Telephone banking fraud, or ‘vishing’, is becoming increasingly commonplace. This is where fraudsters do not actually scam their victims online, but use the telephone in an attempt to trick them into disclosing information or completing certain actions that could result in financial loss. It is very important to keep your passwords and bank details private, so please be cautious when taking phone calls.
If you receive a call from someone claiming to be from Unity Trust Bank, and think it might be a scam, then it is important that you report it to us so that we can investigate on your behalf.
More information about how to keep safe from potential scams and fraud can be found on the Take Five to Stop Fraud website
We have put together a leaflet to assist you in putting in place the internal controls to assess, prevent and detect the risk of your organisation being affected by fraud.
Download the leaflet for more information – Fraud Awareness.
For customers who choose to produce your own, personalised stationery (paying-in books, cheque books etc.), we recommend that you ask your agency/printer which format they would prefer to use and then download the appropriate file from this dedicated page.
For our Coronavirus-specific Fraud Guide which includes information on how stay safe from fraudsters during the outbreak, please view our FAQs.
With fraudulent activity and online crime on the rise, Unity Trust Bank works hard to ensure that all of our customers are protected. This guide explains the common tactics fraudsters may attempt to use and what you can do to help safeguard both yourself and your organisation.
Invoice Fraud/Push Payment Scams
Invoice/Push Payment fraud are widespread scams across the banking industry. This is when a fraudster sends an invoice or instruction requesting a payment to be made. They may intercept emails from legitimate organisations and alter the account details on the invoice, ultimately paying the money directly into another account.
Organisations are also seeing an increase in fraudsters impersonating staff to redirect salary payments. The fraudster creates an email address that is a close match to the employee’s correct address and sends a request to change their bank details ahead of the next payment date.
If you receive any similar requests, please ensure you follow the steps below to avoid potential loss of funds.
Here’s what you can do:
- Callback for verification: If you notice that account details have changed or the payment is directed to a new unknown beneficiary, call the organisation on a recognised number and ask them to verbally confirm the account details. DO NOT use the phone number supplied on the email as this could be from the fraudster
- Improve procedures: Strengthen your internal procedures when making and approving an external payment. Consider using a ‘Second Line Authentication’ process to double check details
- Secure IT Infrastructure: Ensure your computers and IT systems are protected with appropriate software to prevent your organisation from being hacked. Make sure you have ‘Trusteer Rapport’ downloaded onto your computer when logging in to Unity’s Internet Banking. Trusteer Rapport establishes a secure connection between you and the bank and protects prevents malware from tampering with your transactions. This is a free service that we provide
- Contact us: If something doesn’t seem right or you are ever in doubt, get in touch with our Customer Services team on our dedicated fraud number, freephone 0808 196 8420.
Cheques can be manipulated into a fraudulent payment. Whether it is a counterfeit cheque (a cheque created by the fraudster), alteration (modified by a fraudster) or a forgery. The following techniques will help to protect your organisation:
- Don’t pre-sign cheques
- Use black ballpoint pen
- Make sure a line is drawn after you have written the payee name, amount in words and amount
- Make sure the number of the amount is written at the very start of the box, to prevent a fraudster altering the cheque
- Keep your cheque book in a locked location with limited access to staff
Phishing emails are unsolicited emails which appear to be from a genuine source encouraging you to disclose confidential, personal or financial information.
Please be aware of:
- A request for confidential or secure information (such as your internet banking log in, passwords, account numbers of PIN numbers)
- Instructions to complete or reply to a form or document attached to the email, or to click through to a website to verify your account. Don’t open attachments or click on links if you suspect they may not be genuine
- Warnings of a sudden change in an account which requires you to verify that you still use the service
- Poor spelling and grammar
If you receive an email appearing to be from Unity Trust Bank that looks suspicious, forward it to [email protected], block the sender, delete it and empty your deleted items. For further information visit http://www.antiphishing.org
Smishing is where fraudsters send text messages mimicking the bank to convince you to release personal and financial information. Unity does not currently offer a text service to customers. If you receive a text from Unity Trust Bank, this will be bogus. Do not reply; block the number and delete the message.
If you think that you’ve been a victim of a Phishing or Smishing attack, you can also call our Customer Services team on our dedicated fraud number, freephone 0808 196 8420.
Keep your devices secure
You should always use the latest version of your chosen internet browser and install the latest updates so that it meets current security standards. This is particularly important if you are using Internet Banking.
If you’re unsure how to do this, or would like to check which browser version you’re using, please visit the official online support pages for Chrome, Safari, Internet Explorer / Edge or Firefox etc, or contact your IT team.
You can also find out more at gov.uk/help/browsers.
Take Five to stop fraud
To find out more about how you can protect yourself and your organisation from potential fraud, visit the Take 5 website.