Overlay
Protect your business

Phishing

What is email fraud or ‘phishing’?

Phishing is a type of social engineering attack used by cybercriminals to steal your personal information, including login codes and credit card numbers. Phishing can be conducted via a text message, social media, or by phone, but the term 'phishing' is mainly used to describe attacks that arrive by email.

It happens when an attacker pretends to be from a trusted company who wants to trick you into opening a message on your device and then clicking on a link to a fraudulent website to steal your information and cash.

What to look out for

  • Check the grammar and spelling. This can be a big giveaway of a scam email.
  • Emails which require you to respond quickly or offer enticing discounts.
  • Emails and texts that link you to web pages that ask for too much information, such as your full card or online banking codes.
  • Web pages with misspelt or strange addresses.

How will I know if I’ve been phished?

If you’ve been phished, there are some signs that can help you spot if you’ve been tricked:

  • Identity theft.
  • Unprompted password reset requests.
  • You cannot make calls or send texts using your mobile phone - a sign of SIM swap fraud.
  • You suddenly receive an influx of spam email (or spam emails sent from your account).
  • Cannot login to online banking or websites

Actions you can take now

  • Check if the email is personalised. Does it have information like your name, your postcode or part of your account number? If there’s no personalisation, treat it with suspicion.
  • Instead of clicking on a link - go directly to the website to login or call the company to determine if the email or text is genuine.
  • If someone does fall victim to a phishing scam, encourage them to speak out. The quicker it’s identified, the sooner you can act.
  • For the latest cyber security advice and resources, visit the National Cyber Security Centre (NCSC).
  • Forward any suspicious emails referring to Royal Bank to phishing@rbs.co.uk. Most large companies will have their own mailbox for reporting phishing emails.

Always think twice and make double checking second nature

Take Five logo

Take Five to stop fraud

Take Five is a national campaign that offers straight-forward and impartial advice to help everyone protect themselves from preventable financial fraud. This includes email deception and phone-based scams as well as online fraud – particularly where criminals impersonate trusted organisations.

Need to report a fraud or a scam?

Other ways to get help