A devious 'Santander' text message scam aimed at stealing customers' funds is conning people into handing over their details by claiming there has been "suspicious activity" on their account.
The scammers are able to mimic Santander's number, meaning the text could actually appear within a legitimate thread of messages from the bank, making it especially hard to spot.
Potential victims are told to follow a link and enter their details, enabling the crooks to wipe out their accounts.
Have you received a message like this pretending to be from Santander? If so, do NOT click the link - it is a scam. Remember, never enter your Online Banking details after clicking on a link in an email or text message. pic.twitter.com/wKPOnSHTrQ— Santander UK (@santanderuk) March 7, 2018
Your bank might not reimburse you
Crucially, anyone who hands over their One-Time Passcode (OTP) as part of the scam could find their bank won't refund them.
The OTP is an extra layer of security Santander (and other banks) use to authorise things like setting up a new payee or changing details on the account.
All banks that use OTPs are clear that they will never ask you to reveal this under any circumstance. So anyone who does so probably won't be protected.
Last year, we reported how numerous Santander victims lost money after handing over their OTP as part of a scam and Santander refused to reimburse them.
"Whilst we are very sympathetic to customers who are victims of scams, as there was no Santander error and all three customers divulged personal, security information, we therefore cannot accept any responsibility for the losses on these accounts," Santander said at the time.
More to lose
More and more people are using current accounts as savings accounts as they offer more interest than traditional deals.
This means more cash is likely to be held in a current account, which makes them a prime target for fraudsters.
The Santander 123 Current Account pays 1.5% on savings up to £20,000 and is especially good for large balances.
Of course, the scammers can easily imitate any other bank, so it's not just Santander customers who need to be vigilant.
The industry as a whole has seen an alarming rise in the use of ‘social engineering techniques’, including targeted text scams.
Take a look at our guide to the latest tricks scammers are using to keep up to date with how criminals are trying to steal your money.
How to stay safe
Your bank will never contact you to ask for your account details, PIN or your OTP code.
You should ignore and report any message, call or email you get asking for this sort of sensitive personal information.
Never follow links in a text message or email under any circumstances. If you are concerned, either log into your banking separately or ring them using a number you found on a bank statement.
Take a look at our guide: Reporting scams: who to contact when you get fraudulent phone, post and email.
If you suspect you have become a victim of a phishing scam, contact your bank as soon as possible using the number on the back of your debit card.