Important: Never share your one-time passcode with anyone, even if they say they are from Vanquis. To find out more about a one-time passcode, visit this FAQ.
Social engineering
This is where a criminal will persuade you to provide your personal or financial information to them. There are several different types of social engineering but the main ones are:
Phishing: A criminal contacts you by email and tries to gain your personal details. They might do this by asking you to click a link or download an attachment.
Smishing: This is similar to phishing, but the criminal contacts you by text message.
Vishing: A criminal contacts you by telephone. They may pretend to be a company you know well, including Vanquis, in the attempt to extract passwords or security information from you.
They may ask you to call them back whilst they remain on the line. When you redial you are reconnected directly back to the criminal. Always dial back from a different phone line if possible, if not wait 5 to 10 minutes. If it is a genuine call the company won’t mind waiting.
To protect yourself:
- if an offer sounds too good to be true, it probably is. Take the time to stop and think about a request
- do not open emails, attachments or click on links from an email or text message that you’re not expecting
- Vanquis will never ask you to click on a link to verify a transaction. We will only ask you to reply with a ‘Y’ or ‘N’
- if you're unsure, call the company on the number found on their website or the back of your card. Don’t use Google or social media to find the phone number
- never share a one-time passcode with someone over the phone (including typing it into the phone keypad), over text message or by email. By sharing this code through one of these methods it could allow someone to access your account and change details or spend on your account
If you have received a suspicious email or text message pretending to be Vanquis and shared your personal or financial information, please contact our customer service team who will be able to take the relevant actions to ensure your account is secured.
Suspicious texts can be reported for free to 7726. This reports the message to your mobile phone provider.
Suspicious emails can be forwarded and reported to report@phishing.gov.uk. The National Cyber Security Centre (NCSC) will investigate it.
Visit our contact us page to find out how to contact our customer service team.
Scam texts can be reported to 7726 and scam emails reported to report@phishing.gov.uk.
Impersonation scam
A criminal convinces you to provide personal and/or financial details by claiming to be from an organisation you trust. This could include the police, your bank, a utility company or government department such as HMRC.
To protect yourself:
- Never share your PIN or one time passcode with anyone
- A reputable company will not threaten you in order to gain your card details
- Never purchase vouchers to pay a bill or send voucher codes to people you do not know
Purchase scam
Criminals persuade consumers to pay for goods and services that don’t exist. These are often advertised on fake websites, auction sites or social media with images taken from genuine sellers to convince you that they are the real deal.
To protect yourself:
- research the company and read reviews before making a purchase
- never share your one-time passcode with anyone
- be cautious of adverts on social media as they may not always be real
- make sure you use a secure payment method when making a payment recommended by reputable online retailers and auction sites
- make sure you are using the genuine company’s website and not a clone one. You can use the Get Safe Online website tool to help with this
You can report a suspicious website to the National Cyber Security Centre (NCSC)
Voucher or gift card scam
This may happen when unsuspecting victims are approached by criminals and persuaded to pay bills, fees or debts using gift cards or vouchers.
To protect yourself:
- never make a payment using a gift card unless you are purchasing through the retailer’s website or in-store
- if you are contacted by a trusted person or organisation requesting to buy gift vouchers, use a different contact method to verify the request
Romance scams
This is where criminals create fake profiles and use them to attempt to build a relationship with you. They gain your trust and then appeal to your compassionate side to ask for money.
To protect yourself:
- Do not send money or share your bank account details with someone you haven’t met
- never hand over copies of personal documents such as your passport or driving licence
- never invest your own money on their behalf or using their advice
- do not buy gift cards and share the details with them
Remote access scam
A criminal may call you pretending to be a technical support from a reputable IT firm. They may highlight you are receiving a range of error messages or simply that your internet connection is slow.
To protect yourself:
- Never provide an unsolicited caller remote access to your computer or telephone. They may try to do this by asking you to download a piece of software or application to your phone or computer
- Never provide your personal details over the phone unless you made the call and the phone number is from a trusted source. A trusted source would be the number listed on the company’s website for example
- Ensure you have updated antivirus software and a good firewall
Holiday scams
This could be a range of things from fake adverts for holidays or caravans, to fake refunds or too good to be true offers.
To protect yourself:
- Take the time to check reviews and search for the property on different websites to check it exists
- Before you go abroad make sure your contact details are up to date with your bank as they may contact you to check if the transactions are genuine
- Regularly check your statements to check for unusual transactions
Investment scams
This is when a criminal persuades you to make an investment for something that is worthless or doesn’t exist. Here’s a list of the types of investment scams:
Binary: this is a form of fixed-odds betting where criminals offer high returns.
Advance: this scam involves being told you have won a lottery you did not enter or an unexpected inheritance. They will usually ask for a fee upfront for administration costs. Genuine lotteries won’t ask for a fee to release your winnings.
Cryptocurrency: cryptocurrency is a digital currency that uses cryptography to generate ‘tokens’ and verify the transfer of these tokens between people. Criminals try to lure you in with adverts offering quick, easy money. They want to obtain your money or personal information.
Before you make any investments you should:
- visit the FCA ScamSmart site
- check the company on the FCA Register
- check the FCA list of unauthorised businesses
- be cautious of anyone approaching you with exclusive investment opportunities. If you are being pressurised to act quickly, this could be a scam
- don’t rely on personal testimonies or celebrity endorsements as they could be fake
To find out about more scams you can look at: