Vishing

Telephone fraud, or ‘vishing’, is becoming increasingly commonplace. With vishing fraudsters don’t scam their victims online, but call with the aim of tricking victims into disclosing information or completing certain actions that could result in financial loss.

If you receive a call from someone claiming to be from Unity Trust Bank and think it might be a scam, do not disclose your passwords or bank details private. Instead, end the call and report it on our dedicated fraud number, freephone 0808 196 8420 so that we can investigate on your behalf.

Phishing

Phishing emails are unsolicited emails which appear to be from a genuine source encouraging you to disclose confidential, personal or financial information.

Phishing emails may contain:

• A request for confidential or secure information (such as your internet banking log in, passwords, account numbers or PIN numbers)
• Instructions to complete an attached document, or reply to the email, or to click through to a website to verify your account. Don’t open attachments or click on links if you suspect they may not be genuine
• Warnings of a sudden change in an account which requires you to verify that you still use the service
• Poor spelling and grammar.

Unity Trust Bank will never send you an email asking you to reconfirm your security details and we will never ask you to divulge your full passwords via email. If you receive an email appearing to be from Unity Trust Bank that looks suspicious, forward it to fraud@unity.co.uk, block the sender, delete the original email and empty your deleted items. Or you can call our dedicated fraud number, freephone 0808 196 8420.

Smishing

Fraudsters send text messages mimicking your bank to convince you to click a link which could download viruses onto your device, or direct you to a fake website to trick you into releasing personal and financial information. Unity only provides a text service for authenticating accounts or payment requests; any other text messages received that appear to be from Unity are likely to be fraudulent.

If you think that you’ve been a victim of a smishing attack, do not reply to it; instead block the number and delete the message. You can also call our dedicated fraud number, freephone 0808 196 8420. By doing so you’ll also help to protect many more people from being affected.

Invoice fraud

Invoice or Push Payment fraud is widespread across the banking industry and happens when a fraudster sends an invoice or instruction requesting a payment. They may intercept emails from legitimate organisations and alter the account details on the invoice, ultimately paying the money directly into another account.

Organisations are also seeing an increase in fraudsters impersonating staff to redirect salary payments. The fraudster creates an email address that is a close match to the employee’s correct address and sends a request to change their bank details ahead of the next payment date.

Here’s what you can do:

• Call for verification: If account details have changed or the payment is to an unknown beneficiary, call the organisation on a recognised number and ask them to verbally confirm the account details. Do not use the phone number on the email as this could be the fraudster’s number.
• Improve procedures: Strengthen internal procedures for making and approving external payments. Consider using ‘Second Line Authentication’ to double-check details, where a task is completed by one person and then signed off by a different person.
• Secure IT infrastructure: Ensure computers and IT systems are protected with software to prevent your organisation from being hacked and make sure you use the latest version of internet browser with the latest updates installed.
• Contact us: If something doesn’t seem right, call our dedicated fraud number, freephone 0808 196 8420.

Cheques

Cheques can be manipulated into a fraudulent payment, whether it is a counterfeit cheque (a cheque created by a fraudster) or by, alteration (written cheque modified by a fraudster) or a forged signature on a genuine cheque.

Here’s what you can do:

• Don’t pre-sign cheques
• Use black ballpoint pen
• Make sure a line is drawn after you have written the payee name, amount in words and amount
• Don’t leave any gaps before or after the numbers in the amount box, to minimise the risk of a fraudster altering the cheque
• Keep your cheque book in a locked location with access restricted to essential staff only
• Periodically check that individual cheques have not been removed from the middle of the cheque book or from the computer cheque stock