Personal Finance | 20 December 2023

Fraud prevention and security

– your questions answered

Our security team and external UK Finance expert Paul Maskall answer your questions on the best security processes and how we keep our clients safe from potential fraud.

In 2023 we hosted an expert fraud advice panel for clients entitled ‘Fraud – it couldn’t happen to me could it?’. Here are some of the key questions asked and the answers provided.

How secure is facial recognition? 

Facial recognition is sophisticated enough not to be circumvented via an image of you, however, any element of security is rarely 100% secure or perfect. There is a trade off when it comes to convenience vs security. But utilising biometrics allows convenient access while still maintaining encryption and security, and doesn’t rely on passwords or codes that could be gained from you via social engineering, or which you might have reused across multiple devices and accounts.

Paul Maskall, Dedicated Card and Payment Crime Unit (DCPCU), UK Finance

What are the best passwords? 

The 'best' passwords are generally the ones that have a combination of capital and lower case letters, numbers and symbols and are not words you would find in the dictionary. Also, it is important not to reuse any of your passwords across different accounts. However, as remembering that is almost impossible for the number of accounts and platforms we login to, you could consider using a password manager that gives you a unique and complex password for each and every account. 

Alternatively you can also use the NCSC guidance around three random words to make your passwords more secure without the use of a manager.

Paul Maskall, Dedicated Card and Payment Crime Unit (DCPCU), UK Finance

How do you report attempts by fraudsters to open accounts in your name?

All institutions seem to want an account number before you can get through to anyone, and of course you don’t have one because the account is fraudulent.

If you have been the victim of a scam, fraud or online crime you can report it to Action Fraud using their online reporting service or by calling 0300 123 2040. If you think your Coutts account has been targeted or you’re a client who is concerned that someone is trying to scam you, call us immediately on 020 7770 0011.

To guard against identity theft, it’s a good idea to get a credit report from a reputable credit reference agency. If you see any applications for credit that you don’t recognise then contact that company immediately.    

If you fear you may be subject to fraud or are concerned about any aspect of a situation in which you feel vulnerable then please reach out to your private banker or call Coutts 24 on 020 7957 2424.

If you receive an unexpected call claiming to be from Coutts ask for your ‘challenge word’. If the caller cannot give this to you hang up straightaway. 

All calls with Coutts are recorded for training and monitoring purposes.

Has anyone addressed ‘will bombing’?

This entails manipulating vulnerable persons, mostly with dementia and Alzheimer’s, into signing a new will which hands all their assets over to total strangers – and is classed as legal.

We have seen this in a number of different forms, not just involving total strangers but people are often exploited by close family members and ‘friends’ in this way as well. This often involves long term manipulation of the vulnerable individual. There is a great deal being done across the financial industry, law enforcement and organisations in order to identify vulnerable individuals before this happens.

Paul Maskall, DCPCU, UK Finance

POLICING social media platforms

Does the panel agree that social media platforms need to better police their marketplace sections to ensure that scam vendors cannot scam innocent people out of their funds? And why is the current response to the report of fraudulent marketplace accounts often just ‘sorry to hear but we cannot take the fraudulent profile down’?

It is important to remember that fraud and scams are very much a societal issue and every industry has a part to play. However, there is a definitive need for social media platforms to take a more active stance on mitigating the level of fraud on their platforms.

Paul Maskall, DCPCU, UK Finance

What’s the most obvious fraud attempt via email and how do we recognise it?

According to the National Fraud Intelligence Bureau, nearly a third of all fraud or scams are committed over the phone. The criminals use phishing emails and texts to socially engineer personal details from their victims, which in turn enables them to make their phone calls seem more believable.

Banks and other trusted organisations will never send you an email asking you to click on a link and confirm your bank details. Do not trust such emails, even if they look genuine. Never automatically click on a link in an unexpected email or text and always remember that email addresses and phone numbers can be spoofed, so don't use those as a means to verify that a message or call is authentic.

Paul Maskall, DCPCU, UK Finance

We also received a number of questions about our voice biometrics system

Our voice biometrics system has been rigorously tested in multiple ways, including with recordings and impersonators. Even when the voice sounds the same to our ears, the system can tell the difference. Though no security system can ever be 100% secure, we continually work closely with our providers to share information and update their algorithms to constantly develop our collective anti-fraud measures. 


More insights