‘Smishing scams’
We’ve been made aware of a scam text message targeting Barclays customers by directing them to a fake website. Here’s what you need to look out for.
Fake text messages posing as banks are nothing new – last year we saw a huge rise in the number of people reporting that they’ve received one purporting to be from Halifax.
But this one using Barclays to target victims features another twist to be wary of: it’s managed to successfully drop into people’s inboxes with the sender set as the bank itself:
These types of ‘phishing’ attempts work by rushing people into visiting a fake website, which can go on to request and steal sensitive information, such as bank details. In this case, its victims will be alarmed to read that an ‘unusual payee request’ has been ‘flagged’ on their account. Fortunately some web browsers, such as Chrome in the example below (in red) will warn you that the site is illegitimate: however, there’s no guarantee that everyone will receive a similar warning, and some may believe these convincing phishing sites to be genuine.
Phishing scam 2: ‘Lockdown support plan’ grants
Fake GOV UK communications continue to circulate, with a dodgy ‘lockdown support plan’ text now attempting to catch people out.
Once again fortunately most web browsers, such as Google Chrome in this example, will recognise that the URL is a phishing attempt and provide a warning.
Spotting and reporting phishing scams – what to do if you receive one. Report the fake text to the National Cyber Security Centre (report@phishing.gov.uk). Barclays and the other Banks also say that they will never send a text and ask you to click on a link. If you think you may have handed over your card details to scammers, you should let your bank know what’s happened immediately.