What's on this page
What is online banking fraud?
Online banking fraud is when criminals access your money digitally by getting hold of your personal information. They can try to do this through your mobile and when you bank online.
Phone calls: Vishing
Criminals may contact you by phone or send you a text asking to call a number. They’ll pretend to be from a trusted organisation and may have some of your personal details.
How vishing works
Someone calls or texts to say there’s a problem and ask you to do something, such as
- Allow them remote access to your computer, so they can control it.
- Log in using your card reader to check your account, change details or move money.
- Move your money into a new or ‘safe’ account.
- Log in to the Internet Bank, to pay for antivirus help or maintenance software on your computer.
The calls and texts can sound and look very convincing. But genuine companies never ask you to move money or use your card reader.
Protect yourself from vishing scams
If you’re suspicious of the caller, end the call. If it’s a text, don’t reply or call the number. To report this, contact the organisation directly. Find their number from a trusted source. Don’t use a search engine.
If you need to call Nationwide use the number on the back of your card.
Use a different phone if you’re worried your mobile is compromised. Never give personal information to anyone by phone or text, even if they already have some of your details.
Text messages asking you to call us
Fraudsters can make their messages appear in genuine text conversations, making them appear legitimate.
Email, text or social media messages: Phishing
Criminals might try to get you to share your personal or banking details. They’ll do this by pretending to be someone you know or trust.
How phishing works
A criminal writes to you, posing as someone you know, or as a reputable organisation. They can seem very convincing. The logos, email addresses or account names can be almost identical to those of real organisations. They’ll claim there’s an urgent problem and might ask you to:
- Unlock online access to your account.
- Update your details using a link, or log in to check a recent transaction.
- Transfer money to avoid a penalty or financial loss.
How to spot a phishing email
- We will never ask you to update your account details.
- Not addressed to you personally and does not include your postcode.
- Use of language or punctuation may be poor.
- Shown link may look legitimate but could actually take you somewhere else.
- Signature details may appear incorrect though be aware that they could also be accurate.
Protect yourself from phishing scams
- Don’t open emails or respond to messages on social media if you don’t recognise the sender.
- Never click on or use links to log in or unlock your account.
- If anyone ever asks for your full password or PIN, report it immediately.
Hacking your computer, tablet or mobile: Malware
Taking its name from ‘malicious software’, malware is a hostile form of software. Once downloaded, it can do things like:
- Hijack your online banking and send money from your account.
- Prevent apps from working unless you make a ‘ransom’ payment.
- Spy on what you’re doing online, and get the information you enter into websites or online forms.
How malware works
Criminals can trick you into installing it on to your computer or mobile device by:
- Encouraging you to open links or attachments in emails, texts or social media messages. They’ll try to install malware as soon as you open them.
- Getting you to download a fake app that looks like a genuine banking or service app, to capture your log in details.
Malware can be hard to remove from your device.
- Fraudsters can easily set up a fake email address, pretending to be from a real company.
- There might be attachments included, to make the email seem more legitimate. Do not open them.
- The email may not be addressed to you personally.
- The use of language, punctuation and grammar can often be poor.
- Fraudsters will try to encourage you to respond or act, by giving you a deadline.
- Signature details can appear to be correct, but this doesn’t mean the email is legitimate.
Protect yourself from malware
- Always use a firewall and reputable antivirus software. Run regular updates.
- Set antivirus software to run a weekly malware scan.
- Check that a site is secure before you log in. Look for a padlock or key symbol and https in the address bar.
- Get familiar with the genuine Nationwide Internet Bank and Banking app. It’ll make it easier to spot anything suspicious.
How you can keep your personal information safe
Protecting your devices makes it much harder for criminals to access your information.
You should always:
Secure your mobile and computer with a passcode or strong password.
Protect your computer with a firewall and up-to-date antivirus software.
Complete a factory reset if you sell your computer, mobile phone or tablet.
Install apps from unknown sources. Check they are legitimate before downloading.
Respond to a suspicious text about a transaction. Especially if it doesn’t include your card number’s last four digits.
Give out bank details over the phone or in response to a request by text message. Information like your PIN, memorable data, passnumber, codes from your card reader or codes sent to you by text.
How to report fraud
Current account fraud
UK: 0800 055 66 22
Abroad: +44 1793 65 67 89
Credit card fraud
UK: 0800 055 66 22
Abroad: +44 2476 43 89 97
How to report suspicious messages
Help us stop fraud. Report suspicious emails, texts and messages to: email@example.com
We don't reply to every email but review all the messages we receive. This information helps us to stop crime. Thank you.