/ Scams

Scam alert: fake Barclays ‘unusual payee request’ text

We’ve been made aware of a scam text message targeting Barclays customers by directing them to a fake website. Here’s what you need to look out for.

Fake text messages posing as banks are nothing new – last year we saw a huge rise in the number of people reporting that they’ve received one purporting to be from Halifax.

But this one using Barclays to target victims features another twist to be wary of: it’s managed to successfully drop into people’s inboxes with the sender set as the bank itself:

These types of ‘smishing’ attempts work by rushing people into visiting a fake website, which can go on to request and steal sensitive information, such as bank details. In this case, its victims will alarmed to read that an ‘unusual payee request’ has been ‘flagged’ on their account.

Fortunately some web browsers, such as Chrome in the below example, will warn you that the site is illegitimate:

However, there’s no guarantee that everyone will receive a similar warning, and some may believe these convincing phishing sites to be genuine.

Spotting and reporting smishing scams

After reporting the fake text to the National Cyber Security Centre (report@phishing.gov.uk), we made Barclays aware of the text. It told us:

“We work closely with the telecommunications industry to support them on preventative measures. We have been, and continue to be, part of an ongoing industry-wide trial to combat ‘smishing’ activity.

The SMS SenderID Protection Registry allows businesses using SMS to register and protect the message headers used when sending text messages to their customers. Over the last two years, the working group has seen a significant drop in fraudulent messages being sent to UK consumers of participating merchants.

We urge customers to pay close attention to the warnings we provide when making payments as these are designed to help protect them against fraud and scams”

Barclays also said that it will never send a text and ask you to click on a link.

If you think you may have handed over your card details to scammers, you should let your bank know what’s happened immediately.

Guide: How to get your money back after a scam

If you’re not sure if contact from a bank is genuine, get in touch with it directly via its official channels to verify the correspondence before you take any action.

Have you received this fake Barclays text or others purporting to be from different banks? Let us know in the comments, and help spread the word to warn friends and family.

Tanya Kozarski says:
15 February 2021

I received a message that was meant to look like it was from HSBC letting me know that a new payee had been registered on my account and asking me to visit https://alert-hs-bc-onlinepayee.com, if I hadn’t asked for this to be actioned.
I’m not an HSBC customer. This was on the 1st February.

A few days later, I received the same message but this time it was meant to look like it was from LLOYDS letting me know that I had successfully set up a new payee ‘Mrs J Dennis’ and again, asking me to visit https://newpayeeadded-cancel.com/ etc.
I’m not a Lloyds customer either.

Thank you for your service!

[Moderator: this website appears to be a scam website. We’ve retained the URL to help you identify it, but we’ve redirected the link to our guidance on how to spot fraudulent website. ]

25 February 2021

I had the HSBC message yesterday and have also had one from Santander.

Nicolette Lawson says:
15 February 2021

I leave my landline on answer machine. Scammers rarely leave a message, anyone genuine will and I will call them back. Probably 90% of callers never leave a message so I assume they are scammers or cold callers.

Terence Vernon Grocutt says:
15 February 2021

Yesterday 14th Feb Received a text from RoyalMail re a parcel they were unable to deliver as we were ou. Not true as we were in all morning. they requested all information including card details fron and back. All this to get a re-delivery. IT’s a Scam

Amanda says:
15 February 2021

I got an email from DHL telling me I had to pay £1 before they would deliver my parcel. I had to click on the link to pay, which of course I did not as I had not ordered anything and was not therefore expecting a parcel. When I have had a delivery from them there has never been a charge. When I looked at the web address it had nothing to do with the company. I have kept the details so if anyone would like the information please let me know. Has anyone else had this happen?

Colin Julier says:
16 February 2021

My wife and I have both received e-mails from HSBC and Halifax reporting activity on our accounts. Ignored because we do not have any account with either bank. Also the message comes from a mobile number – working from home?
I did receive one from my own bank but a quick (yes, it was quick) call to customer services set my mind at rest. At no time do I follow ‘links’ .

Denise Thurlby says:
16 February 2021

I have also received similar texts purporting to be from Lloyds. One to say I had successfully added another device to the account and one to say I had successfully set up a new payee (name given) to my account. Both had links to supposedly let them know I hadn’t done this, which because of your excellent service I ignored. I forwarded both to 7726. Previously I had something similar from TSB which I ignored, but it was only about 4 hours later that I realised I didn’t even have a TSB account, just shows how easy it is to get sucked in when distracted. Like others I have received calls to my landline (the recorded content is usually a give away), but they can be quite worrying to people when told unusual transactions have been made or your internet is about to be disconnected because of illegal use. I use call blocker as soon as I’ve answered but it would be good to know where to report these to.

As you can see from my email address there is no way – (1) a phisher/smisher can detect from my email address who I am; (2) if I receive an email from anyone starting “Dear Eddick” I delete it on principle. I have seen full names, full names spaced by a stop, and even whole telephone used as the “pre-@” part of the email address. Wale up people! Thank you for your helpful suggestions above.

susancs says:
17 February 2021

I assume the clue that it’s fake is in the full stop – bar.clays – in the link?

I’m finding it very hard to report scams nowadays unless it is a bank or telecom scam. No matter which reporting site I go to it’s never the right one & i’m advised to go to another one recommended by the site I’m attempting to report on. Even the TPS site has made it difficult to report cold callers! Why can’t it be made simpler?

Has anyone had any strange things happening on their Pingit account recently, Pingit is the banking app by Barclays and its failed to recognise my telephone number and an Error Code has locked me out of the App JUST AFTER a friend of mine sent me some money via the telephone number I have associated with it. I’m now in day six of trying to sort this out with Barclays who frankly are getting more and more vague about their product every hour.

I’ve had 3 smishing texts since 4th February, two from Lloyds and one from HSBC. The Lloyds ones said a a new payee had been set up on my account and to follow a link to cancel. The one from HSBC claimed a new payment had been attempted on my device, again telling me to visit a website.
Forwarded them to Vodafone on 7726.

inga bystram says:
25 February 2021

Just fell for a msg from.hermes..
Asked me to rearrange my delivery.
Got my address and date of birth out of me.
Tried to contact hermed but tracking number scammers gave me all numerals. Hermes have letters and more numerals…panicing a bit…they didnt get bank details or anything else but still worried. Will try and ring hermed during office hours 2moro.
Any advice…