Person typing on a laptop

Be wise to scams

Be wise to scams

If you think you’ve fallen for a scam, contact us.

Contact us now

Please note - we've changed people's names and other details to protect their identity.

Telephone scam example – enter response code

The target

Tom works at MNO Solicitors.

The set-up

He took a call that claimed to be from the Bank of Scotland Fraud Department. They told him that odd payments had been spotted on MNO’s account and he needed to move the balance to another account.

The scam

The caller spoke about genuine payments made by MNO, which convinced Tom he was speaking to the bank. They gave details of a new account for Tom to move MNOs money.

The business held large property deposits, so Tom felt that he had to move the money to keep it safe.

An hour later, he decided to call Bank of Scotland to check that the account had been secured and MNOs money was safe. That’s when he found out it was a scam call. A total of £750,000 had been moved to the fraudster’s account.

How to spot a scam call

Fraudsters can copy our telephone number so it looks genuine on your caller ID. And they can even sound professional. They want you to move money to another account - their account.

Remember, we’ll never call:

  • to tell you to move money to another account, or
  • from the number on the back of your card.

Also, we’ll never call to ask you to login or for you to give your:

  • full password
  • PIN
  • reader codes.

If you’re not sure about a call, hang up. You can always call us to make sure the account is safe. But use a number you trust, not one a caller may give you.

  • The target

    Katia has her own florists.

    The set-up

    She got a call that claimed to be from her internet provider. They said there was a problem with her broadband, but they could fix it over the line. All she had to do was download something to her device. Katia agreed and clicked on a download link that was sent to her.

    The scam

    The caller said they’d fixed the problem and would give Katia a refund for the hassle. All she had to do was login to her Business Internet Banking. She did this but didn’t know they’d taken control of her computer. Katia saw fake screens which looked like she was getting a refund.

    The caller then asked Katia for her card reader code to ‘approve’ the refund. She gave them the code and they said a refund had been made then ended the call.

    Later, Katia logged in again to check if an invoice had been paid. She noticed that multiple payments had been made to an unknown account. It then became clear that the call earlier had been a scam. The money had gone to a fraudster.

    How to stay safe from scam calls

    Scam calls can happen at any time. But you can stay safe if you follow these simple tips:

    • Call back - When you’re not sure who’s on the phone, hang up. You can call back but use a number you trust, not one a caller may give you.
    • Don’t rush - Fraudsters want you to act quickly. Always take your time to think and to do checks.
    • Download with care - Unless you called for help, never download anything to your device for a phone call.
    • Keep codes private - Never give your card reader codes to a caller, no matter what they tell you.
    • Login safely - Unless you called for help, don’t log in to your computer or Business Internet Banking for a caller.

    Remember, we’ll never call to tell you to move money to another account.

  • The target

    John’s business was looking to buy a shipping container. He found a company selling them on social media, so sent a message.

    The set-up

    The company phoned John to offer a good deal. They sent photos of the container by social media, with a great price. This convinced John to buy.

    The scam

    John tried to pay with Business Internet Banking. But the payment details didn’t match when checked by the bank.

    To double-check, John looked into the company, using Companies House and social media. They’d been around a while and there were no bad reviews. John also searched online but didn’t find any reports of fraud. He was happy they were genuine, so paid the details that didn’t match by bank transfer.

    The company gave a delivery date but the container never arrived. When John phoned to ask why, there was no answer and their social media page had gone.

    John spent more time to check online and found that others had been scammed by the same company. There was no container for sale and John lost his money.

    How to stay safe when you buy online

    Fraudsters pretend to be genuine sellers using online marketplaces and social media to trade. They can even get in touch with your business to offer great deals. Here are a few tips to help you stay safe:

    • Check before you buy - Look at reviews, company history and ask lots of questions. Take time to find out as much as you can.
    • Beware of bargains - If a seller’s prices are lower than others, it could be a scam.
    • Choose a safe way to pay - Use your business debit or credit card. This will protect the money should anything go wrong.
    • Pay after delivery - Only agree to pay for large or expensive items after a seller hands it over.
    • Check a site is real - Make sure a website address is genuine. If site pages look odd, it may be a fake site.

    Please note: Never enter your bank PIN or password on a site or in an email.

  • The target

    Mo works for a big electrical retailer and buys from a number of suppliers.

    The set-up

    One day he got an email from a supplier with an invoice that gave a new sort code and account number. Without checking, Mo sent it to the finance department.

    In finance, Gail checked that the new account details matched what was on the new invoice. She thought Mo had double-checked these with the supplier, so made the change for future payments.

    The scam

    At month end, all the supplier's invoices were paid. But days later they got in touch with Mo about an outstanding payment. Gail had made the payment to the new account details. But the email was a scam and the money had been paid to a fraudster.

    How you can stay safe with suppliers

    If you deal with suppliers, take care with their account details and invoices. To stay safe, always:

    • Confirm payment details - If a supplier changes their details, call them back to confirm. Use a number you trust, not one from an email or invoice.
    • Use dual approval - Have two different people approve payments. That way it’s easier to spot any problems before you pay.
  • The target

    Jo works in accounts for a manufacturing company.

    The set-up

    She got an email that looked like it was from Bank of Scotland. It told her that our Business Internet Banking service had been improved.

    The email asked her to click on a link to login so she could check her security details and choose new security questions.

    The scam

    Jo had been sent a scam email. All she had to do was double-check the sender’s address to notice that the first ‘o’ in of Scotland was actually a zero.

    The link took Jo to a scam site with a fake Bank of Scotland homepage where she entered all her security details.

    This gave the fraudster everything they needed to login to the company’s online banking and create a payment.

    Later that day, Jo approved a batch of 10 payments. But only nine were real. One payment for £130,000 had been created by the fraudster and went to their account.

    How to spot a fake Bank of Scotland email

    If you get an email from us, there are many ways to tell if it's real or not.

    We’ll always:

    • Greet you by title and surname - As in Dear Mrs Smith.
    • Include part of your main account number - Or part of your postcode if you don't have an account number yet.
    • Write to you in a reasonable and calm way - To try and trick you, scam messages may use warnings, threats of fraud or problems with your business account.

    We’ll never send a message that:

    • Asks for your banking or personal details.
    • Asks you to move money to another account or to make a test payment online.
    • Asks you to give your card reader codes.
    • Links directly to our Business Internet Banking login page.
    • Links to a page that asks for your security or personal details.

    You can also check our email address to spot a scam. It should end with bankofscotland.co.uk and never have another word in between bankofscotland and .co.uk.

  • The target

    Sam works for a large building firm. She logged in to Business Internet Banking and entered her user name and password.

    The set-up

    When she was about to enter her identification code, a pop-up screen appeared. It asked her to enter a RESPOND code.

    It seemed odd, but she was new at the firm, so thought it must be safe.

    The scam

    When she entered the code, a screen appeared with a timer and loading symbol. After a bit, her normal home page appeared.

    There was nobody in the office to ask for help, so Sam called the Helpdesk. They told her to log off right away then checked the account. Two payments totalling £34,000 had been created and approved while Sam waited for the home page. These payments had gone to a fraudster’s account.

    How to stay safe when you login

    A virus can change the way your screen looks to try and scam you. If something doesn’t look right on your device, it probably isn’t. Here are a few tips to help you stay safe:

    • Log out - If the page looks odd while you’re logging in, stop and log out right away. Contact us about the problem and we can check your account.
    • Check your device - Ask your IT department or a trusted IT professional to check your device for viruses.
    • Use an anti-virus - Install one on your computer and other devices at work and at home. It’s best to keep it up-to-date and to scan for viruses at least once a week.

Bank of Scotland will never ask you to:

  • Share your account details - like user ID, password and memorable information.
  • Tell us your Personal Security Number (PSN) - for Telephone Banking.
  • Tell us your PIN code and expiry date.
  • Move money to another account.
  • Tell us your card reader codes.

Previous topic

Next topic