Skip to main content

Protecting yourself from common scams and fraud

There are many ways fraudsters can obtain information. Protect yourself with confidence with common scam tips.

Steps to stop fraud and stay safe

We know protecting your money is more important than ever right now. Fraudsters are finding more ways to trick people into giving them personal details, to take over accounts and apply for new ones. We’re doing everything we can to continue keeping you secure against fraud. But to be safe, here are a few things you can do too, to stay protected.

    1

    Never give out your personal details unless you know who you're dealing with.

    2

    Use strong passwords and change them regularly.

    3

    Check bank statements regularly for unusual activity that you don't recognise.

    Simple ways to protect your money

    • Remember, we’ll never ask for personal information like your PIN or passwords for online accounts. Please keep your security details safe.Remember, we’ll never ask for personal information like your PIN or passwords for online accounts. Please keep your security details safe.
    • If possible, use Face ID and fingerprint scanners to make logging into your devices more secure. And use multifactor authentication to add extra steps to your logins.If possible, use Face ID and fingerprint scanners to make logging into your devices more secure. And use multifactor authentication to add extra steps to your logins.
    • Fraudsters may use limited details they know about you to trick you into giving them more information. They can pretend to be people you might trust, like your bank, a retailer, the government, or a friend or family member. If you’re unsure about a call, text, or email, always end the conversation and phone us directly.Fraudsters may use limited details they know about you to trick you into giving them more information. They can pretend to be people you might trust, like your bank, a retailer, the government, or a friend or family member. If you’re unsure about a call, text, or email, always end the conversation and phone us directly.
    • Unfortunately, there are many ways a fraudster could try to scam you. For advice on the signs of a scam and what to do when you spot them, check out our tips on protecting yourself from common scams and fraud.Unfortunately, there are many ways a fraudster could try to scam you. For advice on the signs of a scam and what to do when you spot them, check out our tips on protecting yourself from common scams and fraud.
    • Keep an eye on your credit rating. This can help you spot if your identity is being used by Fraudsters, to apply for accounts in your name. Experian, Equifax, and TransUnion all offer free credit rating reports.Keep an eye on your credit rating. This can help you spot if your identity is being used by Fraudsters, to apply for accounts in your name. Experian, Equifax, and TransUnion all offer free credit rating reports.
    • Regularly change your passwords, making sure they’re always strong and unique, and not written somewhere that people will find them.Regularly change your passwords, making sure they’re always strong and unique, and not written somewhere that people will find them.
    • If you see something unusual in your bank statements, report it to your bank immediately.If you see something unusual in your bank statements, report it to your bank immediately.

    Worried you’ve been a victim of fraud?

    If you think you have been a victim of fraud, you should tell your bank and report it to Action Fraud, the UK's national fraud and internet crime reporting centre, on 0300 123 2040. For customers in Scotland, please contact Police Scotland on 101.

      Common scams to look out for

      Be cautious with any email, text or call you receive about your accounts, especially when it comes out of the blue. Fraudsters use these ways to contact you to try and trick you into sending them your personal information or money.

      • Unexpected contact from someone asking for your PINs or Passwords is sure to be a scam. We’ll never ask for this information in full.Unexpected contact from someone asking for your PINs or Passwords is sure to be a scam. We’ll never ask for this information in full.
      • Never share personal information with someone who cannot prove who they say they are. If this happens end the phone call, or don’t reply to texts or emails. If the person says they’re from a company, look for their official contact details online and get back in touch that way.Never share personal information with someone who cannot prove who they say they are. If this happens end the phone call, or don’t reply to texts or emails. If the person says they’re from a company, look for their official contact details online and get back in touch that way.
      • Does the deal seem to be good to be true, or are you being pressured to do something quickly? It’s probably a scam - these are common tricks used by fraudsters.Does the deal seem to be good to be true, or are you being pressured to do something quickly? It’s probably a scam - these are common tricks used by fraudsters.

      Common tricks fraudsters use

      1. Bank transfer (APP fraud) scams

      Authorised Push Payment fraud (APP fraud) happens when someone tricks you into sending money to them under false pretences. Fraudsters may contact you by phone, email or social media, pretending to be someone else.

      These scams can be complex and very convincing. APP fraud payments are requested by bank transfer or other types of online payment, so they can’t be reversed once you realise you’ve been a victim.

      How to protect yourself:

      If you are contacted and asked to send money, stop and think – ask yourself if this could be a scam?

      • We’ll never contact you out of the blue and ask you to send money to another account.We’ll never contact you out of the blue and ask you to send money to another account.
      • If someone from a company or well-known organisation asks to you make a payment, take whatever time you need to check they are who they say they are.If someone from a company or well-known organisation asks to you make a payment, take whatever time you need to check they are who they say they are.
      • Have you been told you need to make an urgent payment? Be wary, this is a common APP fraud trick. Fraudsters try to rush you into acting before you’ve had time to think things through.Have you been told you need to make an urgent payment? Be wary, this is a common APP fraud trick. Fraudsters try to rush you into acting before you’ve had time to think things through.

      Find out more on our dedicated APP fraud page.

        2. Email scams

        Fraudsters try to take advantage of emails to trick you into sharing personal information or access to your accounts. Their fraudulent emails can be very convincing.

        What is Phishing?

        Phishing emails are a confidence trick. They appear to be from your bank or legitimate organisations and can look genuine. However, they contain links or attachments that can take you to dangerous fake websites or download malware.

        How to protect yourself:

        • Click to look at the email address of the sender of any suspicious messages. The email may say it’s from HMRC or TV Licensing, but the address won’t match this.Click to look at the email address of the sender of any suspicious messages. The email may say it’s from HMRC or TV Licensing, but the address won’t match this.
        • Be wary of messages offering you free vouchers or alerting you to a notification or problem with your account or security.Be wary of messages offering you free vouchers or alerting you to a notification or problem with your account or security.
        • Don’t click any links in an email that you suspect. Especially if it is a link that asks you to log in to your account - these links usually lead to a fake site that it is used to steal your personal information.Don’t click any links in an email that you suspect. Especially if it is a link that asks you to log in to your account - these links usually lead to a fake site that it is used to steal your personal information.

        If you’ve received a suspicious email that you think might be a scam, send it to us at phishing@tescobank.com

          3. Phone scams

          Be vigilant when someone you don’t know calls you. Fraudsters will aim to trick you into giving them your details or transferring money into a bank account they have control over.

          What is Vishing?

          Vishing is just like phishing, but it happens over the phone. Fraudsters may call pretending to be your bank or your internet/phone provider or even the police.

          How to protect yourself:

          • Ask the caller for their name and where they are calling from. Then hang up and call the company back on a number that you know and trust.Ask the caller for their name and where they are calling from. Then hang up and call the company back on a number that you know and trust.
          • Always call back from another phone to the one you received the call on. If you can't access another phone, wait five minutes, or call a friend before making the call.Always call back from another phone to the one you received the call on. If you can't access another phone, wait five minutes, or call a friend before making the call.
          • If the caller tries to rush you, stop and think. This is a tell-tale sign of a scam.If the caller tries to rush you, stop and think. This is a tell-tale sign of a scam.
          • Never give out your any of your banking or personal details to anyone who calls you unexpectedly.Never give out your any of your banking or personal details to anyone who calls you unexpectedly.
          • Never allow anyone who calls you unexpectedly to remotely access your computer.Never allow anyone who calls you unexpectedly to remotely access your computer.

          Text scams

          Texts can be used just like phishing emails, appearing to be an official message from your bank. Fraudsters often copy the security alert or offer messages banks send to their customers.

          What is Smishing?

          Smishing messages are texts that contain a link to a dangerous site, or a fake phone number to call. The messages look authentic, often telling you that a refund is ready for you, or there’s a problem with your account. They usually have a sense of urgency, telling you to ‘act fast’.

          How to protect yourself:

          • Look out for texts with a generic greeting, that don’t address you by name.Look out for texts with a generic greeting, that don’t address you by name.
          • If you see poor grammar, punctuation or layout it’s likely to be a smishing text.If you see poor grammar, punctuation or layout it’s likely to be a smishing text.
          • Never use a link to login to your account that’s sent to you by text. Same goes for phone numbers – don’t call a number texted to you.Never use a link to login to your account that’s sent to you by text. Same goes for phone numbers – don’t call a number texted to you.
          • Fraudsters can spoof the number they’re texting from - so don’t trust texts that come out of the blue even if they appear to be from your bank.Fraudsters can spoof the number they’re texting from - so don’t trust texts that come out of the blue even if they appear to be from your bank.

          If you receive a suspicious text, report it to your network operator. Simply forward the text to 7726. This won’t cost you anything.

            4. Online fraud

            We have specialised multi-layered security to protect your accounts with our computer systems. Fraudsters may instead attack your computer using malware.

            What is Malware?

            Malware is harmful software designed to infect your computer without your consent or knowledge. Malware can take control of your computer and steal your security or bank details.

            How to protect yourself:

            Being careful is the best defence, especially when clicking on attachments and links that are sent to you by email or text.

            • Be cautious when downloading files and attachments, do you trust the source?Be cautious when downloading files and attachments, do you trust the source?
            • Be wary of companies that ask you to download software that allows them access to your computer or device.Be wary of companies that ask you to download software that allows them access to your computer or device.
            • We only distribute our Mobile Banking App from Google Play Store or the App Store. Don’t download our Mobile Banking App from anywhere else.We only distribute our Mobile Banking App from Google Play Store or the App Store. Don’t download our Mobile Banking App from anywhere else.
            • Use anti-virus and security software, firewalls and anti-spyware and keep them updated.Use anti-virus and security software, firewalls and anti-spyware and keep them updated.

            Identifying emails from us

            If an email is from Tesco Bank:

            • Any links to the Tesco Bank site will include tescobank.com in the address. If you have any suspicions, visit our website directly instead of using the link in the email.Any links to the Tesco Bank site will include tescobank.com in the address. If you have any suspicions, visit our website directly instead of using the link in the email.
            • We’ll never ask you to login to Online Banking via a link in an email or text message.We’ll never ask you to login to Online Banking via a link in an email or text message.
            • We’ll never ask you for your full 6-digit PIN, either by phone or online.We’ll never ask you for your full 6-digit PIN, either by phone or online.
            • We’ll never email you links that direct you to your account login page.We’ll never email you links that direct you to your account login page.
            • If you haven’t opted out of receiving marketing emails, we may occasionally send you offers about other Tesco and Tesco Bank offers.If you haven’t opted out of receiving marketing emails, we may occasionally send you offers about other Tesco and Tesco Bank offers.

            Help with any suspicious contact

            If you doubt the authenticity of a phone call, text message or letter then please call the number on your statement or card. Or find a relevant security and fraud number:

              Contact us about security and fraud

              Additional support from Cifas

              Cifas is a not-for-profit fraud organisation. It provides information and tools to help you understand fraud and financial crime, and advice on how to protect yourself.

              If you’ve been a victim of identity fraud, or are worried your personal data is at risk, they offer Protective Registration. You might be at a higher risk of identity theft if:

              • Your personal documents have recently been lost or stolenYour personal documents have recently been lost or stolen
              • You’re the customer of an organisation that has recently lost or leaked dataYou’re the customer of an organisation that has recently lost or leaked data
              • You’ve been advised by the police that you’re at risk of identity theftYou’ve been advised by the police that you’re at risk of identity theft

              To help protect you, Cifas’ Protective Registration adds a warning flag against your name on a register that’s shared with other organisations. That means they know to pay close attention if your details are used to purchase products or services. Visit Cifas.org.uk for more information.

              The following information may also be helpful:

                Citizens Advice: Check if something might be a scam Age UK: Support for scam victims