There will be more information soon, but we wanted to make you aware that some Natwest Bankline customers are currently being targeted by criminals impersonating the bank’s fraud team.
Natwest will never ask customers to:
Download remote access software such as AnyDesk or TeamViewer
Scan and divulge a QR code to anyone calling
Discuss your Bankline or Online banking PIN and password
Anyone doing any of these things is an imposter and the call must be terminated immediately.
Please could we also highlight that if your card reader says you are approving a payment, the payment has already been authorised to be paid and will debit the account. Cancelling a payment means that the payment wont be made.
Details on how the scam works:
- The customer receives a call from the fraudster pretending to be from the bank’s fraud team, the caller informs the customer of suspicious transactions on their account and that the customer’s Bankline profile may have been compromised.
- The caller asks the customer to visit a fake bank-branded webpage, and to install remote access software (such as AnyDesk, Team Viewer), to begin a bogus cancellation process.
- Once this software is installed on the customer’s machine, it will (subject to permission) allow a third party to access and take over the device.
- The caller will then ask the customer to login to Bankline, stating several payments need cancelling.
- Once the customer has logged into Bankline, this provides the criminal access to create fraudulent payments, often diverting the customer’s attention away from the screen whilst this takes place.
- The caller then shows the customer these payments and tricks them into providing authorisation via their smartcard and reader. They do so by convincing the customer that the authorisation code will cancel the payment.
- The code releases the fraudulent payments with the money sent to mule accounts controlled by the fraudster.
Please see this link for upcoming virtual fraud events.