Cybersecurity essentials : How to spot a scammer

While we do everything we can to keep your Cashplus Bank Account secure from cybercrime, we can’t keep every aspect of your online identity safe all the time. To help you stay one step ahead of the fraudsters there are some simple things you can do to avoid common, but ever more advanced, scams.

If you’re worried about something fraudulent in your Cashplus Bank Account or think you may have been a victim of cybercrime, get in touch with our specialists straight away on 0330 024 0924 or email them at [email protected].

If you’re looking for help and advice to keep your business safe from cybercrime, take a look at our dedicated business cybersecurity page.

Among the most common ways scammers steal personal information like usernames, passwords and banking account details is through fake emails. Increasingly harder to spot, here are some tell-tale signs to look out for:

  1. Any emails asking for any personal information, whether that’s your name and address or your bank or login details. Never click through from an email to confirm your account details.
  2. A sense of urgency – beware of any requests with a fast approaching deadline, particularly around your accounts or payments, and threatening extreme consequences. It always pays to contact an entity directly to confirm whether it’s a legitimate request – don’t reply to the email.
  3. Bad spelling and grammar and poor punctuation.
  4. Pixelated or low-quality images and brand logos.
  5. Impersonal greetings and salutations (such as, ‘Hello customer’) – Cashplus Bank will always call you by your first name in every email we send.
  6. Strange looking or incorrect links and URLs – you can always hover your cursor over the link to see it in full and check its validity. If you’re ever in any doubt, never click on a link in an email and instead just type the address manually into your web browser.
  7. Unfamiliar attachments – especially if they have strange looking or double extensions (like docx.docx). Never ever click on an attachment from a sender you don’t know.
  8. Email aliases – if anything looks out of place in an email, click on the sender’s email address to see it in full and check they’re not using an alias to make it look legitimate.

An important reminder that Cashplus will never

  • Ask for your login details like username and password outside of our banking app or Online Banking
  • Ask you to reveal your personal or card information like your card number, expiry date, PIN, One Time Passcode (OTP), or security number (that’s the one on the back of your card)
  • Ask anyone else to contact you on our behalf asking for any account or personal details
  • Ask you to urgently move funds from your account to another account
  • Offer to help you remotely and get you to install / share your screen

Safety tip: if you’re ever unsure about whether an email has come from us, don’t open any attachments or links in the email and instead forward it to our Cybersecurity experts.

Phone scams

Fraudsters often try to disguise themselves as trusted agencies like The Police, HMRC, and banking and insurance providers to try and get your personal details over the phone, so if something doesn’t seem right or seems urgent, please take the time to stop and think before you take any action being asked of you.

Here are some of the more common and more successful phone scams to watch out for:

  1. The bank scam – someone calls pretending to be from your bank saying there’s an urgent problem with your account and you need to provide account details like your card number and PIN, or even transfer your money to a ‘safe account’. Cashplus Bank will never ask for any personal information over the phone or ask you to move your money, and neither would any bank.
  2. The compensation scam – perhaps the most common scam of all is the company calling to offer compensation for a car accident you may or may not have been involved in. Whether you’ve had a crash or not, never engage with these callers but instead call your own insurance company on the number in your policy.
  3. The HMRC scam – when the tax man calls most of us sit up and listen, which helps make scams about tax refunds and unpaid tax bills all the more intimidating. HMRC will never call you to ask for account details, whether it’s to take or make a payment, and won’t leave a message asking you to call them back either. If in doubt, log in to the HMRC website and call them direct on the number provided.
  4. The IT scam – scammers are capitalising on people’s computer hacking concerns by pretending to be IT helpdesk callers from major companies like Microsoft. They’ll often urge you to download new anti-virus software because your computer is infected – which almost always turns out to be spyware designed to steal your personal and financial details. They may even have the cheek to charge you for the privilege.
  5. The number spoof scam – technology now allows scammers to mimic official phone numbers on your phone’s display, lending them credibility that they are who they say they are. If they ask you for anything out of place, just hang up. If you’re unsure, call the company in question using the official number on its website. 

Safety tip: a good way to avoid the perils of phone scams is to stop as many as possible before they call you. Registering free with the Telephone Preference Service can reduce (but not eliminate) your phone number’s exposure to cold and scam callers.

SMS scams

Text message alerts are also susceptible to scams, their brevity often making them easier to accept as genuine rather than question. As always, if you’re ever in any doubt then contact the alleged sender company directly through their official channels. Here are a few things to look out for:

  1. A request to call an unfamiliar number – if you don’t know the number, don’t call it. These can be high cost lines that charge incredibly high rates to connect you. If you’re not sure about how to contact Cashplus, you’ll find our phone numbers on our Contact Us page.
  2. A request for personal information – never send personal or financial information via text or through any links you’ve clicked on or calls you’ve made in response to a SMS.

Safety tip: if you receive a text message claiming to be from Cashplus Bank but you’re unsure it’s genuine, just contact our Customer Services and we’ll verify if it is for you.


Web scams and passwords

A big reason to not click on links in emails or text messages is because they can direct you to websites that look entirely genuine and legitimate when in fact they’re forged copies of the real thing. Enter your log in information on such a site and it goes straight to the scammers to use and exploit as they see fit. Here are some ways to stay safe:

  1. Never log in to a website through a link provided to you either in an email or text message. Instead, manually enter the URL in your web browser.
  2. Make sure any site you’re using is secure – you can tell because the URL will start with https:// and feature a padlock icon next to it.
  3. Create better passwords – instead of a password, try creating a passphrase of three to five random words (and symbols if you can remember them) instead. Try something that’s easy enough to remember but long enough to be really hard to crack. The number of letters you use may vary depending on the password character limit – it’s 8-20 characters with a Cashplus Bank login. And it should go without saying, but don’t use old favourites like maiden, child and pet names, important dates or favourite sports teams. Be creative!

Safety tip: create a new and unique password or passphrase for every site you log in to. Then if one website is hacked or your login details compromised, your other website accounts will stay secure.

Don't forget to download the Cashplus Bank App. 

The simplest and most secure way to use Cashplus is via our app. With it you can:

  • Turn on app notifications so we can send encrypted passwords, account updates and alerts securely to your device
  • Safely access your account details, balance and statements wherever and whenever you want
  • Update your personal and login information and notifications settings

Whenever you are downloading apps, always make sure it’s from the official App Store or Google Play and not any other location.

For trusted and expert guidance on all aspects of your cybersecurity, we recommend the National Cyber Security Centre



This content was created on 21st February 2020

Terms and Conditions apply, including applicants being resident in the UK & aged 18+ and, if relevant, businesses being based in the UK.

For full website terms including information on Cashplus Bank, Mastercard and use of Trademarks, please see our full legal disclosures at

Advanced Payment Solutions Limited (APS) provides credit facilities subject to approval and affordability, and where accounts continue to meet APS credit criteria. APS is authorised by the Prudential Regulation Authority (PRA) and regulated by the Financial Conduct Authority (FCA) and the PRA. Our Firm Reference Number (FRN) is 671140.

♦Calls to 03 numbers cost no more than a national rate call to a 01 or 02 number and will count towards inclusive minutes in the same way as 01 and 02 calls. Calls may be recorded.

Mastercard logo