Monzo has issued a warning to all customers about fake text messages claiming to be from the popular bank. The bank, which boasts some four million users in the UK, has gained huge traction thanks to its trademark bright coral cards and simple budget management tools on iOS and Android.
However, it’s the fact that Monzo has no presence on the high street – and relies entirely on smartphone apps – that seems to have caught the eye of cyber hackers with a number of scams circulating across the UK.
Hackers are sending fraudulent text messages, which appear to have come directly from the bank, that suggest Monzo customers needs to verify their account by clicking on a link embedded within the message.
Clicking on the link sends customers to a fake website, which tries to steal personal information, including bank account numbers, email addresses, and passwords. Monzo has now issued an urgent alert with the bank warning users to be on the lookout for these fake texts.
In a post on Twitter, Monzo said, “Is that text from your bank, actually from your bank? We’d never send you a link to verify your account via text, or ask you to log in to a website to confirm any account details.”
Numerous users instantaneously responded to the tweet with screenshots of the text messages they’ve received.
One customer, called Ross, posted a message that claimed he had a new debit card that was waiting to be dispatched while another Monzo user, known as Leigh, received a message urging him to verify his account to continue using the service.
Monzo has now posted full details on what to watch out for and why you should never click on a link from a text.
Here are the red flags of a phishing scam…
• The sender’s name might not show as Monzo or another bank. But if it does, it might have a full stop after the name, like this: “Monzo”
• The fake website link they want you to click on contains random letters and numbers – they may not mention Monzo or another bank at all
• Look out for randomly capitalised words or numbers hidden as letters, like this: ACC0UNT (that’s actually acc0unt). Sometimes words might be spelt wrong, or start with a capital letter when they don’t need to be
If you’re unsure about a text…
• Don’t click the link!
• Go straight to your banking app first – if there’s no message in there, that’s a red flag.
• If you click the link and enter any details, let us know ASAP and change any similar or matching passwords on other sites or apps.