Security and fraud
Learn more about what we do (and what you can do) to protect your business online and out and about.
Protecting your business from fraud
Common fraud threats
Being aware of common threats, knowing how they work and what to look out for can help to protect your business against falling victim to fraud.
Keeping you safe online
We’re improving the way you verify yourself to make using your card online even safer. You’ll need to register and keep the UK mobile number we hold for you and every card holder up to date.
Report fraud
If you think that you may have revealed your security details, fallen victim to fraud, or notice any unusual activity on your account, please contact us immediately.
Our fraud guarantee
Our Fraud Guarantee works to protect you and your money when you bank with us, whether that's online, over the phone or in branch.
If you happen to fall victim to fraudulent activity, we guarantee to refund your loss as long as you've not acted fraudulently, and you've taken reasonable steps to keep your details safe.
How we protect your business
However you choose to bank with us, you can be sure you are protected. Our fraud prevention methods include:
- We use advanced technologies and specially developed fraud detection systems to spot unusual activity on your account
- We use verification codes and security tokens as they provide you with an additional layer of protection when you bank online and make payments.
- We also use a timed logout system on our online banking service. This means that after a certain period of inactivity, you will be automatically logged out of online banking
If you speak to us about paying someone new we will check that you're confident about who you are paying. We'll do this by guiding you through tailored information about the type of payment you're making.
How you can protect your business
An APP scam happens when you are deceived into transferring funds (through Faster Payment or CHAPS) to someone, or you transfer funds for what you believe is a genuine purpose, and this turns out to be fraudulent.
We do everything we can to keep your money safe and secure. However, there are common threats that you can be aware of and some simple steps you can take to help protect yourself from fraud.
If you are asked to make a payment, it is your responsibility to make sure the request is genuine before you authorise it. Please be aware of seemingly random requests to move money, or requests that are from people or companies you haven't dealt with before. If this happens, it is often a sign that you are being tricked.
Each situation will be assessed on an individual basis. However, we are not likely to refund you if:
- You have not adhered to the security requirements set out in the terms and conditions of your account
- You've not exercised all due care and diligence to check that the person or company you are dealing with is genuine
- You fail to keep your card and PIN safe
- You fail to keep your online and telephone banking passwords safe. It's important that you never tell anyone your verification code.
- You fail to let us know as soon as possible of any security breach or potential security problem, e.g. the loss of your card
- You have provided us with incorrect payments instructions
- You have not exercised all due care and diligence when allowing an authorised Third Party Provider (TPP) access to your account
- You have acted fraudulently.
If you believe you are a victim of fraud, contact us immediately.
Remember that a genuine bank or organisation will never contact you randomly to ask for your PIN, full password or to move money to another account as part of an investigation.
Don't give out personal or financial details unless it is to use a service that you have signed up to, and you're sure that the request for your information is directly related.
Ensure you stay safe online and keep your information secure by following our recommendations.
Install and run anti-virus software
If you don’t already have it, then we strongly recommend that you install anti-virus software on any devices you use when banking. Running anti-virus software can help prevent infection from the many viruses that are on the internet.
Not setting up or running a regular scan with your anti-virus software means viruses may go undetected and there is an increased risk of financial fraud.
Use a firewall
A firewall on your computer acts like a barrier. It helps to block malicious software from gathering your private information. It can also help stop potential intruders.
You can get a number of different firewalls, some come with your anti-virus software, some are built into your modem or router and most Microsoft Windows computers will have a firewall as standard.
Keep your devices up to date
Online threats often change and new ones will emerge. By regularly updating your computer or mobile device operating systems when prompted, you can help keep your devices safe.
Microsoft, Apple, Google and other developers regularly update their operating systems and software for desktop computers and mobile devices. Not only does this improve performance, it helps protect against any new bugs or security vulnerabilities discovered.
Help to protect your devices by installing software and internet browser updates as soon as they become available.
Only use trusted software
All computers, smartphones and tablets should only contain software and apps from reputable services you work with, or manufacturer-approved app stores.
Staff should be prevented from downloading any third-party software from unknown sources, which might contain malware. A good way to do this is to remove admin privileges from their user accounts and remind them of your cyber policy.
Educate your employees about phishing scams
You can't stop cyber criminals from sending phishing emails, but you can educate your staff to spot the signs. As a rule of thumb, employees should be suspicious of any emails that are not directly addressed to them, and avoid opening email attachments in emails from an unknown sender.
A good pointer to remember is: Are you expecting an email from someone? If an invoice comes through from a supplier for a service that you haven't had, it's probably a scam. It's also a good idea to look at the email address that the email originated from – is it the same domain as the service you use?
For additional support please see our cyber security interactive activities.
Free fraud and cybercrime webinar
Get practical advice from experts to protect your business. Watch our free webinar.
Cyber security for business
Get to know common types of cybercrime and how to protect your business with our guide to cybersecurity.
Download our Business Fraud Prevention Guide
The Co-operative Bank Business Fraud Prevention Guide is a quick reference guide that you can save offline or print.
Received a phone call, text or email asking for your business or financial information? If so, what do you do? Before you act, stop. Take a moment to assess the situation.
The information below should help you work out whether that request is legitimate.
-
Be absolutely certain who you're speaking to
A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account. Only give out your personal or financial details to use a service that you have given your consent to, that you trust and that you are expecting to be contacted by. Before you share anything with anyone, stop. Then pause to consider what you're being asked for and question why they need it. Unless you're 100% sure who you're talking to, don't disclose any personal or financial details.
-
Don't assume an email, text or phone call is authentic
Even if someone seems to know your basic details, it doesn’t mean they’re genuine. In an attempt to gain your trust, fraudsters may claim you’ve been a victim of fraud. They often do this to get you talking, then try and persuade you into giving them your security details.
-
Don’t be rushed, or pressured, into making a decision
No genuine bank or trusted organisation will, under any circumstances, force you to make a financial transaction on the spot. Neither would they ask you to transfer money into another account for reasons relating to fraud. If you’re asked to do this, then stop and consider what they are asking you.
-
Listen to your instincts
Does a situation feel wrong or strange? If so, it’s usually right to question it. Fraudsters will try to manipulate you: they’ll try and lull you into a false sense of security when out and about, or rely on your defences being down when you’re at home. They’ll try to appear trustworthy, but they may not be what they appear.
-
Stay in control
Be confident. It’s always okay to stop a conversation. You can always refuse unusual requests for personal or financial information.
Take Five is a national campaign that offers straightforward and impartial advice to help everyone protect themselves from preventable financial fraud. This includes email deception and phone-based scams as well as online fraud – particularly where criminals impersonate trusted organisations.
Led by UK Finance, and backed by Her Majesty's Government, it is being delivered with and through a range of partners in the UK payments industry, financial services firms, law enforcement agencies, telecommunication providers, commercial, public and third sector. Visit: takefive-stopfraud.org.uk for more information about Take Five and which partners are involved.