Keeping yourself secure

The banking industry has seen an increase in customers and businesses receiving cold calls from scammers who say that they're from telecommunication or computer companies or (for businesses in particular) an IT department. The caller offers:

• to fix, upgrade or protect your computer from running slow
• upgrades in service for internet connections, devices or phone lines
• assistance for refunds of overpayments.

These callers will ask you to log on to your Internet Banking and then attempt to remotely access the computer to 'help' you with the problem.

However, the remote access allows them to release malicious software and gain access to personal data. The fraudsters may also ask for banking, card, security or other personal details in an attempt to get access to your Internet Banking.

Warning signs

• A cold caller saying they can fix your slow computer or refund you money.
• An unexpected call from someone claiming to be from your IT department.
• The caller asking you to give permission for them to remotely access your computer.
• The caller asking for any of your banking or personal details.

Protect yourself

• Never give control of a computer to a third party who calls out of the blue.
• Never disclose personal or security details such as a PIN, passwords or security details, or allow anyone to collect a bank card.
• Never rely on caller ID alone to authenticate a caller: criminals are able to ‘spoof’ caller ID numbers, meaning that you can’t be sure that the number displayed is from the company they claim it to be from.
• Never follow a telephone instruction asking to press keys on the keyboard or to download apps or run any programmes from a cold caller.
• Never give a card or any financial information to someone who calls unexpectedly and advises a refund is due.
• Never transfer money based on an instruction from a cold caller, even if they say it's for a return of an overpayment.
• Never log on to your Internet Banking while a third party is connected, even if you believe the caller is genuine and they ask you to make a payment for their service.
• Download the free online security software, Trusteer Rapport. Rapport can help identify and remove malicious software, offering protection when using Internet Banking. It can also be used alongside any standard anti-virus product.

If you think you've been a victim of a fraud or a scam, are concerned you may have allowed access to your computer or have potentially downloaded malware, call us immediately on: .

How it usually happens:

1. A cold caller contacts you claiming to be from a ‘tech support’ company and says that your device is running slowly. They might even guess what computer software you’re using.
2. They may ask you to go to your computer and perform a series of complex tasks – sometimes, they target legitimate computer files and claim that they are viruses. Their tactics are designed to scare you into believing they can help fix your ‘problem’.
3. They try to gain your trust by pretending to be associated with well-known companies or confusing you with a barrage of technical terms.
4. Once they’ve gained your trust, they may:
   • ask you to give them remote access to your computer and make changes to your settings, leaving your computer vulnerable
   • try to enrol you in a worthless computer maintenance or warranty program
   • ask for account or card details so they can bill you for fake services, or services you could get elsewhere for free
   • trick you into installing a computer program that could steal sensitive data, like user names and passwords
   • direct you to websites and ask you to enter your banking or card details and other personal information
   • offer you a ‘refund’ for services and say they’ve transferred too much money into your account, then ask you to send them back the difference by bank transfer or a MoneyGram service such as Western Union. Scammers have even been known to persuade victims to allow them remote access to their computer so they can make the bank transfer for the ‘difference’. In reality they have made no overpayment, and are simply trying to use their victims to help them remove money from their accounts.

Protect yourself

Here are some simple rules to follow:

• Never give control of your computer to a third party who calls you out of the blue.
• Never follow a telephone instruction asking you to press keys on your keyboard, or run any programmes from a cold caller.
• Never disclose your security details such as your PIN, passwords or security details. These are personal to you and shouldn’t be shared with anyone, not even us.
• Never rely on caller ID alone to authenticate a caller as criminals can spoof caller ID numbers. They may appear to be calling from a legitimate company or a local number, when they’re not even in the same country as you.
• Never give your card, personal or financial information to someone who calls and claims to be from a tech support company or any other company that advises you are due a refund.
• Never log on to Diamond Microfinance Internet Banking after a caller tells you too. If they have gained access, they can see what you see, including your account information and your security passwords.
• Never transfer money based on an instruction from a cold caller, even if they say it’s to return an overpayment. If you’re ever asked to do this, end the call immediately and call us.
• Never give your card or financial information to someone who calls and claims to be from a tech support company or any other company that advises you are due a refund.

Remember

• If you get a cold call from someone who claims to be from a tech support company, hang up.
• A caller who creates a sense of urgency or uses high-pressure tactics is probably a scam artist. 

If you think you might have downloaded malware from a scam site or allowed a cybercriminal to access your computer, call us immediately on .

Banks are seeing an increase in incidents where criminals are persuading customers to hand over their credit and debit cards or to transfer funds from their account.

Warning signs

This scam usually involves a call or text message purporting to be from Diamond Microfinance, the Police or another financial institution.

The caller may:

• want to arrange to have your debit and credit cards collected by a courier
• ask you to assist in a police investigation by purchasing high value goods or by withdrawing large sums of cash
• ask you to key in your PIN using your telephone keypad
• advise that another account has been set up to keep your money safe and urge you to transfer your money to the new account immediately
• insist that it is necessary for you to act urgently to protect your funds
• ask you to withdraw and handover cash along with your card as needed for forensic evidence
• ask that you do NOT discuss the reason for withdrawal with branch staff.

Protect yourself

If you're asked to call a number that you are unsure of, or receive a suspicious call or text, ring Diamond Microfinance using the number on the back of your card. If you are suspicious or feel vulnerable, don't be afraid to terminate the call, say no to requests for information or ask for advice from someone you trust.

• Never enter your PIN details into the phone - we will NEVER ask for your PIN details.
• Never agree to your cards being collected.
• Never be persuaded to transfer funds out of your account.
• Don't hand over cash.

If you are concerned that you have divulged your security details, contact us immediately on .

For further information visit Fighting Fraud Action UK.

Phishing, when criminals try to trick people into revealing their financial information using email, has been around for a while. Now there's a new type of fraud: SMS (text) phishing, otherwise known as smishing.

Fraudsters send texts saying that they’re from your bank, and that they need you to update your personal details or speak with you urgently. The text normally contains either a telephone number to call or a link to a counterfeit website that asks you to enter personal details or download a file to update your records.

If you do give your personal details, you might provide a fraudster with everything they need to take money from your account.

Warning signs

• A link in a text message pretending to be from a bank that leads you to a site where you’re asked to enter personal or security details, or to download a file.
• A text message that claims that if you don’t respond within set timescales, your account will be closed.
• A text or phone call from someone pretending to be from your bank and asking for your security information.

Protect yourself

• Never give out your personal or security details to someone who calls out of the blue.
• Never share a Diamond Microfinance One Time Passcode (OTP), with another person, not even a member of Diamond Microfinance staff
• Don't click on links in a suspicious text message. We’ll never text asking you to click on a link to update your details.
• Never allow anyone remote access to your computer. If someone can see your screens, they could access your bank accounts.
• Never transfer money out of your account to anyone pretending to be from a bank. We’ll never ask you to transfer money.
• We'll never ask you to log on or to enter or reveal a One Time Passcode in order to process a refund to your account. 
• Never give out your personal information in response to an incoming text, or rely upon the Caller ID as the sole means of identification, the number can be spoofed to look like a recognised number. For more information, visit our Spoofing section lower down on this page.
• There may be times when Diamond Microfinance will genuinely contact you by SMS (text). If you aren't sure whether a message or phone call that you think might be from Diamond Microfinance is genuine, contact us directly before you take any action.
• If you think you’ve responded to a smishing text message or given your details out to the wrong people, please call us immediately on .

We want to hear about the latest scams so that we can provide information about them to our other customers. If you receive a suspicious text please send it to us. Simply forward the text message and write phishing@diamondmicrofnc.com where you’d normally enter the phone number.

Phishing involves criminals purporting to be from Diamond Microfinance, or other financial institutions, sending unsolicited emails to lure unsuspecting people into handing over their personal details. The email normally contains a link to a counterfeit website that requests you to enter a range of personal details.

By entering your personal details on these sites, you are providing a fraudster details necessary to access your account.

Warning signs

• A link within the email that leads you to a site where you are asked to enter you log on and password details.
• A message that claims you need to log on to verify movements on your account.
• A general, non-personalised greeting.
• Receipt of emails from other financial institutions that you have no affiliation to.
• Spelling errors and random capitalisation e.g. bAnk 0nline with Diamond Microfinance.

Protect yourself

• Do not click on the link to website.
• Enter Diamond Microfinance’s web addresses directly into your browser.
• If you are concerned about the security of your account contact Diamond Microfinance directly rather than clicking on the link provided.
• Install anti-virus software that includes an anti-phishing programme.
• Install Trusteer Rapport. It's FREE and provides an extra safeguard when you are banking online.
• If you think you have responded to a phishing email or given your details out to the wrong people, please call us on . Lines are open 8.00am to 8.00pm Monday to Friday and 8.00am to 6.00pm on a Saturday and Sunday.

As you would expect, we are keen to hear about the latest scams, so please forward anything suspicious to phishing@diamondmicrofnc.com.

We investigate every report we receive, although we can’t guarantee a response to each forwarded email.

For more information on protecting yourself online visit www.getsafeonline.org.

People recruited by criminals to launder money are known as 'money mules'.

Criminals look to dupe innocent, vulnerable people into laundering money on their behalf by offering what looks like a legitimate job, often advertised on the internet or in the newspapers.

The job involves receiving money into your account and withdrawing those funds and sending the money on, while retaining a proportion of the funds as your commission.

Did you know that...?

• the money you are asked to transfer is normally stolen or the proceeds of crime
• handling the proceeds of crime could result in criminal prosecution
• your accounts could be frozen and potentially closed
• wages retained by you as part of the transfer will be recovered from your account, and you may be liable for the full value of the funds you received
• details of your involvement may be shared with other banks, making the opening of another bank account difficult.

Who do fraudsters target?

Effectively anyone with a bank account can be targeted, however the following groups could be considered at higher risk:

• Students.
• Migrant workers.
• Long-term unemployed.
• Anyone lured by a seemingly easy way to make cash.

Protect yourself

• Never give your bank details to anyone you do not know and trust.
• Beware of job offers that involve you using your personal account to receive and disburse funds.
• Remember, if it sounds too good to be true, it probably is!

For further advice please visit Fighting Fraud Action UK.

Investment scams are commonly known as boiler room fraud due to the intense, high pressured sales techniques employed by the fraudsters in order to convince you to invest in worthless and/or non-existent shares.

Contact is usually made out of the blue by an individual who appears professional and may offer investments in a variety of commodities such as land purchase, carbon credits or vintage wine to name a few. The share offer is supposed to provide the investor an excellent return in a short time frame.

Warning signs

• Unsolicited or cold calls.
• Persistent sales technique.
• Limited-time only offers giving you no time to consider the nature of the investment.
• Company names which sound very familiar or have a slight variation to a legitimate company registered with the fca.
• Secrecy of your investment is encouraged to ensure maximum returns.
• Issue of false share certificates, research reports or other documentation to make the investments seem credible.
• Professional looking websites in order to make their business appear legitimate.

Remember

• Cold calling to sell you shares or investments is illegal.
• Dealing with an investment fraudster will almost certainly result in you losing all your funds.
• As they will not be fca authorised you will have no right to compensation.
• If the share offer seems too good to be true it probably is.
• If you have fallen victim to a scam beware of cold callers who will help you to recoup your funds and ask for a recovery fee.

Protect yourself

• Do not sign up to cold call investment schemes.
• Only deal with fca registered stockbrokers.
• If you think you are a victim of an investment scam please contact us on .

For further information please visit Action Fraud.

With computers and devices, a Trojan is a programme that is designed to conduct a hidden act. An example may be fake anti-virus software that installs malware on your PC, laptop or portable device.

Malware is used by fraudsters to get information from your device or to read information that you input, such as passwords and log on details.

Warning signs

It is difficult to tell if a Trojan is on your device. They are designed to carry out their illegal operations without interfering with the device's normal running.

• Trojans could be almost any message/pop up and may contain pictures or documents and if opened, infect your device.
• Your device can become infected by simply visiting a website that is hosting malware.
• You may be tricked into downloading malware by an eye-catching message like, "Your Debit Card will be charged", "Someone has sent you a private message" or "You have won a prize".

Protect yourself

• Use an anti-spam product to filter unsolicited emails.
• Treat unwanted emails with suspicion.
• Download and install Trusteer Rapport. It's FREE and can block and remove malware.
• If your anti-virus software detects a Trojan or any malware take remedial action immediately, follow instructions to remove it and run a full anti-virus scan afterwards to ensure that your machine is clean.

If you have used any online banking services recently, contact your bank(s) so they can make sure that your account has not been compromised and take steps to protect your finances.

Telephone number spoofing is when a caller deliberately falsifies how their phone number appears on the Caller ID or text message to disguise their identity. Fraudsters are increasingly targeting consumers over the phone and by text message; posing as bank staff, police officers and other officials or companies in a position of trust. The fraudster tries to persuade their victim that their accounts are at risk and that they must move their money to a new account (which will normally belong to the fraudster).

Warning signs

If the victim questions giving out personal details or moving their money, the fraudster tells them to check the caller ID of the phone number they’re calling from, which they have masked, or ‘spoofed’ to look like your bank’s phone number.

Protect yourself - Never give out your security details

Information like your card PIN and One Time Passcode (OTP) are personal to you and shouldn’t be shared with anyone – not even your bank. Diamond Microfinance or the police will never ask you for PINs, passcodes in full or to surrender your card. We will only ever ask you for part of the details, for example the first and fifth letters of the password.

For more information on spoofing please visit Action Fraud.

People aged 55 or over can take more money out of their pension with fewer conditions attached to the withdrawals. As a result, fraudsters are getting in touch by email, phone, text or even in person, asking people to withdraw from their pension and put the money into fraudulent accounts, which they claim will earn extra income and sometimes ‘bonus payments’ for the victim.

Warning signs

• Unsolicited approaches about releasing money from your pension pot before you're 55 (you cannot release money if you’re younger than 55)

• Unsolicited approaches about investing money from your pension pot under the new rules

• Being asked for personal details such as phone number or financial information, over the phone

• Being offered 'cash back' or a 'savings advance' from your pension

• Being promised high returns on investments or joining up bonuses

• Being asked to move money quickly - fraudsters sometimes offer to use an express courier service for documents to be signed

Protect yourself

• Never give personal or financial information to a cold caller

• Check the credentials of the company and any advisers – who should be registered with the Financial Conduct Authority

• Ask for a statement showing how your pension will be paid at retirement, and question who will look after your money until then

• Speak to an adviser that is not associated with the deal you’ve been offered, for unbiased advice

• Never be rushed into agreeing to a pension transfer

You can find more information about pension scams at  The Pensions Regulator website.  

The Pensions Regulator has also published a booklet about pension scams.

Remember, if an opportunity sounds too good to be true, it usually is.