Consumers are being warned of a seasonal spike in “phishing” emails purporting to be from HSBC, NatWest and other major banks.
Fraud experts say conmen are taking advantage of consumers’ higher-than-usual spending over the holiday period to trick them into thinking there is a problem with their account.
The emails – which typically warn customers that their spending has been frozen – are in fact from fraudsters, sent with the intention of obtaining customer data or infecting recipients’ computers with viruses.
The emails cleverly prey on growing public concern with online security.
The NatWest email, for instance, refers to a “recent security issue” which has led to the account being “deactivated”.
Tony Neate, CEO of internet awareness organisation, Get Safe Online said: “Christmas is a busy time of year for scammers, too, as this spike in phishing emails has shown.
“Most consumers’ credit and debit cards will have been used more than usual, so an email from your bank saying your account has been suspended doesn’t seem that odd.”
The HSBC email refers to an inability to process transactions “due to security reasons”.
In another email seen by Telegraph Money, purporting to be from Barclays, the recipient was told their account had been frozen because “your last online session was not properly signed off, or you are using an outdated or unsupported browser.”
Mr Neate said: “These kind of scams tap perfectly into feelings that make us panic – if we get an email purporting to come from someone we trust (our bank) about something that is emotive to us all (money) and then demand that we act urgently, its almost like the perfect storm.”
While the messages often contain convincing branding and even the names of real people – Chris Popple, for example, is a real executive of NatWest – there are usually some tell-tale signs helping recipients identify them as fake.
They often contain grammatical errors, punctuation or spelling mistakes. Recently the standard of phishing emails has improved, however, and they have become harder to spot, Mr Neate said.
One crucial inclusion which should set warning bells ringing is the request for personal information.
He said: “A bank would categorically never ask you to do this. It’s the number one giveaway sign that a criminal is trying to scam you. We would also advise you to never click into a link or attachment in an email from an unknown sender.”
• The best of Telegraph Money: get our weekly newsletter
Have a question for our experts? Email firstname.lastname@example.org