Bank Cross-Login Scam

TL;DR

Banks will never ask you to log in to your account via a link they send in an email or text message. This is almost always a scam attempt to steal your details. If you receive such a request, ignore it and contact your bank directly using their official website or phone number.

What’s happening?

Scammers are getting cleverer. They often send emails or texts that look like they’re from your bank. These messages might say there’s a problem with your account, or ask you to verify some details. The key thing is they will include a link asking you to log in.

Why it’s dangerous

Clicking the link takes you to a fake website that looks exactly like your bank’s login page. When you enter your username and password, the scammers steal them. They can then use these details to access your account and steal your money.

How to spot a scam

1. Unexpected request: Your bank won’t suddenly ask for your login details via email or text.
2. Suspicious links: Hover over the link (without clicking!) to see where it really leads. It probably won’t be your bank’s official website address. Look for misspellings or unusual characters.
3. Sense of urgency: Scammers often try to scare you into acting quickly before you have time to think.
4. Poor grammar and spelling: Genuine emails from banks are usually well-written.

What to do if you receive a suspicious message

1. Don’t click anything! This is the most important step.
2. Contact your bank directly: Use the official website or phone number printed on your bank statement or debit/credit card. Do not use any contact details from the suspicious message.
3. Report the scam: You can report phishing attempts to Action Fraud in the UK.

What if you’ve already clicked the link and entered your details?

1. Change your password immediately: Log in to your bank account directly (using the official website) and change your password.
2. Contact your bank: Tell them what happened so they can take steps to protect your account. They may need to block your card or open a new account.
3. Monitor your account: Keep a close eye on your transactions for any suspicious activity.

Extra security tips

• Enable two-factor authentication (2FA): This adds an extra layer of security to your account, requiring a code from your phone in addition to your password.
• Keep your software up to date: This includes your operating system, web browser, and antivirus software.
• Be careful what you share online: Don’t post personal information that could be used by scammers.