More in this section

Scams target people of all backgrounds and ages. With today’s modern technology, criminals are becoming increasingly sophisticated in their attempts to steal personal data and your money. It’s important to be alert and protect yourself against scams and to know what we are doing about it. 

> Authorised Push Payment Fraud
> What we do to help protect you against Authorised Push Payment Fraud
> Looking after your data
> Phishing
> Vishing
> Pharming
> Passwords
> Keeping your browser up to date

Authorised Push Payment Fraud
Authorised Push Payment fraud is when you are deceived into transferring money from your account to a fraudster’s account. They often do this by contacting you via phone, email or social media and pretending to be someone else such as your bank, solicitor, a contractor, an estate agent or the police, for example.

On 28 May 2019, a number of banks and one building society, Nationwide, signed up to a new voluntary protection scheme, the ‘Contingent Reimbursement Model Code’, which now falls under the responsibility of the Lending Standards Board. The members of this scheme offer current accounts and process millions of transactions every day.

National Counties Building Society, along with all other Building Societies with the exception of Nationwide, is not part of this voluntary Code. This is because we do not operate current accounts or allow payments to be made to 3rd party accounts. Only payments made to a customer’s own nominated account are allowed.  

What we do to help protect you against Authorised Push Payment Fraud
Although the Society is not part of the voluntary Code, you can be assured that any case of fraud that is reported to us is investigated thoroughly and promptly.

Anti-fraud measures are already in place to help combat fraud, from our own electronic security systems that protect your data, to our branch staff who are trained to spot when someone is about to fall victim to a scam.

Looking after your data
As you would expect, we take looking after our customer data and money very seriously. We’re proud to have received Cyber Essentials Plus accreditation. This means the Society has the necessary technical security and controls in place to ensure customer data is safe and secure.

We use the most up to date firewall security and regularly upgrade our systems and software controls

We employ external security auditors to robustly test our systems and controls

We will only act on change requests to your account after we have received clear
evidence to prove that you are indeed the actual customer

We monitor for abnormal transactional activity and will contact you if we have any suspicion of unusual behaviour.

 
Cyber-Essentials-Plus-Badge
As a further level of protection, you will be reimbursed for an unauthorised withdrawal. This protection is subject to our 'General conditions for our savings accounts'. Users of our Online Service are also protected from unauthorised transactions. View our ‘Online Service Agreement’.
While the Society has many anti-fraud and data protection measures in place, there is much you can do to help yourself.

Never disclose security details, such as your PIN or passwords
Don’t assume an email, text or phone call is genuine
Don’t be rushed – a genuine organisation won’t mind waiting
Listen to your instincts – you know if something doesn’t feel right
Stay in control – don’t panic and make a decision you’ll regret 

And remember, these useful tips:

Be alert to the fact that scams exist
Know who you're dealing with
Do not open suspicious texts, pop-up windows or click on links or attachments in emails – delete them
Don't respond to phone calls about your computer asking for remote access – hang up
Keep your personal details secure
Keep your mobile devices and computers secure
Choose your passwords carefully
Review your privacy and security settings on social media
Beware of any requests for your details or money
Be wary of unusual payment requests
Be careful when shopping online.

Below are a few of the most common types of scams and tips on how to avoid them.

Phishing 
Phishing refers to emails that attempt to fraudulently obtain your sensitive information. These emails will often direct you to a website requesting you to enter your personal information such as bank log in details and passwords. The information is then used to access important accounts and can result in identity theft and financial loss. 

Common features of phishing emails are:

Appear to be too good to be true (they often are) 
Have a sense of urgency
Address you in an unusual way
Contain multiple grammatical errors
Contain hyperlinks or attachments which may be from an unusual sender. 

If you receive an email from us that you are suspicious about, simply forward the email to bsecure@ncbs.co.uk and we will investigate it.
Vishing
Fraudsters can also make unsolicited telephone calls encouraging individuals to provide sensitive data such as personally identifiable information. This is known as Vishing. If you’re unsure about a call you receive from any financial organisation, call them back but from another phone line such as a mobile or landline. We would recommend waiting about five minutes before doing so as sometimes the fraudster on the other end doesn’t hang up so when you make another call, they’re still on the line.

When we make an outgoing call e.g. to check something on an application or letter, please be aware that we will ask for personal data to identify you. We encourage you to follow the steps above if you are at all suspicious about any aspect of the call.
Pharming
Pharming is another scam whereby a fraudster installs malicious code on a personal computer or server. This code usually redirects any clicks you make on a website to another fraudulent website without your consent or knowledge. Be especially careful when entering financial information on a website. Look out for the ‘s’ in https and the key or lock symbol in the browser. Don’t click on the website unless you’re absolutely certain that the website is secure.
Passwords

To help keep your data and personal information safe you should ensure you set a strong password on your account. To help set a strong password see the useful points below.

Don’t use personal information 
Don’t use easily recognisable numbers
Avoid using the word ‘password’
Use a mixture of letters and numbers

Use a mixture of capital and non-capital letters

Use symbols such as an asterix or exclamation mark
Make sure you have a long password
Modify easy to remember phrases
Try using three completely random words.

 

It’s important that you change your password regularly and use different passwords to those you’ve already used for other accounts. Also, don’t write passwords down or share them. 

Keeping your browser up to date
In order to benefit from the latest security features that Google and Microsoft introduce as a matter of course, it is important that your web browser is up to date. We’ve created a page on our website that provides full instructions on how to check and upgrade your browser which you can view here.

You also may find the following links useful:

Take Five - https://takefive-stopfraud.org.uk/

Get Safe Online - https://www.getsafeonline.org/shopping-banking/telephone-banking-fraud/

Action Fraud - http://www.actionfraud.police.uk/

BT - http://bt.custhelp.com/app/answers/detail/a_id/48253/~/security-warning---fraud-activities

Ofcom - http://consumers.ofcom.org.uk/phone/tackling-nuisance-calls-and-messages/phone-spoof-scam/