Have you received this letter from your bank? You could be the target of the latest phishing scam [IMAGE]

A new phishing scam is targeting bank account holders using official letter-headed mailings, and bearing the correct online user name. The sophisticated scam was thwarted by one Bristol woman, but other letters may be in circulation.

The scam 

A phishing scam is where someone attempts to ‘phish’ for bank/card details from others by posing as the bank or another service. Once gained, the details can be used for ID theft, fraud or other purposes. The scams are normally conducted over email. And this is what makes the new scam stand out.

Bristolian Helen Martin received the official-looking letter from her bank Halifax on 10 April 2017. The letter bore her correct identity and private online username, and the official bank letter-head. It stated that she needed to renew her online permissions by setting a new password.

Something felt wrong, so Ms Martin contacted Halifax. She told The Canary:

I called the Halifax from a number I had previously used rather than the one on the letter and they did a check and confirmed it to be a fake.

They advised me to change my passwords, and take the letter into a branch.

The bank confirmed it had issued no such letter, and Ms Martin was the target of a phishing scam. Had Ms Martin not checked with her bank, she could have lost everything. She says she was left feeling annoyed and worried: “that others might just log in with the letter details without checking and be compromised, a bit stressed that as they had my user name they may have obtained other personal details/card details.”

How to thwart a phishing scam

Last month, criminals targeted Gmail users with a major phishing scam so sophisticated that even tech experts fell for it. But like Ms Martin, we can all take steps to ensure we are never the victim of a scam like this. The advice is simple:

1. Check all numbers/emails on correspondence before responding. You can do this with a simple Google search.
2. Check with bank/service on a known, publicly available number/email to confirm before making account changes.
3. Do not click on links from emails without checking the source (go to full email address of sender, then check online).
4. Report any scam to your service provider and the police. This helps shut down the scam and record it for posterity.

By raising awareness of these scams, and how to thwart them, we can outsmart the scammers.

Get Involved!

Please share this article and help outsmart the scam

Support The Canary if you value the work we do.

Featured image via Facebook