Skip to Main Content Increase Contrast Accessibility Help

Protect your Organisation from fraud and scams

In just one year, 1 in 17 adults were victims of fraud. Find out how you can be fraud and scam-savvy.

How can I protect my organisation from fraud?

Avoid paying by cheque

When paying large amounts, it’s safer to use our standing payments or CHAPS services (charges apply). You can also register for Online Banking to use Faster Payments.

Set up dual authorisation

Where appropriate for your organisation, assign at least two people to approve online payments and set up dual authority for signing your cheques. You can set this up by updating your details.

Update fraud policies

Update your internal procedures so that everyone knows how to act if internal or external fraud is identified, and regularly train staff on fraud prevention measures.

Keep your devices secure

To stay safe when using the internet, install an anti-virus and spyware software. Ensure you keep it up-to-date and regularly updated.

Take Five to Protect your Organisation

We’ve joined forces with UK Finance to support their ‘Take Five to Stop Fraud’ campaign. This campaign is all about keeping you safe from scammers and fraudsters. Follow these simple steps, and you’ll be well on your way to protecting your business’ money.

Stop:

Take a quick breath! Taking a moment to think before sharing money or information can really help keep you safe.

Challenge:

Sometimes things might seem a bit off or fake. Remember, it’s perfectly okay to say “no” or take your time deciding. Real businesses won’t pressure you into rushing a decision.

Protect:

If you ever think you might have been scammed, reach out to us right away. You can then also report it to Action Fraud at actionfraud.police.uk or by calling 0330 123 2040. If you’re business is based in Scotland, contact Police Scotland on 101. They’re there to help.

The Do’s and Don’ts to preventing fraud

 

DO's

Be cautious

when opening unexpected emails from unknown sources containing links or attachments.

Be careful

during busy periods and take time to analyse payment requests properly.

Confirm

information you are unsure of with the relevant beneficiary, for example a sudden change in bank details.

Report

any suspicious activity to Unity and the relevant organisations as soon as possible.

Strong Passwords

Create unique, complex passwords and enable MFA for extra security.

Secure Online Banking

Use secure connections, monitor accounts, and be cautious of suspicious messages.

Software & Training

Keep software updated and train staff on cybersecurity.

Payments

Promote bank transfers and standing orders.

DON'Ts

Share details

with anyone, especially your security information. These are private and personal to you.

Download

any unknown and unexpected attachments or Apps.

Give access

to your device to anyone.

Move money

to a ‘safe account’ if advised to do so. You will never be asked to do this by Unity.

Share Info

Never share passwords or personal details.

Public Wi-Fi

Avoid banking on public Wi-Fi networks.

Unknown Downloads

Don't download suspicious attachments or apps.

Move Money on Request

Unity Trust Bank will never ask you to move your money.

Different types of fraud

Select the boxes below to read about different fraud types and learn how you can protect yourself and your organisation.

Telephone fraud, or ‘vishing’, is becoming increasingly commonplace. It’s when fraudsters don’t scam victims online, but call them instead, aiming to trick them into disclosing information or completing certain actions which would result in financial loss.

If you receive a call from someone claiming to be from Unity Trust Bank and you think it might be a scam, do not disclose your passwords or private bank details. Instead, end the call and report it to our dedicated fraud number, freephone 0808 196 8420 so that we can investigate on your behalf.

Phishing emails are unsolicited emails which appear to be from a genuine source, encouraging you to disclose confidential, personal or financial information.

Phishing emails may contain:

  • A request for confidential or secure information (such as your Online Banking log in, passwords, account numbers or PIN numbers).
  • Instructions to complete an attached document, or reply to the email, or to click through to a website to verify your account. Don’t open attachments or click on links if you suspect they may not be genuine.
  • Warnings of a sudden change in an account which requires you to verify that you still use the service.
  • Poor spelling and grammar.

Unity Trust Bank will never send you an email asking you to reconfirm your security details and we will never ask you to divulge your full passwords via email. If you receive an email appearing to be from Unity Trust Bank that looks suspicious, forward it to fraud@unity.co.uk, block the sender, delete the original email, and empty your deleted items. Or you can call our dedicated fraud number, freephone 0808 196 8420.

Smishing is when fraudsters send text messages mimicking companies such as banks, convincing you to click a link which could download viruses onto your device or direct you to a fake website to trick you into releasing personal and financial information. Unity only provides a text service for authenticating accounts or payment requests; any other text messages received that appear to be from Unity are likely to be fraudulent.

If you think that you’ve been a victim of a smishing attack, do not reply to it; instead block the number and delete the message. You can also call our dedicated fraud number, freephone 0808 196 8420. By doing so you’ll also help to protect many more people from being affected.

Invoice or Push Payment fraud is commonplace across the banking industry and happens when a fraudster sends an invoice or instruction requesting a payment. They may intercept emails from legitimate organisations and alter the account details on the invoice, which may lead to money being re-directed into another account.

Organisations are also seeing an increase in fraudsters impersonating staff to redirect salary payments. The fraudster creates an email address that is a close match to the employee’s correct address and sends a request to change their bank details ahead of the next payment date.

Here’s what you can do:

  • Call for verification: If account details have changed or the payment is to an unknown beneficiary, call the organisation on a recognised number and ask them to verbally confirm the account details. Do not use the phone number on the email as this could be the fraudster’s number.
  • Improve internal procedures: Where appropriate, assign at least two people to double-check payments being made or approved.
  • Secure IT infrastructure: Ensure computers and IT systems are protected with software to prevent your organisation from being hacked and make sure you use the latest version of your internet browser with all updates installed.
  • Contact us: If something doesn’t seem right, call our dedicated fraud number, freephone 0808 196 8420.

Cheques can be manipulated into a fraudulent payment, whether it is a counterfeit cheque (a cheque created by a fraudster) or by alteration (written cheque modified by a fraudster) or a forged signature on a genuine cheque.

Here’s what you can do:

  • Don’t pre-sign cheques.
  • Use black ballpoint pen.
  • Make sure you draw a line after you have written the payee name, amount in words and amount.
  • Don’t leave any gaps before or after the numbers in the amount box to minimise the risk of a fraudster altering the cheque.
  • Keep your cheque book in a locked location and restrict access to essential staff only.
  • Periodically check that individual cheques have not been removed from the middle of the cheque book or from the computer cheque stock.

BEC is where a criminal attempts to trick an employee into transferring funds or revealing sensitive information. They often impersonate a senior employee. The criminals behind BEC send convincing-looking emails that might request unusual payments or contain links to fake websites. Some emails may contain viruses disguised as harmless attachments which are activated when opened.

Here’s what you can do:

  • Think about your usual working practices around financial transactions. If you get an email from an organisation you do not do business with, treat it with caution.
  • Look out for emails that appear to come from a high-ranking person within your organisation, requesting a payment to a particular account. Look at the sender’s name and email address. Does it look legitimate or is it trying to mimic someone you know?
  • Ensure that all important email requests are verified using another method such as text message, a phone call or in-person.
  • Does the email suggest you need to take action urgently? Be suspicious of words like ‘send these details within 24 hours’.

Social engineering is when criminals try to scam you using impersonation. Fraudsters attempt to gain your trust and  trick you into voluntarily disclosing confidential information. They often lie to construct a realistic situation to either scare you or excite you. In either case, they hope you’ll hand over your personal information and/or money.

Commonly used methods are fake phone calls, emails, web pages and messages. They might impersonate officials from trusted organisations such as banks, telecommunications companies and government agencies. They do it with the intent of convincing you to give them your sensitive personal information like account passwords.

This is when fraudsters use your identity for their own financial gain. Often these crimes remain undetected for some time, you may not even realise your information’s been stolen until a bill or welcome letter arrives for something you didn’t buy or sign up for.

Here’s what you can do:

  • Be extremely wary of unsolicited phone calls, letters or emails from your bank or other financial institution asking you to confirm your personal details.
  • If you think someone is misusing your bank account details, report it to your bank immediately.

Is it us?

Scams can be difficult to recognise, but there are things to watch out for and things that we will never ask of you.

We’ll never:

  • Pressure you to move your money out of your account. (Instead, we’ll offer solutions to secure it within the account.)
  • Request your confidential codes. (PIN, PINsentry code, activation codes, online banking passwords are all off-limits.)
  • Involve you in internal investigations.
  • Ask you to mislead anyone about your finances.
  • Request remote access to your device.
  • Threaten your account’s safety without cause.
  • Try to trick you by revealing personal information. (Real banks won’t need to convince you it’s them.)
  • Send someone to collect anything from your home.
  • Ask you to make payments through texted links.
  • Discourage you from verifying their communication. (We encourage your vigilance!)

Watch out for these scammer tricks:

  • They’ll claim your money or account is in danger. This creates a sense of urgency to act before you can think clearly.
  • They’ll weave elaborate stories. Scammers might pretend to be someone you know or from a trusted organisation, creating a false sense of urgency or authority.
  • They’ll use your trust in authority figures. Don’t be fooled by claims of being from official organisations or companies demanding immediate payment.
  • They’ll pressure you with fear. They might try to scare you into acting quickly by talking about legal trouble or financial ruin.
  • They’ll push you to move money. Scammers might create a fake scenario requiring you to transfer money out of your account.
  • They’ll instruct you to lie. Banks will never ask you to lie about your finances.
  • They’ll manipulate the payment process. Scammers might tell you to choose specific payment options on your online banking to bypass security features. They might also tell you to ignore warnings.

Our latest fraud blogs

Protecting your organisation from financial fraud on Safer Internet Day

Blog by Chris Hinton, IT Security Officer At Unity Trust Bank, we’re committed to helping you keep your organisation’s money and financial information safe – in […]

Top tips to protect yourself against preventable finance fraud

As technology evolves, so does the threat of cyber crimes like finance fraud. In this digital age, most of us use computers and phones to access […]

Cyber Security: Protect and survive

Commentary from Martin Coward, Chief Risk Officer at Unity Trust Bank. According to the Cyber Security Breaches Survey, conducted by the Department for Digital, Culture, Media […]

How Unity’s partnership with Elavon will benefit our customers

In September, Unity Trust Bank announced a milestone partnership with Elavon Merchant Services to offer business customers a bespoke solution for all their card and merchant […]