Scam of the week - The Northern Rock scam

Banking scams target millions of people every year; recently a spate of emails has been sent by fraudsters claiming to be from Northern Rock.

In this practice, known as 'phishing', the email will usually ask you to log on and confirm account details and passwords. By doing so, you give the fraudster full access to your bank accounts.

Although these emails can be from any bank, we've received more communications from concerned readers about fake Northern Rock emails than any other high-street bank in the past month. A Northern Rock spokesperson also confirmed that a 'surge' of these emails has been reported recently.

For more on the most recent scams we have been alerted to by our readers, read our Scam Watch update

How it works...

The Northern Rock emails look genuine and can include the bank's logo and details of the website and postal addresses. They are usually addressed to a "Northern Rock customer" and say something like: "There is a scheduled update on your mortgage and savings accounts which is due now."

They work by using threatening or alarmist language to scare customers into giving over their bank details, usually in the shape of a warning message such as: "Ignoring this schedule may increase your internet banking risk."

But no bank will ever contact customers via email to confirm confidential information. In addition there are usually signs within the email, such as spelling and grammar mistakes, which should send alarm bells ringing.

If you receive an email like this you should not open any of the links included or reply. Instead contact your own bank to report the scam. Use the phone number or website address you usually use or which is printed on your ordinary bank statements.

Any Northern Rock scam emails can be forwarded to the address: to be investigated by the bank.

Have you been scammed? Let the Moneywise Scam Watch team know by emailing


Your Comments

I am sent several phishing emails a day, but these almost always end up in the spam folder at the ISP. The odd one that does get through just gets deleted.

I did once take your advice and report a phishing email to Egg. In reply I got an email warning me not to open such emails in future, and giving me a lecture on Internet security. "Thank you for letting us know" would have been nice. I haven't bothered since.