URGENT: Scammers Targeting Mobile Banking App Users


author image - crispin

By Crispin Bateman

on Wednesday 19 June 2019


Warning scam sign

Last night, I was targeted by scammers pretending to be NatWest online banking.

As one of the writers and advisors here at Compare UK Quotes, I was lucky enough in that I had the background knowledge to see the scam for what it was and wasn’t taken in by it, but the quality of the deceit was so good that I came very close to giving away my online banking details!

At Compare UK Quotes, we try to always give you the best advice regarding all aspects of personal finance, so it seemed only right that we bring this latest attempt by thieves to our readers’ attention.

This scam is, of course, one of many that is tried every day to get access to innocent people’s banking details and different types of scams exist no matter who you bank with. Make sure you do not become a victim by understanding some of the tricks and how to spot them.

The presentation of the mobile banking scam

The first thing that struck me was the impressive attention to detail that made this scam look so close to real. My experience started with a text message that came yesterday evening – it was especially impressive as it came from a number my iPhone believed was NatWest. In fact, as you can see from the screenshot, I had a message that I believe was legitimately from NatWest from this very number back in February!

NatWest scam

That earlier message helped me believe the new one was a fake. In the first message, there is no direct website link or a demand to get you to visit a potentially bogus website. It simply tells me to use my trusted mobile app to check for a relevant message – something NatWest themselves might do, but a scammer is unlikely to try.

The new scam message reads:

“Your internet banking has been disabled for security reasons, Please visit your local branch or unlock at http://213.249.163.212/.

Here are some flags that should help you see this as fake:

  • The website it points you to is just a number, and doesn’t contain NatWest’s legitimate domain name (natwest.com).

  • The punctuation is off. It’s subtle, but the comma before ‘Please’ should be a full stop. I’d hope that an official message from the bank (like the earlier one) is better edited and properly proofed!

But that’s it. The clever trick of offering to fix an issue by asking you to visit a website makes it seem a little more legitimate – after all, why would a scammer ask me to visit a real-life branch? Of course, they know that as I’m sat there with my phone, I’m unlikely to put in the effort to go and visit a high street, and I’ll just click on the link instead. It’s a nice trick designed to put me in my comfort zone, and it very nearly worked!

The impressive presentation didn’t end here. When the link was clicked (yes, I did!), I was taken to this webpage:

NatWest scam message

If you’ve ever used NatWest online banking, you’ll see just how convincing this page was! It’s perfectly coloured, has relevant menus and looks just like the real thing!

Well done scammers!

Identifying the fake

At this point, I was suspicious enough to do the one thing they don’t want you to do – I logged in to my online banking. Unsurprisingly, this was working just fine. There was no security shutdown, and everything was showing as normal. But of course it was – there was nothing really wrong!

As a quick side note, I admit that I have once had my NatWest banking shut down for security reasons! It was a rough day and it involved a great number of phone calls and emails between me and the NatWest/RBS fraud department. When this happened, my mobile app showed none of my bank accounts – they simply disappeared. This part experience was another helpful pointer to knowing that this current situation was fake.

Going back to the website, there was another huge clue. Safari (the default iPhone web browser) had helpfully written the words ‘not secure’ next to the website address. Thanks Apple! Another nail in the coffin for the conmen.

My next move was to click on the menus on the website – after all, if this was a legitimate NatWest web page, it was going to let me jump around to other sections on their site. I could always come back to solve this issue later, right?

Wrong. None of the menus worked – it looked like the NatWest site, but it didn’t act like it. The final nail was hammered in and I closed my browser confident that I’d had a narrow escape.

Because the alternative was horrible to imagine.

What to do if you are scammed

I came close to falling for this well-presented fake website, and if I’d put in my customer number, filled in details from my PIN and given them everything they wanted, what would have been the result?

Financial disaster, that’s what! I have no doubt that within minutes, all my accounts would have been cleared out, my overdrafts maxed, and my savings delivered to a thief. Not only that, but they’d be able to look through my statements and probably find future ways to target me. It would have been a horror story, but not the worst – after all, my savings are relatively low and my overdraft insignificant.

But what would have happened if I had been saving for a mortgage and was close to my target? Or had a business bank account with money put aside for a year’s worth of income tax?

For some people, five minutes access to their bank account can devastate them for life.

Thankfully, new changes in agreements by banks as of May 28th 2019 mean that you are more likely to get your money back from this sort of scam. If you find yourself a victim, contact your bank immediately and tell them what has happened, they will do what they can to get your money back – and if they don’t, escalate the issue to the financial ombudsman.

Though all banks haven’t signed up to the new code, most of the famous names (including RBS, the parent for NatWest) have done. I would probably have managed to get my money back in this instance. Probably.

Are online banks safe?

This experience raises the question ‘are online banks safe?’ and, despite this potentially devastating situation, we at Compare UK Quotes still come down heavily on the side of ‘yes’ – the security systems involved in protecting your money are second to none.

Of course, you must be careful. Like with anything, make sure you don’t give your banking details away to anyone and be wary of simply inputting them into systems when you are not 100% sure. A simple rule of thumb is that if you did not initiate the contact, don’t trust it! When I had my bank accounts frozen previously, the bank didn’t text me or let me know in anyway – they waited for me to notice the problem and call them. At first, I was annoyed by this and brought it up with the nice advisor on the phone.

‘Why didn’t you let me know?’ I asked. ‘I’ve had to chase this down.’

‘We know you will contact us as soon as you notice your account is frozen,’ he said, ‘and in doing so, you know we are really the bank. If we had initiated contact, you would have not really known who you were speaking to.’

He was right. I hadn’t thought of it in that way, but he was right.

Online banks are safe, but you need to be sensible in the way you use them. If you are unsure, check, check again, and initiate contact on your own terms. Call your bank, visit a branch, use their online contact facilities. Don’t just accept an unsolicited text at face-value.

Advice from Compare UK Quotes

We’re always on the lookout to give you the best financial advice here at Compare UK Quotes. With a huge library of articles about personal finance, there’s nowhere better to find out about banking, insurance and more.


banking online banking scam