[x close]

 

 

Online andEmail fraud

Phishing

Phishing is a common type of fraud where a fraudster tries to trick people into revealing their online security passwords. The passwords will then be used to gain access to online accounts and commit theft.

The attacks are simple

A fraudster sends out a fake email that has been designed to look like a legitimate one from a financial organisation. The email directs or encourages people to visit an internet site to revalidate or reactivate access to their online accounts.

The internet site is fake. It has been designed to look like the target organisation's real internet site so may look very realistic. The website will contain a form for people to enter their passwords and other personal information. Once some passwords have been collected, they will be used to try to commit fraud.

What to do

If you receive a Phishing email, DO NOT REPLY and DO NOT FOLLOW any of the instructions in it, even if the tone of the email suggests that action is required urgently.

  • We will NEVER ask for the whole of your password (except when you want to change it), only three characters from it
  • We will NEVER send you an email with a link that directs you straight to any kind of logon page
  • Always check the URL (address) of the web page you are viewing. All Yorkshire Building Society pages start with one of the following:
    • https://www.thechelsea.co.uk
    • https://online.thechelsea.co.uk
  • Always check the security of the site before you log on by looking for the padlock

If you receive a suspicious email, please forward it to us at phishing@emis.ybs.co.uk . This is a service provided by a specialist third party company; your report will be investigated and action will be taken to close down any fake websites to protect you and other customers who may have been targeted. Please note that you will not receive a response to your email.

Your questions answered

For more information please look at our frequently asked questions.

back to top

What you should do to protect yourself

  • Never reveal your password to anyone or write it down, unless you’re using an authorised online Third Party Provider.  Additional information on accessing your account(s) through a TPP can be found here.
  • Do not use a password that could be easily guessed by someone else
  • Change your password immediately if you suspect someone else could know it
  • Log off from the Chelsea website when you have completed your transaction
  • Keep your PC updated with current anti-virus software, the latest browser versions and relevant security patches/updates
  • Use a firewall to protect your PC from hacking attacks
  • Do not send us any confidential account information via email
  • Make sure we have your correct email address and check your inbox regularly for new messages
  • Make sure we have your correct telephone number, in case we need to contact you about unusual activity on your account.
  • Beware of 'phishing' emails or texts. Do not respond to these messages or open any links or attachments within them. If you receive an email or text message you were not expecting, please contact us using a number you have verified as genuine. Click here for more information about phishing and smishing scams
  • Download ourProtect yourself from Identity Theft and Fraud (799 KB)  guide.
back to top