Scam texts and fake websites target Halifax customers
Halifax customers are being targeted again with convincing scam text messages and copycat websites.
Which? has previously reported on a scam website impersonating Halifax where customers were redirected to the website via dodgy emails telling them to 'refresh their contact details'.
This new scam impersonates Halifax with a text message sent from 'HalifaxUK' and directs recipients to a convincing copycat website.
Read on to discover how to avoid and report this scam.
Sign up for scam alerts
Our emails will alert you to scams doing the rounds, and provide practical advice to keep you one step ahead of fraudsters.
Sign up for scam alerts
HalifaxUK text
A text message from HalifaxUK claims you've requested a password change and directs you to a copycat website.
The text reads:
‘PAYEES passcode - Do not tell anyone. If you did not request it please visit us on [hailfax-onlineuk.com/mobile]’.
The one scam giveaway in this case is that Halifax is spelt incorrectly in the URL.
Knowing that you didn’t request the passcode, fraudsters expect you'll act immediately and follow the link in the text.
In this text, the scammers have used technology to sneakily mask the number and make the sender's text appear as if it's coming from a genuine Halifax number. This is known as number spoofing.
Banks can protect themselves from spoofing by signing up to the SMS SenderID Protection Registry, developed by the Mobile Ecosystem Forum (MEF). This allows banks to register message headers, such as ‘HalifaxUK’ or anything similar, to limit the ability of fraudsters to use these headers to impersonate them.
We shared a screenshot of the text message with Halifax, which confirmed it was fake. Halifax told us that its messages usually come from ‘Halifax’, not ‘HalifaxUK’.
Copycat Halifax website
Halifax scam website
1 / 2
A large collection of images displayed on this page are available at https://www.which.co.uk/news/article/scam-texts-and-fake-websites-target-halifax-customers-aAp2p0e6yrYK?utm_medium=email&utm_source=engagingnetworks&utm_campaign=Supporters&utm_content=Scam+alert+161123+-+A+-+How+big+are+crypto+scams
While the website in the text was blocked when we tried to follow it, Which? discovered another website [halifax-onlineuk.com] which was even more convincing as Halifax is spelt correctly and the URL is strikingly similar to the real website: halifax-online.co.uk.
The website uses Halifax’s branding and logo and includes a number of pages you will find on the official website. A quick browse of the website reveals a page to open various types of accounts as well as to log in to your online account.
There are also explanations of account types, a privacy policy and a comprehensive ‘about us’ page to make the website appear legitimate. This presents scammers with various opportunities to steal your personal and financial data.
We reported the pages to the National Cyber Security Centre (NCSC) as well as to Halifax. Halifax confirmed that the websites were scam sites and the process to take them down has started.
A spokesperson told us:
‘Protecting our customers from fraud is our priority, and we actively search for fake websites which try to impersonate our brands.’
‘We have taken the appropriate steps to have these websites removed, however, this also requires prompt action from the registrar hosting the domain itself.’
‘Fraudsters relentlessly target the customers of large companies, which shows why it is vital that tech firms do more to crack down on the criminals using their platforms to impersonate major brands.’
Avoiding scam texts and websites
If you receive an unexpected text, it’s always best to either contact the company directly or check your online account with it to verify the information in the text. You should also avoid following links included in out-of-the-blue text messages.
To report scam texts, forward the message to 7726, your provider will investigate the origin of the message and look to block or ban the sender if it’s found to be a scam. You can report malicious websites to the National Cyber Security Centre on its website. Once you've reported the message you can delete it.
If you think you have been scammed or you're worried you've given details to a scammer, call your bank immediately using the number on the back of your bank card and report it to Action Fraud or call the police on 101 if you’re in Scotland.
