Updated Cookies Policy - you'll see this message only once.
Vishing – or voice phishing – is a type of fraud that is enabled via social engineering. Social engineering is the manipulation of situations and people that results in the targeted individuals divulging conﬁdential information.
Vishing involves a fraudster phoning a company in order to convince a member of staff to reveal sensitive company information or make a payment.
Most commonly, fraudsters make an unsolicited call pretending to be from your bank, so they can ask you to reveal confidential information or make payments to account details provided.
Smishing is similar – but is carried out through SMS text message.
Fraudsters will call or text purporting to be from the police, utility providers, delivery companies or even your bank.
They may claim that your account has been compromised, suspicious activity on the account, or that a payment has been made by the business using incorrect bank details. Caller IDs or numbers on display are relatively easy to change or spoof. Fraudsters have been known to convince people a call is genuine by getting them to cross-check the incoming call number with the official number of the bank, however fraudsters can use technology to spoof numbers which make them appear to be coming from a genuine source.
Smishing, on the other hand, is where the fraudster targets a victim via a text, often purporting to be from their bank, in order to convince them to reveal sensitive financial information or transfer money into other accounts.
The text often contains a phone number, which connects you to the fraudster. As with vishing, details can be spoofed, so it can seem as if the texts are coming from a legitimate source and they can even be inserted into genuine text communications with the bank.
Derek has become an office legend simply by spotting scams and, in turn, saving his company big money. Want to know how he does it?
The client received a call from a male claiming to be from Barclays. The caller’s number appeared on the client’s display as a genuine Barclays number. The caller advised the client to use the online phone number checker to verify the call is genuinely from Barclays.
The caller told the client that their account had been accessed from a suspicious location. The caller advised the client that they would need to block all of their accounts, this would need to be done manually, by sending payments with the reference “BLOCKTHISACCOUNT”. A total of 9 payments, totalling £156k were made by the client following these instructions.
Barclays’ fraud prevention team identified the unusual beneficiary names and references on four of the payments which were held, and called the customer to ask for further details.
During the call with the client it became apparent that they were also on the other line to someone from the fraudster impersonating Barclays. The client was informed of how vishing scams work and they were advised to hang up on the other caller.
Initially the client was confused and did not know who to believe. Barclays provided relevant information so that the client could independently verify the genuine call and be confident they were speaking to Barclays.
Fortunately, on this occasion this scam was averted due to the unusual reference used and the banks internal fraud detection systems, but fraudsters have been known to be so convincing that clients have disregarded the banks advice, and demanded that payments are released.
If you believe you may have fallen victim to a vishing scam, contact us immediately. Our team will try to recover the money from the fraudster’s bank account. The quicker you alert your bank, the greater the chance of recovering the funds.
Report it to ActionFraud – the police’s national fraud and cyber crime reporting centre. Even if you’ve not suffered any financial loss, this will allow the police to analyse trends and help them to prevent fraudsters exploiting other companies. You can file a report via their website at www.actionfraud.police.uk (opens in a new window).
If you have any queries, please speak to your Relationship Director.
If you fall victim to fraud on your Barclays payment channels, call the Online Fraud Helpdesk immediately on:
Fraudulent attacks, even if unsuccessful, should be reported to Action Fraud by calling 0300 123 2040.
The Little Books of Big Scams – Business Edition
If you have any questions or concerns about fraud contact us:
0330 156 0155 / 0800 056 4890*
Your eligible deposits with Barclays Bank PLC are protected up to the FSCS compensation limit by the Financial Services Compensation Scheme, the UK's deposit guarantee scheme. This limit is applied to the total of any deposits you have with the following: Barclays, Barclays Corporate Banking, Barclays Investment Bank, Barclays Private Banking and Barclaycard. Any total deposits you hold above the limit between these brands are unlikely to be covered. For further information visit www.fscs.org.uk^ (opens in a new window).
Barclays Bank PLC is registered in England (Company No. 1026167) with its registered office at 1 Churchill Place, London E14 5HP. Barclays Bank PLC is authorised by the Prudential Regulation Authority, and regulated by the Financial Conduct Authority (Financial Services Register No. 122702) and the Prudential Regulation Authority. Barclays is a trading name and trade mark of Barclays PLC and its subsidiaries.
‡This link takes you to a Barclays Bank UK PLC website
*Lines are open Monday to Friday, 8am to 7pm. To maintain a quality service we may monitor or record phone calls. Call charges and information.
^You are about to link through to a non Barclays site. Please note that Barclays is not responsible for the accuracy or content of this website, and is not recommending it or giving any assurances as to its standing. Barclays does not accept any liability for any loss or damage suffered as a result of its use.