For our Coronavirus-specific Fraud Guide which includes information on how stay safe from fraudsters during the outbreak, please view our FAQs.
With fraudulent activity and online crime on the rise, Unity Trust Bank works hard to ensure that all of our customers are protected. This guide explains the common tactics fraudsters may attempt to use and what you can do to help safeguard both yourself and your organisation.
Invoice Fraud/Push Payment Scams
Invoice/Push Payment fraud are widespread scams across the banking industry. This is when a fraudster sends an invoice or instruction requesting a payment to be made. They may intercept emails from legitimate organisations and alter the account details on the invoice, ultimately paying the money directly into another account.
We are also seeing an increase in fraud relating to staff supposedly requesting to change their bank details. This is usually done through an email from a member of staff. If you receive a request of this nature, please ensure you follow the steps below to avoid potential loss of funds.
Here’s what you can do:
- Callback for verification: If you notice that account details have changed or the payment is directed to a new unknown beneficiary, call the organisation on a recognised number and ask them to verbally confirm the account details. DO NOT use the phone number supplied on the email as this could be from the fraudster
- Improve procedures: Strengthen your internal procedures when making and approving an external payment. Consider using a ‘Second Line Authentication’ process to double check details
- Secure IT Infrastructure: Ensure your computers and IT systems are protected with appropriate software to prevent your organisation from being hacked. Make sure you have ‘Trusteer Rapport’ downloaded onto your computer when logging in to Unity’s Internet Banking. Trusteer Rapport establishes a secure connection between you and the bank and protects prevents malware from tampering with your transactions. This is a free service that we provide
- Contact us: If something doesn’t seem right or you are ever in doubt, get in touch with our Customer Services team on 0345 140 1000 for further support
Cheques can be manipulated into a fraudulent payment. Whether it is a counterfeit cheque (a cheque created by the fraudster), alteration (modified by a fraudster) or a forgery. The following techniques will help to protect your organisation:
- Don’t pre-sign cheques
- Use black ballpoint pen
- Make sure a line is drawn after you have written the payee name, amount in words and amount
- Make sure the number of the amount is written at the very start of the box, to prevent a fraudster altering the cheque
- Keep your cheque book in a locked location with limited access to staff
Phishing emails are unsolicited emails which appear to be from a genuine source encouraging you to disclose confidential, personal or financial information.
Please be aware of:
- A request for confidential or secure information (such as your internet banking log in, passwords, account numbers of PIN numbers)
- Instructions to complete or reply to a form or document attached to the email, or to click through to a website to verify your account. Don’t open attachments or click on links if you suspect they may not be genuine
- Warnings of a sudden change in an account which requires you to verify that you still use the service
- Poor spelling and grammar
If you receive an email appearing to be from Unity Trust Bank that looks suspicious, forward it to [email protected], block the sender, delete it and empty your deleted items. For further information visit http://www.antiphishing.org
Smishing is where fraudsters send text messages mimicking the bank to convince you to release personal and financial information. Unity does not currently offer a text service to customers. If you receive a text from Unity Trust Bank, this will be bogus. Do not reply; block the number and delete the message.
To find out more about how you can protect yourself and your organisation from potential fraud, visit the Take 5 website.