Fake NatWest Twitter Account Targets Customers To Steal Bank Details
NatWest customers have been targeted by fraudsters who set up a fake Twitter (Xetra: A1W6XZ -news) profile masquerading as the bank's genuine feed on the social networking site.
Many customers now ask organisations for help via Twitter. Those who sought help from NatWest and ended up on the fake Twitter profile rather than the official one were encouraged to follow links in the bogus tweets that asked them for their bank details
The ruse is a variation on the familiar "phishing" scam, which uses fake emails with links to copycat websites that often dupe customers into parting with their personal information.
After Telegraph Money spotted the scam this week it contacted Twitter and the bogus account was taken offline within an hour. The criminals behind the account, [MENTION=650]nat[/MENTION]west_HelpS, had been operating the scam since the end of August.
The fake NatWest online customer service team tweeted users who had already been in touch with the real NatWest Twitter feed, [MENTION=650]nat[/MENTION]west_Help .
The criminals advised customers to visit copycat NatWest websites and log in to "verify their account" to get problems resolved. This meant entering their personal details, such as address, phone number and bank account information.
These websites had been created on a free hosting service apparently based in eastern Europe. The hosting company appeared to have taken down the fake sites but the fraudsters quickly established duplicates.
The welcome page of the forged NatWest website looked authentic. The only difference was that on the authentic site NatWest reminded customers that they would need to use their card reader if they set up a new payee or changed a payment.
On the fake site, the fraudsters cleverly doctored this information to tell customers that they would not need a card reader to log in.
NatWest immediately began warning customers who could be seen on Twitter to have interacted with the fake account on August 30.
It then acted to get the first phishing website taken down, which it was the next day.
Twitter confirmed that the account had been taken down an hour after Telegraph Money contacted it.
The social media giant refused to explain why it took so long, saying it did not "comment on individual accounts for privacy and security reasons."
Twitter's "impersonation policy" states that "accounts portraying another person in a confusing or deceptive manner may be permanently suspended". The rules do not state how long it could take to suspend an impersonated account.
NatWest said that as far as it was aware no customer had fallen for the scam and lost money or had their account compromised. However, it acknowledged that it would be difficult to identify victims of this particular fraud on its system.
Other banks that have been impersonated on Twitter
Thanks to its public nature social media has become a quick and effective way for consumers to contact firms with questions and complaints.
Unfortunately, fraudsters have cottoned on and have cloned a number of banks' Twitter accounts in the past.
This is not the first time the NatWest Twitter account has been cloned. Last September there was a similar scam involving a copycat account, [MENTION=650]nat[/MENTION]west_Quick. It was taken down within hours, only for another spoofed account, [MENTION=650]nat[/MENTION]west_UK, to replace it.
Metro Bank (Other OTC: MBNKF - news) was also imitated on Twitter last September. The bank said the phoney @AskMetroBank account was spotted straight away by the social media team and Twitter took it down swiftly. Metro Bank said no customers had lost any money as a result.
In February 2012 an account called Tesco Credit Card or [MENTION=53173]Tesco[/MENTION]CC targeted Tesco (Xetra: 852647 -news) customers and ran for several weeks.
How to spot a fake Twitter account
The fraudsters who set up the cloned NatWest account were clever but there were a number of things that would indicate it was not genuine. Here are some clues to look out for:
A NatWest spokesman said: “Fake Twitter accounts usually ask people to click through to a website in an attempt to steal their personal details. If we find a fake account we work quickly to have these websites taken down and report the accounts to Twitter so they can be suspended."
The bank said it would never ask a customer for their password, full Pin, card details or security information over Twitter, over the phone or when they log in to the banking system online.
Have you experienced this kind of scam? Email amelia.murray@telegraph.co.uk
Have a question for our experts? Email moneyexpert@telegraph.co.uk. The best of the answers are included in our weekly newsletter
NatWest also reported the scam to Twitter. But the fraudulent account was not suspended until September 7.
https://uk.finance.yahoo.com/news/fa...100348400.html
NatWest customers have been targeted by fraudsters who set up a fake Twitter (Xetra: A1W6XZ -news) profile masquerading as the bank's genuine feed on the social networking site.
Many customers now ask organisations for help via Twitter. Those who sought help from NatWest and ended up on the fake Twitter profile rather than the official one were encouraged to follow links in the bogus tweets that asked them for their bank details
The ruse is a variation on the familiar "phishing" scam, which uses fake emails with links to copycat websites that often dupe customers into parting with their personal information.
After Telegraph Money spotted the scam this week it contacted Twitter and the bogus account was taken offline within an hour. The criminals behind the account, [MENTION=650]nat[/MENTION]west_HelpS, had been operating the scam since the end of August.
- Spot the scam: are these messages from banks or fraudsters?
- Mapped: Do you live in a scam hot spot?
The fake NatWest online customer service team tweeted users who had already been in touch with the real NatWest Twitter feed, [MENTION=650]nat[/MENTION]west_Help .
The criminals advised customers to visit copycat NatWest websites and log in to "verify their account" to get problems resolved. This meant entering their personal details, such as address, phone number and bank account information.
These websites had been created on a free hosting service apparently based in eastern Europe. The hosting company appeared to have taken down the fake sites but the fraudsters quickly established duplicates.
The welcome page of the forged NatWest website looked authentic. The only difference was that on the authentic site NatWest reminded customers that they would need to use their card reader if they set up a new payee or changed a payment.
On the fake site, the fraudsters cleverly doctored this information to tell customers that they would not need a card reader to log in.
NatWest immediately began warning customers who could be seen on Twitter to have interacted with the fake account on August 30.
It then acted to get the first phishing website taken down, which it was the next day.
Twitter confirmed that the account had been taken down an hour after Telegraph Money contacted it.
The social media giant refused to explain why it took so long, saying it did not "comment on individual accounts for privacy and security reasons."
Twitter's "impersonation policy" states that "accounts portraying another person in a confusing or deceptive manner may be permanently suspended". The rules do not state how long it could take to suspend an impersonated account.
NatWest said that as far as it was aware no customer had fallen for the scam and lost money or had their account compromised. However, it acknowledged that it would be difficult to identify victims of this particular fraud on its system.
Other banks that have been impersonated on Twitter
Thanks to its public nature social media has become a quick and effective way for consumers to contact firms with questions and complaints.
Unfortunately, fraudsters have cottoned on and have cloned a number of banks' Twitter accounts in the past.
This is not the first time the NatWest Twitter account has been cloned. Last September there was a similar scam involving a copycat account, [MENTION=650]nat[/MENTION]west_Quick. It was taken down within hours, only for another spoofed account, [MENTION=650]nat[/MENTION]west_UK, to replace it.
Metro Bank (Other OTC: MBNKF - news) was also imitated on Twitter last September. The bank said the phoney @AskMetroBank account was spotted straight away by the social media team and Twitter took it down swiftly. Metro Bank said no customers had lost any money as a result.
In February 2012 an account called Tesco Credit Card or [MENTION=53173]Tesco[/MENTION]CC targeted Tesco (Xetra: 852647 -news) customers and ran for several weeks.
How to spot a fake Twitter account
The fraudsters who set up the cloned NatWest account were clever but there were a number of things that would indicate it was not genuine. Here are some clues to look out for:
- The blue tick. The "blue verified badge", or tick, appears to the right of the account name. They are put there by Twitter to let people know that the user, usually of public interest, is authentic. Most large firms should be verified. However, smaller institutions may not have the tick. For example, Charter Savings Bank, Yorkshire Building Society and Clydesdale Bank are not verified on Twitter.
- Number of accounts following and followed. If there is a huge difference between the number of followers an account has and the number it is following, there may be something wrong. A small number of followers should also ring alarm bells for established companies. For example, the real NatWest Help account followed 22,000 at the time of writing and had 75,900 followers. The fake account had one follower and was following two users.
- Look at the interaction. If a user is posting repetitively, such as with the same links or message, the feed is probably best avoided. Check that any websites you are directed to point to a genuine URL and think before you click.
A NatWest spokesman said: “Fake Twitter accounts usually ask people to click through to a website in an attempt to steal their personal details. If we find a fake account we work quickly to have these websites taken down and report the accounts to Twitter so they can be suspended."
The bank said it would never ask a customer for their password, full Pin, card details or security information over Twitter, over the phone or when they log in to the banking system online.
Have you experienced this kind of scam? Email amelia.murray@telegraph.co.uk
Have a question for our experts? Email moneyexpert@telegraph.co.uk. The best of the answers are included in our weekly newsletter
NatWest also reported the scam to Twitter. But the fraudulent account was not suspended until September 7.
https://uk.finance.yahoo.com/news/fa...100348400.html