Fraudsters can use a range of different techniques to gain your information, cards or money, some of the
most common current scams include:
Criminals often target those who are strapped for cash to act as 'money mules'. By
to do this, you allow money to be transferred through your account in exchange for payment.
You'll be asked to provide your bank details, receive a payment into your account and
either withdraw it in cash, or transfer it to another account.
Job adverts and spam emails offer 'easy money' and it might seem a harmless way to earn
income, but the money being transferred is stolen and used to fund organised crime.
This can get you into serious trouble. If you're caught, your bank accounts will be
closed, you'll have problems applying for a loan, a mortgage or even a mobile phone
contract. You may also be given a prison sentence of up to 14 years.
To learn more about the consequences of becoming a money mule and what the proceeds of money
are used for, check out the Don't Be Fooled website.
Authorised push payment scams
Recently, we’ve seen an increase in authorised push payment (APP) scams, also known as bank transfer scams, which happen when fraudsters trick victims into unknowingly transferring money into an account they control.
Usually, fraudsters gain access to a victims’ information via a hacked email account and then contact them pretending to be someone the victim does business with or posing as a trusted organisation – such as the police or HMRC.
For example, some scammers will say they’re calling from your bank’s fraud team about a security issue and ask you to authorise a payment into a ‘safe account’. Others will pretend to be a contractor they know you’ve hired after getting information from your email - such as an estate agent, solicitor or driveway repair company, and trick you into paying an expected invoice into their account instead.
Always remember, M&S Bank will never ask you to disclose your security details such as a PIN, online password or temporary ‘one time passcodes’ and would never ask you to move your funds to a ‘safe account’.
APP fraud can happen to anyone so it’s important you ask yourself the right questions before you make any payment:
- Have you been contacted unexpectedly to make this payment? Have you received an unexpected email or phone call?
- How were you informed of the bank details? If by email, SMS or phone call these should be checked with a trusted source before proceeding
- Why are you making the payment today?
- Is this a payment you’ve been planning to make?
- Is this a regular payment that you are going to be making?
If you think you've been a victim of APP fraud, please call us immediately on 0345 900
0900 (this number can be checked against the number on the back of your card).
Phishing and smishing
Phishing and smishing scams are used by fraudsters pretending to be from M&S Bank, or other financial
institutions, and involve sending unsolicited emails (phishing) and text messages (smishing) to
trick unsuspecting people into handing over their personal details. These emails or text messages
often contain links to fake websites or online banking login pages that ask you to enter your
personal details – this could be your password, card details or memorable information. By entering
your personal details on these sites, you are providing a fraudster details necessary to access your
Look out for the following signs of a phishing email or smishing text:
They often contain spelling errors or random capitalisation (eg bAnk 0nline with M&s Bank).
They often ask you to click on a link to confirm or validate your security details.
'Vishing' involves a fraudster phoning a potential victim and posing as someone from a bank or
building society, the police, HMRC or another trusted, legitimate company. The call is made either
to persuade or coerce the victim into transferring money from their account to another account for
"safekeeping" or "holding", to withdraw cash and hand it over "for investigation" or to try to get
financial information, such as credit or debit card details (including PIN), bank account details
and personal information such as full name, date of birth or address. Then they use this information
to gain access to their victim's finances.
Some fraudsters will phone on your landline claiming to be from your bank, credit card company or the
police, and tell you that your account has been compromised. They may say that a courier needs to
collect your cards or ask you to purchase high value goods or foreign currency for collection. They
may also ask you to write down your PIN and hand it over as well. To add credibility the fraudster
may even advise you to cut the card in half.
Identity theft happens when fraudsters get enough information about someone's identity (such as their
name, date of birth, current or previous addresses) to commit identity fraud.
Identity fraud happens when someone uses your personal details without your knowledge or consent.
They might use the information to get a credit card or loan. You may only find out that you've been
a victim of identity theft when you start to receive bills for things you haven't ordered or
Romance fraud happens when victims are deceived into 'false' relationships by fraudsters who aim to
steal their money or personal information. Romance fraud is typically carried out by criminals using
fake profiles on online dating sites.
Bitcoins are increasingly becoming a more common target for fraud and scams, due to the difficulty in
tracking the funds. Fraudsters can employ a range of tactics including; creating fake exchanges to
purchase Bitcoins, fake giveaways to secure personal details or Ponzi schemes where victims are
offered a guaranteed return in exchange for an upfront deposit.
Payment diversion scams
Payment diversion scams are where victims are intending to pay a genuine party but have been
contacted by a fraudster and given the fraudster's bank details to send funds to. For example, a
fraudster masquerading as a conveyancer during a house sale and instructing the victim to transfer
funds to a fraudulent account.