Skip to main content

The scammer wants you to hand over your info by pretending to be someone you trust. It’s called ‘phishing’ for emails or ‘smishing’ for texts.

Scammers can fake their caller ID. It can show a different number, even one you trust, like your bank's. We call this tactic 'number spoofing.' They use it to make texts look like they're from a real company. They might also insert these texts into an existing message thread with that company.

We call this an Authorised Push Payment (APP) scam. Our APP scam page has all the info you need to keep safe.

How it works:

  1. You get an email or text. It might even look legit with the correct company logo.
  2. They usually ask you to click a link to verify your account details or fix some urgent issue.
  3. That link takes you to a fake website that steals your login or personal info.
  4. They use that info to access your accounts or apply for accounts in your name.

How to avoid being scammed:

  • Never click on suspicious links. Go directly to the company website and login from there.
  • Check the email address of the sender. You can check this by expanding the sender's contact details or hovering over their details.
  • Check for spelling mistakes. Scammers often make little errors that real company wouldn’t.
  • The bank won’t ask for sensitive info via email or text. If they're asking for your password or one-time passcode, delete the message.
  • A legit company will never threaten or scare. If the message feels urgent or frightening call the company. Don’t use the number on the email or text. Search for their website and call the number on there.

Was this info helpful?

Yes No

Thank you for your feedback

Get scam savvy

Spot the scammers

Learn about the most common scams in the UK.

How we're protecting you

From encryption to fraud monitoring - here’s how we keep your money safe.

How to protect yourself

Things you can do today to avoid being tricked.

Fraud or scam

Learn the difference between a fraud and a scam.