Helping you stay safe from common fraud…

We’re a mutual building society and we’re proud to deliver a first-class customer service consistently. Our members are at heart of what we do and we’re Take Five - to stop fraudcommitted to helping people towards a safe and secure financial future. One important part of this is helping you stay safe against fraud.

Take Five is a national awareness campaign led by FFA UK (part of UK Finance), backed by Her Majesty’s Government and delivered with, and through, a range of partners in the UK payments industry. They offer lots of hints and tips and they provide straight-forward and impartial advice on financial fraud prevention.

The campaign urges you to stop and consider whether a situation is genuine – to stop and think if what you’re being told really makes sense.

Visit the Take Five website for their advice and to access the helpful material they provide.

Here’s some quick and helpful advice:

To help avoid becoming a victim of fraud, here’s three key points to remember:

  • Only give out your personal or financial details to services and people you trust and are expecting to be contacted by. A genuine bank, building society or other organisation will never contact you without notice to ask for your PIN or password, or to ask you to move money to another account.
  • Never automatically click on a link or download a file from an unexpected email or text. This is a common method used by fraudsters to install ‘snooping’ software on people’s computers, or to trick people into revealing their personal or financial details.
  • Always be suspicious of uninvited approaches. If someone telephones you out of the blue and asks about your financial details, politely hang up and check with the organisation directly yourself, using a known email or phone number. If the call was genuine, they’ll be pleased you contacted them.

Some important rules to follow to keep you safe online from common frauds:

Things to look out for in emails…

  1. If it sounds too good to be true, it probably is. Be cautious of an email subject line or content that looks false or causes suspicion.
  2. Look out for poor spelling and grammar in emails. It can be a clear sign of phishing.
  3. Be suspicious of requests for lots of personal information. Ask yourself why do they need to know that? Or what is its relevance?
  4. Is there a deadline or countdown? Fraudsters will often use pressure to try and get you to act quickly and provide what they want.
  5. Check the sender's email address; hover your cursor over the senders email address as it’s listed in your inbox. If the website displayed isn’t in the name of the alleged email sender, it could be a phishing email.
  6. If you receive an email from an unknown sender, don’t action it without verifying the sender.
  7. Delete any suspect emails or text messages. Don’t forward it on to anyone as this can add some credibility and encourage the recipient to follow any instructions.
  8. Check the person who called you, or who sent you an email from an organisation, is genuine. Call them back on a verified number from the organisation's website or telephone directory.
  9. If you believe you have received a fake email, phone call or text message, contact the genuine party to notify them.
  10. Be careful if you have to allow anyone to have remote access to your PC or device. You must be certain the request is coming from a trusted source.

A quick jargon buster…

Phishing is where a fraudster will send an email which appears to be from a legitimate company, attempting to obtain personal details from you. These phishing emails often contain a link directing you to a website which will ask you to re-verify your details.

But beware, this will usually be a fake website but it will look real and could also trigger the unknowing download of a virus to your PC or device. If the fraudster gets hold of your password and personal details they can use this information to commit further crimes.

This is very similar to phishing but takes place over the phone. Instead of getting you to go to a website, the fraudster may request personal details from you directly or ask you to transfer money to an account.

Just like vishing, fraudsters contact you by phone but instead of a phone call it is done using text messages where you are usually asked to follow a link or call a telephone number. This is called smishing.

Again, this is another form of phishing but this scam takes places on Twitter and often involves getting users to hand over their usernames or passwords.

Action to take
If you think you have been the victim of fraud you should report this to Action Fraud on 0300 123 2040 or visit

Please note: This information does not constitute legal or financial advice given by Harpenden Building Society. No reliance should be placed on this guide and you must make your own decisions, we recommend that you seek independent advice if you have any questions or queries.