Overlay
Protect your business

Vishing

What is Vishing?

  • This is contact made by phone, which encourages you to give out PINs, passwords or digital banking codes.
  • These calls often involve fraudsters claiming they’re from the bank, the police, or another official organisation or company that you trust.
  • You may get a ‘warm up’ call where no information is discussed. This is to prepare for a second call in which they’re likely to ask for information.
  • They may have some information about your organisation already, such as a name, address, or even the name of a genuine member of bank staff, all to make the deception more plausible.
  • Calls often seem urgent, to get you to act quickly, giving you minimal time to think about whether the call is fraudulent. Some common examples are:
    • ‘There’s a problem with your account that requires urgent action.’
    • ‘There’s been some suspicious activity on your accounts; we need you to move your money to another account.’
    • ‘There’s malware on your computer.’
    • ‘We’re investigating fraud by bank staff.’
    • ‘We need to cancel payments.’

How to avoid it

  • Never reveal the details of PINs, passwords or digital banking codes over the phone in any circumstances, even if the caller claims to be from the bank or a company you trust.
  • You will never be asked to scan a QR code, neither will we need to text a QR code to your mobile phone.
  • If the caller asks you to enter a series of numbers into your handset, stop. This is a scam. They want you to set up call forwarding to prevent genuine callers contacting you.
  • Remember, we’ll never ask you to key or authorise test payments, reverse and cancel transactions or download screen-sharing software.
  • Third party companies and organisations who contact you should never need or have access to your Bankline or online banking services.
  • Never be pressed by a third party to ‘cancel’ payments using your smartcard reader – it’s a scam.
  • Pay attention to what the Bankline QR smartcard reader display is showing you. Ask yourself, are you really paying who you think you are?
  • Don’t rely on the caller ID number that appears on your phone to verify the call, as this can be faked to look like the caller is calling from a safe or recognised number.
  • If you receive a suspicious or unexpected call, verify the caller using an independently checked phone number such as a contact number from our website. Use a different phone, in case the fraudster has kept the line open and they’re waiting to intercept your outbound call. If you don’t have a second phone, try calling someone else you know first to make sure your line is clear.
  • Treat all unsolicited calls with suspicion, and never be afraid to end a call, if you have any doubts.

Actions you can take now

  • Share this page with employees and colleagues, so they know what to look out for. Put training in place, so people in your business know how to recognise and handle suspicious calls and other threats. You can use our webinars and resources to help.
  • If you’ve received a suspicious call and are worried you’ve given away personal information, call us on 03457 24 24 24 (+44 131 549 8888 from outside the UK). Our lines are open 24/7.
  • For the latest cyber security advice and resources, visit the National Cyber Security Centre (NCSC).

Always think twice and make double checking second nature

Take Five to stop fraud

Take Five to stop fraud

Take Five is a national campaign that offers straight-forward and impartial advice to help everyone protect themselves from preventable financial fraud. This includes email deception and phone-based scams as well as online fraud – particularly where criminals impersonate trusted organisations.

Need to report a fraud or a scam?

Other ways to get help