Customers of NatWest have been advised that scam emails claiming to be from the bank are spreading.
The national fraud reporting agency Action Fraud has reported receiving 1,478 allegations linked to fraudulent NatWest emails in less than two weeks.
The emails, which are not from the bank, claim the recipient needs to “verify” or “update” their bank account information.
The scammers claim this is needed to maintain access to their online banking.
According to Action Fraud, the messages contain links to fraudulent websites meant to steal personal and financial information.
The department advised users to contact the group directly if they had concerns about a message in an alert placed on X, formerly known as Twitter.
“Don’t use the numbers or address in the message – use the information from their official website,” they said.
“Your bank (or any other official source) will never ask you to supply personal information via email.”
In one example of the scam email, the fraudsters claim to be “making significant changes” to NatWest’s Online Banking which will affect current accounts.
Another example of this type of scam tactic, which features the NatWest logo despite not being from the bank, read:
“Dear Customer.
“A recent maintenance has just been completed, we therefore require you immediately login to your online portal, in order to ensure this has not affected your account(s).
“We will send you a one time passcode by text to ensure it is actually you logging in.”
The message goes on to encourage people to click a link within the email, and even claims account security is their “priority”.
“Click here to complete online portal verification. We are here to assist you anytime. Your account security is our priority. Thank you for choosing NatWest.”
Action Fraud has urged people not to “take the bait”, warning: “The emails are FAKE and the links lead to malicious websites that are designed to steal your personal and financial information.”
If a person has spotted a suspicious email, they are directed to forward it to the Suspicious Email Reporting Service (SERS) via [email protected].