Phishing & Email Fraud | Royal Bank of Scotland

Email fraud


Sometimes known as email fraud

How to spot a phishing scam

Add your signposting title here… What is Phishing


Sometimes you get emails pretending to be from legitimate sources,but they’re asking you to give away personal or private information.

This is called phishing.

What does phishing look like?


A phishing email may be disguised as one from the bank, or it may be a more obvious scam with strange logos and poor spelling

There are a few things to look out for:

  • The email address is different to usual emails from your bank
  • The message isn’t personalised or uses the wrong name 
  • The message says you need to take action to stop something from happening
If you do receive a suspicous email you can report it to us by forwarding it to

Here are a few simple tips on how to spot a phishing email.


    When you receive an email you should check it for signs that it may not be from the company it appears to be from.

    Check the email address. Is it the same as the email address you usually receive emails from, or just similar?

    Check the email subject line; anything along the lines of “There is a secure message waiting for you”, “Security Alert”, “System Upgrade” and so on should be treated as suspect.

    Check the message is personalised with information like your name, your postcode or part of your account number. If it isn’t personalised at all then you should be suspicious.

    Look for a prompt to click on a hyperlink or a button, or to download a file – something like “Verify your account or password” or “update your security details”. These will likely take you to a copycat website where you will be prompted to enter your full details.

    Be suspicious of any message that creates a sense of urgency, such as “If you don’t respond within 48 hours, your account will be closed”. A legitimate company will not create a false sense of urgency.

Remember, never respond to any suspicious emails and don’t click on any links or attachments within them.

Royal Bank of Scotland will never ask you for your full Online Banking PIN, full Online Banking password, activation codes or card reader codes.


Protect yourself from phishing


Fraudsters will ask for personal details that the bank or other real companies will never ask for. They may also ask you to take actions that seem suspicious.

Here are some examples of what a fraudster may ask you to do:

  • Hand over your Online Banking login details, activation codes, card reader codes or PIN numbers
  • Transfer money to an account giving you the details
  • Click through to a website that's not the bank's official website - check the address at the top.

How to report a phishing scam


If you think you have been targeted with a phishing email, let us know. 

Forward the email to us at You can also forward the email to Action Fraud, the National Fraud & Cyber Crime Reporting Centre at


Set Tab for lightbox