likely to be criminals trying to get their hands on your money or personal details. Make sure you don’t give them what they want.

Icon expand Be aware of fraudulent Bankline sites

Criminals are using paid google ads to lure customers to a fake Bankline website. These adverts often appear at the top of search results.

If these fake links are followed, they will refer you to a fraudulent website which could result in sensitive information, such as your PINs, password and other credentials being disclosed to criminals.

The bank always takes rapid action to remove malicious advertisements and fake sites that abuse the Ulster Bank brand, but to help our customers stay safe:

Please remind all Bankline users that the safest way to navigate to Bankline is to visit and log in through this site.

We also recommend saving this webpage to your browser favourites.

Be alert to any unexpected changes, such as requests to validate personal information using smartcard codes. If you experience this, stop and call our Security Team for immediate assistance on 0345 300 8483.

The bank will NEVER:

  • Ask you to enter or validate personal information (telephone numbers, dates of birth, addresses etc.) as part of the log-in process
  • Ask for your full PIN & password online: only 3 random digits from each are needed to log in
  • Ask you for smartcard codes or any digits from your PIN & password over the telephone
Set Tab for lightbox