You receive an email that looks like it comes from us asking you to sign in and check your account. It looks real, so you might be tempted to click on the link and enter your user ID and password into the website. Wait a minute. If you do, you will be handing over your details to a fraudster who wants to take your money.
Phishing scams are used by fraudsters to lure victims, by email, text or phone, into handing over valuable information such as credit card and bank account numbers, passwords and sign in details, which can be used to commit fraud.
These emails, texts or websites often contain links to fake online banking login pages, which will send your password and memorable information to the fraudster. The link might also lead to a website that will infect your device with malware. Remember, emails from Halifax will only ever contain a link to our main banking homepage, and never to a page that asks you to enter login credentials, personal information, card details or to carry out a test payment. If in doubt, visit our site by typing the URL directly into your browser window (you can find our URL on your bank card or statement).
Pop-up messages asking for your Online Banking details are likely to be scams. We will never ask you to enter your password or memorable information in a pop-up. We’ll also never ask for your card PIN.
Here are some good ideas that will help keep you safe:
Impersonal greetings and probing questions
A phishing email may not be personally addressed to you but may begin with ‘Dear valued customer’. The fraudster or fraudulent website may ask for lots of sensitive personal information such as passwords, Online banking sign in details, contact details or credit card numbers.
A phishing email may say things like ‘we need to verify your account information’ to try and get you to respond without thinking.
Bad spelling and formatting
The wording of the email may have poor grammar and spelling. The fake website may look slightly different with an alternative layout or
Emails from Halifax
We will never link from an email directly through to your Online Banking sign in page or to a page that asks for your security or personal details. And we’ll never send you an email, text or a website link asking you to enter your Online Banking credentials, card details or to carry out a test payment.
We will always:
To confirm the email is genuine, make sure all the above apply. If you’re not sure, call us using a phone number you know is valid. You can find our number on the back of your bank card and on your statements.
If you receive a phishing email, stay calm. There is no risk in receiving it. Just delete it.
Always report it by forwarding it to firstname.lastname@example.org. We’ll use this information to help reduce fraud.
If you think you may have fallen victim to phishing or any other type of online fraud, please call us as soon as possible on 0345 602 0000. If you’re calling from a mobile or overseas, the number is +44 113 279 8302. Customers who are overseas or who have hearing difficulties or speech impairments should visit our contact us page for further information.
Keep your anti-virus software, browsers and firewall up to date to protect yourself and your devices from online threats.
Find out more about staying safe online:
Bank Safe Online
Get Safe Online