Mobile digital banking fraud

There’s only one way fraudsters can access your money digitally, and that’s by getting hold of your secure information. They can do this online or through your mobile, and often try to trick you into giving them details.

1. By contacting you over the phone

Fraudsters may contact you by phone or text, pretending to be from a trustworthy organisation.

What is vishing?

Vishing is when a fraudster gets in touch by phone, pretending to be from a trustworthy company. They may also send you a text, which asks you to call a number. They’ll want you to move money, log in, give them remote access to your computer or provide codes from your card reader over the phone.

How it works

They'll tell you there's a problem and ask you to do something, such as:;

  • allow them remote access to your computer (which means they control your computer from a different location)
  • log in using your card reader to check your account, change details or move funds
  • move your money into a new or safe account
  • log in to the Internet Bank, to pay for anti-virus help or maintenance software on your computer.

They may have some of your details, and can sound very convincing. A genuine company would never ask you to move money to another account or ask you to use your card reader.

How to beat vishing scams:

If you’re suspicious of the caller, end the call. Then find the number of the organisation from a trusted source (not a search engine), or if you need to call Nationwide use the number on the back of your card and call them from a different phone.

Don’t be fooled by a caller who has your personal information – and never give this out.

2. Getting in touch by email, text or social media messages

Fraudsters might try to get you to share your personal or banking details, by pretending to be someone you know or trust.

What is phishing?

Phishing is when fraudsters get in touch by email, text or social media messages. They’ll try to lure you into giving away your personal or banking details.

How it works

The fraudster writes to you, posing as someone you know, or as a reputable organisation. They can seem very convincing. Sometimes they use logos, email addresses or account names that are almost identical to those of a real organisation. They'll claim there's an urgent problem and ask you to:

  • unlock online access to your account
  • update your details using a link, or log in to check a recent transaction
  • transfer money to avoid a penalty or financial loss.

How to beat phishing scams:

  • Don't open emails or respond to messages on social media if you don't recognise the sender
  • Never click on links to log in or unlock your account
  • Report it immediately if anyone ever asks for your full password or PINs

3. Getting into your computer, tablet or mobile

Your device contains lots of your personal details. If fraudsters can gain access to your phone or computer, it’s much easier for them to get hold of your information.

What is malware?

Taking its name from ‘malicious software’, malware is a hostile form of software that often buries itself in your computer or mobile. It might hijack banking sessions, prevent apps from working unless a ‘ransom’ payment is made, or infect your device so it can spy on what you’re doing online - this includes any financial transactions you make. It’s highly intrusive, and can be hard to remove.

How does it work?

Fraudsters may trick you into installing malware on your computer, tablet or mobile by:

  • encouraging you to open links or attachments in emails, texts or social media messages. They'll try to install malware as soon as you click on them
  • creating a fake app that mimics a genuine banking or service app.

You may not realise that malware has been installed. It can sit on your device, capture the details you enter into websites or online forms and send them back to fraudsters. Or it could take over your Internet Bank and Banking app and send money from your account, by asking you to log in and use your card reader.

How to beat malware:

  • Set your anti-virus software to run a full check for malware once a week
  • Always use a firewall and reputable antivirus software and run regular updates
  • Check that a site is secure before you log in – look for a padlock or key symbol and https in the address bar
  • Get to know our genuine Internet Bank and Banking app so that unusual behaviour becomes easier to spot.

Do you think you’ve been a victim of a scam?

If you suspect fraudsters might have access to your money, call us straight away.

Current account fraud enquiries

0800 055 66 22 (UK)
+44 1793 65 67 89 (Abroad)

24 hours a day, 7 days a week

Credit card fraud enquiries

0800 055 66 22 (UK)
+44 2476 43 89 97 (Abroad)

24 hours a day, 7 days a week

Report suspicious messages

Help us stop fraud. If you receive a text or email you're not sure about, forward it or send a screenshot to

Although we don't respond to every email, we review all messages sent to this mailbox and use this information to help stop financial crime.

Keep your personal information secure

Remember, protecting your devices makes it much harder for fraudsters to access your information


  • safeguard your mobile and computer with a passcode or password
  • protect your computer with a firewall and anti-virus software
  • tell your mobile provider immediately if your phone's been stolen, and de-register your device from the Banking app. You can de-register your device in the Internet Bank or Banking app (if you log in from another device), or by calling us or visiting us in branch
  • complete a factory reset if you sell your mobile phone or tablet.


  • install apps from unknown sources – check they are legitimate before downloading to your device
  • respond to a text message regarding a suspicious transaction, which doesn’t include the last four digits of your card number.
  • give out your bank details (e.g PIN, memorable data, passnumber, codes from your card reader or codes sent to you by text message) over the phone or in response to a request by text message.