YBS Your Society Security information about email fraud

Security & privacy

Phishing

Email Fraud FAQs

Email fraud FAQs

In recent years fraudsters have targeted a number of major UK banks and other organisations in an attempt to trick customers into revealing their usernames and passwords for internet banking services.

Frauds of this type, sometimes called 'phishing', involve fraudsters ending fake emails to an organisation's customers. These emails are carefully crafted to make them look as real as possible, as if the organisation themselves have sent it, not the fraudster.

How widespread is this?

This is a problem that has affected organisations around the world.

Why have I received an email?

You haven't been singled out. The fraudsters obtain a large number of email addresses through various means - even guessing them - and blanket email all these addresses. As so many are sent out, they will probably reach many people who have online accounts with the financial organisation they are targeting by chance.

The Yorkshire does not share email addresses with anyone outside the Yorkshire Building Society Group.

How does the fraud work?

The approach is similar in all cases:

An individual receives an email, apparently from their bank or building society, suggesting that the access to their online account may have been compromised, and requesting that they click on the link provided to confirm the details.
When the link is clicked, they are taken to a web page which looks exactly like the bank or building society website.
On the website they are asked to complete a form with their name, address, date of birth, account number, login details (PIN, password, memorable word, etc) credit card and/or debit card information and click a 'submit' button to send this information.

Having obtained this information the fraudsters quickly use it to access the account and transfer money from it.

What should I do if I have received an email and clicked the link?

Contact us immediately by phoning 0845 1 200 805. We can then change your login details to keep your account secure.
If you have passed on information about other accounts, credit cards, etc, contact the providers of those facilities immediately as well.

Note: The Yorkshire will never ask you for confidential information in an email. In addition, our staff will never ask you to reveal your password or memorable word.

If you receive an email asking you for confidential information that appears to come from the Yorkshire, contact us immediately.

What can the Yorkshire do about this type of attack?

We are confident that our systems are secure but if users give their login information to someone else there is always a risk of financial loss.

Once we know of a problem we will:

Change login information
Check the affected accounts and, if necessary, freeze them to prevent loss
Contact the police and other related authorities in an attempt to find the fraudsters and shut down their operations

Visit our security area for details about how you can keep your data secure.

Online Servicing

More information »

Get in touch

Yorkshire Building Society is authorised and regulated by the Financial Services Authority. Yorkshire Building Society are entered in the FSA register and our FSA registration number is 106085.

This site is intended for UK Residents unless otherwise stated. All communications with us may be monitored/recorded to improve the quality of our service and for your protection and security. Head Office: Yorkshire Building Society, Yorkshire House, Yorkshire Drive, Bradford, BD5 8LJ. Tel: 0845 1 200 100.*

* BT landline calls to 0845 numbers cost no more than 5 pence per minute. Charges from other service providers may vary and calls made from mobiles usually cost more.