Email fraud FAQs

In recent years fraudsters have targeted a number of major UK banks and other organisations in an attempt to trick customers into revealing their usernames and passwords for internet banking services.

Frauds of this type, sometimes called 'phishing', involve fraudsters sending fake emails to an organisation's customers. These emails are carefully crafted to make them look as real as possible, as if the organisation themselves have sent it, not the fraudster.

How widespread is this?

This is a problem that has affected organisations around the world.

Why have I received an email?

You haven't been singled out. The fraudsters obtain a large number of email addresses through various means - even guessing them - and blanket email all these addresses. As so many are sent out, they will probably reach many people who have online accounts with the financial organisation they are targeting by chance.

The Yorkshire does not share email addresses with anyone outside the Yorkshire Building Society Group.

How does the fraud work?

The approach is similar in all cases:

An individual receives an email, apparently from their bank or building society, suggesting that the access to their online account may have been compromised, and requesting that they click on the link provided to confirm the details.
When the link is clicked, they are taken to a web page which looks exactly like the bank or building society website.
On the website they are asked to complete a form with their name, address, date of birth, account number, login details (PIN, password, memorable word, etc) credit card and/or debit card information and click a 'submit' button to send this information.

Having obtained this information the fraudsters quickly use it to access the account and transfer money from it.

What should I do if I have received an email and clicked the link?

Contact us immediately by phoning 0845 1 200 805. We can then change your login details to keep your account secure.
Send the phishing email to phishing@emis.ybs.co.uk so that we can investigate it.
If you have passed on information about other accounts, credit cards, etc, contact the providers of those facilities immediately as well.

Note: The Yorkshire will never ask you for confidential information in an email. In addition, our staff will never ask you to reveal your password or memorable word.

If you receive an email asking you for confidential information that appears to come from the Yorkshire, contact us immediately.

What can the Yorkshire do about this type of attack?

We are confident that our systems are secure but if users give their login information to someone else there is always a risk of financial loss.

Once we know of a problem we will:

Change login information
Check the affected accounts and, if necessary, freeze them to prevent loss
Contact the police and other related authorities in an attempt to find the fraudsters and shut down their operations

Find out what you can do to keep your data secure.

Call us on 0845 1 200 100*

Got a question?

Frequently asked questions
Call us on
0845 1 200 100*
Find a branch

Yorkshire Building Society is authorised and regulated by the Financial Services Authority. Yorkshire Building Society are entered in the FSA register and our FSA registration number is 106085.

This site is intended for UK Residents unless otherwise stated. All communications with us may be monitored/recorded to improve the quality of our service and for your protection and security. Head Office: Yorkshire Building Society, Yorkshire House, Yorkshire Drive, Bradford, BD5 8LJ. Tel: 0845 1 200 100.*

* Charges to 0845 numbers may vary. Prices can be checked with your phone provider. Mobile calls usually cost more.

Have your say

Your Society