Finance Security

Five Things Banks Will Never Ask You Online

Philip Bates 18-03-2015

It’s easy to panic when you receive an email from your bank alerting you of account activity. But it’s more likely to be a scam. Here are just a few things your bank will never request online – but fraudsters will.


This is a particular concern if you use Internet banking. Of course there are benefits 6 Common Sense Reasons Why You Should Bank Online If You Aren't Already [Opinion] How do you usually do your banking? Do you drive to your bank? Do you wait in long lines, just to deposit one check? Do you receive monthly paper statements? Do you file away those... Read More , but many people refuse to trust an online interface with details of their accounts. The wealth of scammers and scare stories on show is enough to make anyone nervous – as is the fact that even ATMs aren’t safe How Scammers Can Use ATMs To Clean You Out That ATM in the wall of your local bank might look like an easy way to get some cash, but you need to make sure that the scammers didn't get there first. Read More .

But if you keep a clear head and know what to look out for, there’s no need to feel like a target.

Please Enter Your PIN

Security Button

“Well, obviously,” I hear you say. But people are becoming increasingly at ease with entering their PIN in shops they don’t recognise or at any rate shouldn’t necessarily trust. I know a few people who happily pay for everything on card, irrespective of whether they have enough cash on them or not. This complacency is dangerous, perhaps a reason fraud credit card losses came to £450.4 million in the UK in 2013 (a 16% increase on 2012’s £388.3 million).

Fortunately, this isn’t close to the losses suffered throughout 2004-08, the height of credit card fraud in the UK both in-store and via e-commerce.


The possibility that fraudsters would try to fool you into sharing your PIN online is far from unimaginable. You might be tricked into thinking you need to change your PIN as it’s been put at risk. Frequently, scammers will use time against you, fashioning a situation that needs to be dealt with now, forcing you to panic and make the wrong decision.

But no one needs to know your PIN except you. Even going in-store for help, banking assistants will look away as you type in your four-digit code.

Click on This Link and Enter Your Details

This is a classic phishing scam What Exactly Is Phishing & What Techniques Are Scammers Using? I’ve never been a fan of fishing, myself. This is mostly because of an early expedition where my cousin managed to catch two fish while I caught zip. Similar to real-life fishing, phishing scams aren’t... Read More .


The email will likely look genuine enough; so might the website address it links to. It’ll probably ask you to verify your account or change your Internet Banking details, but do not click on the link or fill out any details – especially not passwords.

If you think it might be genuine, go to your bank’s official site in a new browser window and enter the address manually (do not click the link in the email). The link address might even look real, but it’s been manipulated. Go to your real bank’s site if you’re particularly concerned or go to your nearest branch.

Just look how accurate this fake Google login page New Phishing Scam Uses Scarily Accurate Google Login Page You get a Google Doc link. You click it, then sign in to your Google account. Seems safe enough, right? Wrong, apparently. A sophisticated phishing setup is teaching the world another online security lesson. Read More appears to be.

Fake GMail Login


In a further effort to combat phishing, it’s worth downloading anti-virus software with tools 7 Essential Security Downloads You MUST Have Installed Read More that block phishing. Many email service providers like Hotmail and Gmail already file suspected fakes into Junk, but they’re not always quick to act, and aren’t fool-proof. (As Douglas Adams said, “A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools.”)

Download And Fill Out This Form

As many of us know, downloading anything from an untrustworthy email address is a big no-no, whether it’s concerning itself with banking information or merely purporting to showcase a portfolio or CV. But the fact that fraudsters are still trying to get people to look at attachments means that a few are still tricked.

Even innocent-looking PDFs can come with software-locking ransomware Avoid Falling Victim To These Three Ransomware Scams Several prominent ransomware scams are in circulation at the moment; let's go over three of the most devastating, so you can recognise them. Read More or hidden malicious files that relay personal information to another server. Think of all the passwords you use: not just Internet Banking, but also for Amazon, for eBay, for PayPal, for social media, even for your emails. While it may seem harmless enough, a breached email account can cause plenty of damage 6 Ways Your Email Address Can Be Exploited by Scammers What happens when a scammer hacks your email account? They can exploit your reputation, financial accounts, and much more. Read More !

ANZ Bank Scam


A good example of this came last year: a hurtful message supposedly from the National Institute For Clinical Excellence (NICE), imploring you to download test results. It’s an awful, emotive subject and that’s potentially why people fell for it, as well as these other scam emails in 2014 5 Worst Email Scams Of 2014 You Should Be Aware Of Read More .

Once more, fraudulent emails like this will be filed into Junk and deleted, but sometimes, they slip through the net. Otherwise, here are a few ways you can spot a questionable email attachment How to Spot Unsafe Email Attachments: 6 Red Flags Reading an email should be safe, but attachments can be harmful. Look for these red flags to spot unsafe email attachments. Read More .

Please Complete A Test Transaction

Some scammers send out emails asking possible customers to perform a test transaction, perhaps due to a supposed technical issue on their end or even claiming that they’re moving your money to a different account due to suspicious activity on your normal one. Obviously, the account they want you to send money to is one of their own.

But of course, a bank wouldn’t try to transfer your money, even if fraud is suspected: instead, most will suspend that account and contact you to verify payments they think aren’t your usual shopping basket fare. This is also why they like you to let them know when you’re going on holiday.

Asking you to move money about online sounds like such a glaring example of fraud. However, according to a YouGov poll, 4 million people in Great Britain would likely transfer money to a so-called “safe” account, and 3 million would perform a “test transaction” if instructed to via email or phone. Speaking of which…

Please Call Us on This Number

cell phone

Steve Head, Police National Coordinator for Economic Crime, says that criminals are “exploiting the technological and Internet revolution to target people of all ages and from all walks of life with ever more sophisticated and convincing scams, increasingly delivered directly into the home via telephone, mobiles, laptops and tablets.”

Never blindly trust an email supposedly from your bank asking you to ring on a specific telephone number. At the very least verify your bank’s actual number by independently checking their official website (again, avoid clicking on any in-email links). Check for signs that the website is secure, looking for that ‘s’ in ‘https://’ What Is HTTPS & How To Enable Secure Connections Per Default Security concerns are spreading far and wide and have reached the forefront of most everybody's mind. Terms like antivirus or firewall are no longer strange vocabulary and are not only understood, but also used by... Read More in the address bar, for instance.

And if you really do need to contact your bank, the proper phone number will be in the letterhead of your statements. Use this rather than any displayed on a potentially fake website.

Similarly, scammers might ring you directly, by-passing emails, pretending to be a representative of your bank. This is known as Vishing, or voice phishing, a tactic used to obtain personal information over the phone. They might ask you for some account details or refer you online to authorise payments. A further trick involves you ringing your bank after a call (often to gain your trust), but the fraudster stays on the line.

Who Should You Trust?

The important thing, as ever, is not to panic and remain somewhat sceptical.

Caught off-guard, you may forget that your bank doesn’t even have your email address! If in doubt, pop down to your local branch when you’ve half an hour to spare. As the cliché goes, it’s better to be safe than sorry.

Do you have any tips to spotting a fraudulent email? Do you know of any scams going around right now? Have you been unfortunate enough to fall victim of one? Let us know below.

Image credits: Intel Free Press; wongwean; samantha celera.

Related topics: Online Banking, Online Privacy, Online Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Brandon
    March 22, 2015 at 10:18 pm

    When I get emails like this, I find the fraud department at whatever bank "sent" them to me and forward it on It is usually fraud@ or abuse@ the bank website. That way, they can hopefully trace the messages back to the sender, but at least they can block them out.

    Tricia, I am really surprised that your bank would only contact by email. I really hate paper transactions, but for some things, I really want to keep paper for this reason.

    • Philip Bates
      March 31, 2015 at 11:58 am

      That's a great way of dealing with it, Brandon. The more we can do to combat the scammers, the better. I think most people - admittedly, myself included - just send this type of rubbish straight to spam or trash without thinking they can do anything about it.

  2. Tricia Hoekwater
    March 22, 2015 at 4:53 am

    Good information. Thanks. Ironically, I got one like the first example from Wells Fargo last year saying something about wanting me to verify my security questions. I called the number on my statement and asked for the email to send to them for potential phishing. I did that and never heard back from them so assumed all was good - that is was phishing.

    Turns out it was an actual valid email and they closed my account (a 401K). Pain in the rear to reopen it but better that than lose my money.

    This is a rare instance I am sure but if you arent' sure, call and speak to a representative since apparently they don't always read or deal with the phishing inquiries.

    • Philip Bates
      March 31, 2015 at 11:53 am

      That does surprise me, Tricia. And I'm sorry to hear you had issues reopening your account. But it's also nice to hear that it was worth it. I obviously agree with you: even if it's real, it's always better to be safe than sorry, as the saying goes. Thank you for commenting!

  3. Alpha
    March 21, 2015 at 9:26 pm

    Thanks for the very useful input. It is greatly illuminating.