Victims are receiving calls from fraudsters impersonating bank staff by using a spoofed telephone number to make their call appear legitimate. Spoofing is where the caller ID is made to look like a genuine or recognised number and often is enough for a victim to believe the call is from their bank.
Anyone who has access to authorise payments for your business should remain vigilant for any contact out of the blue, especially where they are told that the account is at risk, to move or transfer money, divulge security details or if they are told there has been fraudulent activity on your account, such as a mobile app registration or an attempted fraudulent payment.
In recent cases, victims were told that to secure their account and stop any further transactions, they needed to give the caller banking codes from their security device or authenticate requests using their mobile app.
If you are contacted by anyone claiming to be from Santander or another trusted organisation and asked to move money from any of your account this will be a scam.
If you receive a call like this, or are unsure, hang up and call Santander using a publicly available number.
Please note, fraudsters often change their story and tactics to avoid detection. They may say they are calling from another organisation or the reasons for acting urgent may vary.
Top tips to protect yourself from fraud
- Never share a code from your security device with another person, not even a Santander employee. We will never ask you to do this.
- Always check that the transaction you are authorising is one you have requested yourself. If you’re not sure what it is for, do not continue.
- Never authorise transactions at the request of a caller, even if they say they are from Santander.
- If you think your Santander accounts have been compromised, or you may have given out your security details, please call us immediately on 0800 085 2090
- Use dual authorisation where possible to authenticate your payments: With dual authorisation, two separate people are needed when authenticating payments online for your business. Typically, the first person creates and authenticates the payment request, and a second user authenticates it before we send the payment. Your administrator user can set up and manage this feature under the ‘Administration’ menu.
- User authorisation limits. Limits can be placed on each user to control the maximum value of a payment that can be authorised, this offers another barrier to a fraudster if credentials were compromised. We recommend that every user has an authorisation limit applied.
- Regular review of users accessing service: Your administrator for Santander Connect should regularly review all users registered on the service for your business and remove any inactive users to reduce the risk of their credentials being compromised.
For more advice about protecting yourself from fraud, please visit our support page.