Action Fraud Reports A Sharp Rise In Fake TSB Activity

Uploaded on 2018-06-04 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The increase in the number of reports being sent to Action Fraud is in part linked to the system issue some TSB customers have experienced over recent weeks. 

Opportunistic fraudsters are using TSB’s system issue to target people with this type of fraud. TSB, or any bank, will never ask for a PIN, password or full memorable information by email or text. 

Fraudsters are commonly using text messages as a way to defraud unsuspecting victims out of money. This is called smishing (SMS + fishing). Of the smishing attempts reported to Action Fraud, 80% requested that the recipient clicks onto a website link. The second most common delivery technique reported has been email.

Fraudsters are using specialist software which changes the sender ID on text messages so that it looks like messages are being sent by TSB. In some instances, this spoofed text is being added to existing TSB message threads on victim’s phones.
Should someone click on the link within a spoofed text message and enter their personal information, the fraudsters then call the victim back and persuade them to hand over their one off code from their mobile phone. The fraudsters can then empty the victim’s account. 

Director of Action Fraud, Pauline Smith, said:

“We have seen an increase in opportunistic fraudsters sending text messages claiming to be from TSB that ask people to reply with their personal or banking details. 

“This can have a devastating effect on people, who can lose out on large sums of money.

“Don’t assume anyone who’s sent you a text message is who they say they are. If a text message asks you to make a payment, log in to an online account or offers you a deal, be cautious and report it to Action Fraud.”

A TSB Fraud spokesperson said: 

“While our systems are safe and secure, unfortunately fraudsters are increasingly sophisticated and looking to take advantage of situations like these by approaching customers. 

“Protecting our customers’ information is our number one priority. We are doing all we can to ensure customers don’t become a victim of fraud, whether they bank with us in branch, online or via the telephone and this is something we are working on with Action Fraud and a number of external organisations. 

“We are also working with these organisations to help them identify fraudulent sites so we can take them down as quickly as possible.”

How to Protect Yourself
Don’t assume an email or text is authentic: Always question uninvited approaches in case it’s a scam. Phone numbers and email addresses can be spoofed, so always contact the company directly via a known email or phone number, such as the one on the back of your bank card. 

Clicking on links/files:
Don’t be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected text or email. Remember, a genuine bank will never contact you out of the blue to ask for your full PIN or password. 

If you have received a suspicious TSB email, please do not respond to it, report it 

Action Fraud:         

You Might Also Read:

TSB's IT Meltdown Was Evident A Year Before:

Barclays Bank Want To Stop Cybercrime:

 

 

« Nation State Cyber Attacks Are An Act Of War
Malta Under Large Scale Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Blueliv

Blueliv

Blueliv is a leading provider of targeted cyber threat information and intelligence. We deliver automated and actionable threat intelligence to protect the enterprise and manage your digital risk.

Mellanox Technologies

Mellanox Technologies

Mellanox Technologies is a leading supplier of end-to-end Ethernet and InfiniBand intelligent interconnect solutions and services for servers, storage, and hyper-converged infrastructure.

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

Celare

Celare

Celare delivers DPI based network perimeter monitoring solutions with integrated Big Data security analytics and threat detection.

InnoSec

InnoSec

InnoSec is a software manufacturer of cyber risk management technology.

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

RHEA Group

RHEA Group

RHEA Group offers aerospace and security engineering services and solutions, system development, and technologies including cyber security.

BetaDen

BetaDen

BetaDen provides a revolutionary platform for businesses to develop next-generation technology, such as the internet of things and industry 4.0.

Sevatec

Sevatec

Sevatec’s Active Cyber Defense (ACD) methodology proactively defends against adversarial kills chain, addressing active and emerging threats while reducing program vulnerabilities and risks.

Redwall Technologies

Redwall Technologies

Redwall provides cybersecurity expertise and technology to prevent and respond to emerging threats against mobile applications and connected infrastructures.

Lattice Semiconductor

Lattice Semiconductor

Lattice Semiconductor solves customer problems across the network, from the Edge to the Cloud, in the growing communications, computing, industrial, automotive and consumer markets.

MedSec

MedSec

MedSec is the only company of its type focused solely on cybersecurity for hospitals and medical device manufacturers, offering both a cybersecurity software solution and consulting services.

DerSecur

DerSecur

DerSecur has been engaged in advanced technology activities in the field of Application Security since 2011. We offer R&D technology solutions in the field of SAST, DAST and SCA analysis.

Cyber Security Global

Cyber Security Global

Cyber Security Global is a leader in electronic security, consultancy, technology, cybersecurity solutions, training, and specialized products.

Appranix

Appranix

Appranix delivers Cloud App Resilience with app-centric entire cloud resources backup, restore, and cross-region disaster recovery.

CBIT Digital Forensics Services (CDFS)

CBIT Digital Forensics Services (CDFS)

CDFS is Australia’s premier supplier of digital forensic tools, industry-embedded training and certification to Law Enforcement, Government, and Corporate Enterprise.