Here are a few simple tips on how to spot a phishing email.
When you receive an email you should check it for signs that it may not be from the company it appears to be from.
Check the email address. Is it the same as the email address you usually receive emails from, or just similar?
Check the email subject line; anything along the lines of “There is a secure message waiting for you”, “Security Alert”, “System Upgrade” and so on should be treated as suspect.
Check the message is personalised with information like your name, your postcode or part of your account number. If it isn’t personalised at all then you should be suspicious.
Look for a prompt to click on a hyperlink or a button, or to download a file – something like “Verify your account or password” or “update your security details”. These will likely take you to a copycat website where you will be prompted to enter your full details.
Be suspicious of any message that creates a sense of urgency, such as “If you don’t respond within 48 hours, your account will be closed”. A legitimate company will not create a false sense of urgency.
Remember, never respond to any suspicious emails and don’t click on any links or attachments within them.
Royal Bank of Scotland will never ask you for your full Online Banking PIN, full Online Banking password, activation codes or card reader codes.