These emails are often sent to thousands of individuals - in the hope that some will be hoodwinked into supplying personal information. This may include user names, email addresses, passwords, bank account, and credit card details.
These phishing attacks will typically encourage victims to enter details on a fake website - which often seems to come from a legitimate organisation.
Look out for phishing emails that contain:
- Casual or informal wording that's not in the normal style of an email from a legitimate company
- Familiar language or tone but poor grammar and spelling
- 'Verify your account' request - banks will never ask you to enter full account details, passwords or PINs onto a website
- 'There is a secure message waiting for you' - these messages work by putting the emphasis on reading a message - not your actual account. However, the link in the email will still ask for your personal account details
- 'If you don't respond within 48 hours, your account will be closed' - such messages convey a sense of urgency that can make you respond immediately without thinking. Phishing emails might even claim that your response is required because your account may have been compromised
- 'Click the link below to gain access to your account' - sophisticated email messages can contain links or forms that you may fill out just as you would do on a legitimate website
- 'Dear Valued Customer' - phishing emails are usually sent out in bulk and often do not contain your first name or surname
NatWest Security Tips for your Business: How to spot a phishing scam
0370 154 1192
Accounts in England & Wales
0370 600 0459
+44 1268 500 813(Outside UK)
0370 154 1192
Accounts in Scotland
0800 056 4386
+44 1183 732 674 (Outside UK)
0800 092 9098
Lines open 24/7
Calls may be recorded. Call charges from residential lines, business lines and mobiles vary and depend on your telephone operator's tariffs.