Online Security

  • Our online banking websites are encrypted to protect your information
  • They are also protected by a firewall (a barrier between the internet and our internal bank network)
  • A secure browser is needed to access account information and transact

Logging on and Timing out

When you log on to Bank of Ireland 365 online, we’ll ask you for:

  1. A private and individual User ID
  2. 3 random digits from your 365 login PIN
  3. A personal detail question

This information is encrypted and will stay private if you don’t disclose it.

  • For Business online customers, your last log on details will show when you log on. This means you’ll know if someone else has accessed your account online
  • If you’re inactive for a while, your online banking session will automatically time out

Two Factor Authentication

  • You need a Two Factor Authentication to add or edit a payee on 365 online
  • We’ll text a code to your registered mobile phone, or send via post if you prefer

Protecting your business with Bank of Ireland KeyCode

  • Business On Line uses the award-winning* Bank of Ireland KeyCode
  • KeyCode generates unique, one-off codes you can use to log on to Business On Line and authorise payments and payees
  • It replaces your logon passwords and means you don’t need a Digital Certificate or Java

Bank of Ireland KeyCode offers the following security benefits:

  • You need a secure PIN to access the KeyCode app. This One Time Code is generated per transaction and expires when used, or after 60 secondsM
  • KeyCode doesn’t store any information
  • KeyCode only works on your registered device, along with your corresponding Business On Line User ID
  • The app is registered to the individual User
  • The Business On Line Administrator can lock a User’s profile (for example, if the User go on holidays, etc.)
  • When you download KeyCode, the app works offline with no need for an internet connection

Read more about Bank of Ireland KeyCode here

Daily Control limit

  • The Administrator and your relationship manager will set a Daily Control Limit (DCL) on your Business On Line profile
  • This limit means your profile is less likely to be exposed to fraud
*Winner of ‘Best Information Security Initiatives (Corporate/Institutional)’ in Western Europe, Global Finance Best Digital Bank Awards 2017

Read about ways in which fraudsters have attempted to gain information from individuals and what you can do to help prevent yourself falling victim from these or similar scams.

  • COVID-19 related Scam

    Fraudsters are trying to dupe people into paying for proof of their COVID Vaccination status.

    ALL proof of vaccination status passes, certificates & letters are FREE

    What is proof of COVID Vaccination status?

    This is proof of your COVID vaccination status or test results. You may be required to show these to enter an event or to travel.

    Where can I get proof of COVID Vaccination status?

    Where you obtain your proof of COVID Vaccination status depends on where you live, however please remember that ALL proof of vaccination status passes, certificates & letters are FREE.

    If you live in:

    • Northern Ireland you can obtain your COVID Certificate from the NI Direct website, or by downloading the COVIDCert NI app from Health & Social Care Northern Ireland.
    • England and Whales you can obtain your NHS COVID pass from the NHS website, app or by giving them a call.
    • In Scotland you can obtain your vaccination status letter through the NHS Scotland website.

    What to look out for:

    Fraudsters will try to contact you by email, phone call, text message, through social media, fake apps & adverts, or home visit.

    Often posts include a link leading to a fraudulent website where your personal details and financial information are requested. This information is then used to commit fraud, or sold to other criminals to use.

    Remember that all proof of vaccination status passes, certificates & letters are FREE.

    If you receive a request for a payment hang up, don’t click on the link & don’t provide your personal and/or financial details. Contact us straight away if you are concerned or suspect fraudulent activity on your account.

    Below is an example of a fake NHS email and text message currently circulating:

    Example of fake NHS email:

    Example of fake NHS text message:

    How to protect yourself:

    Remember that all proof of vaccination status passes, certificates & letters are FREE.

    You can help protect yourself from falling victim to these scams by following the below steps:

    • Don’t click on links sent to you through email, text message or social media.
    • When entering login details or personal information, be sure the web page you are viewing offers encryption of your data by checking:
      • The web address (URL) has changed from ‘http’ to ‘https’.
      • That a closed padlock icon is present.
      • Your browser address window may be green.
    • Be suspicious of unsolicited emails, texts, phone calls and social media messages. Listen to your instincts. If something doesn’t feel right then stop and question it.
    • Never reveal your personal information if requested via email, text, phone call and social media message.

    We encourage you to #Take Five by following the below steps:

    • Never disclose security details, such as your PIN or full banking password
    • Don’t assume an email or phone call is authentic
    • Don’t be rushed – a genuine organisation won’t mind waiting or you calling back
    • Listen to your instincts – you know if something doesn’t feel right
    • Stay in control – don’t panic or make a decision you’ll regret.

    Report Fraud

    Contact us straight away if you are concerned, suspect fraudulent activity on your account or have lost your payment card.

    Report a suspicious email or text
    To report suspicious Bank of Ireland UK related emails or texts (both personal and business customers), send the suspicious email or text to 365security@boi.com.

    Emergency Contact Numbers
    You can contact us 24 hours a day, 7 days a week on:

    Calling from UK
    Freephone: 0800 121 7790 (personal customers)
    Freephone: 0800 032 1288 (Business On Line and Global Market Customers)

    Calling from ROI
    Freephone: 1800 946 764 (personal and business)

    Calling from Overseas
    Not Freephone: 00353 567 757 007

    Please note: If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

  • Phone number spoofing scams

    What is a Phone number spoofing scam?
    Fraudsters can manipulate the phone number that appears on your caller ID so it appears they are calling from a legitimate company. A phone number spoofing scam is when a fraudster calls you from what appears to be a legitimate company and tricks you into providing them with your financial and/or personal information or make a payment.

    How can I tell if it’s the legitimate company calling me or a fraudster?
    It’s difficult to identify spoofing telephone calls, however fraudsters calling you have an agenda; they want to obtain your personal and/or financial information. As a tactic they often add an urgency or a threat to the call, for example they may say that your bank account or bank card has been compromised.

    What should I do if I receive a call and have been asked for my information?

    • Never provide your financial and/or personal information on a call you receive.
    • Fraudsters who call your landline can stay on the line for up to 5 minutes after you hang up – wait for more than five minutes before you make another call, or use your mobile.
    • A legitimate company will understand if you want to hang up and call them back on the phone number from their website. Hang up, and call the company on the number provided on their website.

    Bank of Ireland UK will NEVER ask you to transfer money to a new, or ‘safe’ account so ignore such calls or texts.

    Take Five to stop fraud

    We encourage you to Take Five by following the below steps:

    1. Never disclose security details, such as your PIN or full banking password
    2. Don’t assume an email or phone call is authentic
    3. Don’t be rushed – a genuine organisation won’t mind waiting or you calling back
    4. Listen to your instincts – you know if something doesn’t feel right
    5. Stay in control – don’t panic or make a decision you’ll regret.

    Report Fraud

    Contact us straight away if you are concerned, suspect fraudulent activity on your account or have lost your payment card.

    Emergency Contact Numbers

    You can contact us 24 hours a day, 7 days a week on:

    Calling from UK
    Freephone: 0800 121 7790 (personal customers)
    Freephone: 0800 032 1288 (Business On Line and Global Market Customers)

    Calling from ROI
    Freephone: 1800 946 764 (personal and business)

    Calling from Overseas
    Not Freephone: 00353 567 757 007

    Report a suspicious email or text
    To report suspicious Bank of Ireland UK related emails or texts (both personal and business customers), send the suspicious email or text to 365security@boi.com

    Please note: If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

  • Bank of Ireland UK (BOIUK) Investment Scam

    Fraudsters are contacting members of the public, claiming to be from BOIUK offering information on investments/ investment bonds. BOIUK do not offer investment services. If you receive any correspondence claiming to be from BOIUK, offering investment services this is a scam. You may receive this correspondence by phone call, email, text, post, or through social media messages.

    Examples of the BOIUK Investments scam emails
    Please click on the below links to see examples of the BOIUK Investment Scam emails.

    How to keep safe

    BOIUK do not offer investment services, if you receive any correspondence claiming to be from BOIUK & offering investment services, do not respond and do not provide your personal details or financial information.

    If you are considering an investment, before you make any decisions, please remain vigilant against scams. You can do this by independently checking the authenticity of the company you are dealing with. You can check the FCA Warning List of firms to avoid. Learn more by visiting the FCA website for guidance on how to avoid investment scams.

    We encourage you to Take Five by following the below steps:

      1. Never disclose security details, such as your PIN or full banking password
      2. Don’t assume an email or phone call is authentic
      3. Don’t be rushed – a genuine organisation won’t mind waiting
      4. Listen to your instincts – you know if something doesn’t feel right
      5. Stay in control – don’t panic or make a decision you’ll regret.

    Report Fraud

    Lost or stolen card?

    As soon as you believe your card has been lost or stolen, please contact us as soon as possible via our Freephone numbers listed below. We’ll cancel your card as soon as you tell us it’s missing and get a new card issued to your address (the one we have on file for you) in 5 to 7 working days.

    Fraud, suspicious activity or unauthorised transactions?

    To report online fraud, suspicious activity, unauthorised transactions on your account or ATM fraud, please contact us as soon as possible via our Freephone numbers listed below.

    Shared your online login details?

    If you have shared your banking details in response to a suspicious email, text or call, please notify us as soon as possible via the Freephone numbers listed below.

    Report a suspicious email or text

    To report suspicious Bank of Ireland UK related emails or texts (both personal and business customers), send the suspicious email or text to 365security@boi.com

    Emergency Contact Numbers

    You can contact us 24 hours a day, 7 days a week on:

    Calling from UK
    Freephone: 0800 121 7790 (personal customers)
    Freephone: 0800 032 1288 (Business On Line and Global Market Customers)
    Calling from ROI
    Freephone: 1800 946 764 (personal and business)
    Calling from Overseas
    Not Freephone: 00353 567 757 007

    Please note: If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

  • FCA issues a consumer warning on Binance Group

    On 26 June 2021, the Financial Conduct Authority (FCA) issued a consumer warning on Binance Markets Limited and the Binance Group. Binance Markets Limited are no longer permitted to undertake regulated activity in the UK.

    If you are a Binance Markets/Binance Group customer and want to find out if/how this affects you, please contact the FCA, or Binance Group/Binance Markets directly.

    For more information on the FCA consumer warning, please refer to the FCA website.

  • 2021 Summer Scams

    Bank of Ireland UK would like to remind our customers to remain vigilant against fraud this summer as restrictions start to ease. Fraudsters are targeting victims with concert/festival ticketing scams, travel scams, and health insurance scams. Please see below for more information about these scams and how you can protect yourself.

    Holiday & ticketing scams

    Fraudsters set up fake websites and social media profiles where they offer travel deals or event, concert, and festival tickets that are either fake or do not exist. These websites are used to obtain your money and information. The websites usually look genuine so can be hard to spot but if you follow the below steps you can help protect yourself from falling victim to these scams:

    • Don’t click on links sent to you by email, text message or social media. Search for the website by typing it into the web browser. When entering login details or personal information, be sure the web page you are viewing offers encryption of your data by checking:
      • The web address (URL) has changed from ‘http’ to ‘https’.
      • That a closed padlock icon is present.
      • Your browser address window may be green.
    • If it’s too good to be true it probably is – do some research on the company/ website.
    • When booking holidays consider booking directly with an established hotel or through a reputable travel company that is a member of a trade body such as ATOL.
    • Always use secure payment options and don’t make payment by funds transfer.
    • Where possible, use a credit card when making payments over £100 and up to £30,000 as you receive protection under Section 75 of the Credit Consumer Act.

    Global Health Insurance Card (GHIC) scams

    When travelling in the EU people can access emergency and medical care with a Global Health Insurance Card (GHIC). This card has replaced the European Health Insurance Card (EHIC) however fraudsters are capitalising on this new card to commit fraud, asking victims for payment details when the GHIC is free. Fraudsters are advertising these cards on fake websites that look like that of the NHS. The sites claim to either fast-track or manage your application process before charging you an up-front fee. You can help protect yourself from falling victim to these scams by following the below steps:

    • Don’t click on links sent to you by email, text message or social media. When entering login details or personal information, be sure the web page you are viewing offers encryption of your data by checking:
      • The web address (URL) has changed from ‘http’ to ‘https’.
      • That a closed padlock icon is present.
      • Your browser address window may be green.
    • Be suspicious of unsolicited emails, texts, phone calls and social media messages. Listen to your instincts. If something doesn’t feel right then stop and question it.
    • Never reveal your personal information if requested via email, text, phone call and social media message.

    Vaccine certificate scams 

    The UK government is currently looking into the use of vaccine certificates or a passport for people to use once restrictions lift. These will show whether people have been vaccinated, have recently tested negative or have natural immunity after being ill with Covid. As we wait for further information on this from the UK Government, fraudsters will be using the opportunity to target people with fake Covid certificates and passports. Fraudsters may contact people by email, phone call, text message, through social media, fake apps or adverts. Often posts include a link leading to a fraudulent website used to steal your money or personal and financial information.   You can help protect yourself from falling victim to these scams by following the below steps:

    • Don’t click on links sent to you through email, text message or social media. When entering login details or personal information, be sure the web page you are viewing offers encryption of your data by checking:
      • The web address (URL) has changed from ‘http’ to ‘https’.
      • That a closed padlock icon is present.
      • Your browser address window may be green.
    • Be suspicious of unsolicited emails, texts, phone calls and social media messages. Listen to your instincts. If something doesn’t feel right then stop and question it.
    • Never reveal your personal information if requested via email, text, phone call and social media message.
    • We encourage you to #Take Five by following the below steps:

      • Never disclose security details, such as your PIN or full banking password
      • Don’t assume an email or phone call is authentic
      • Don’t be rushed – a genuine organisation won’t mind waiting
      • Listen to your instincts – you know if something doesn’t feel right
      • Stay in control – don’t panic or make a decision you’ll regret.

      Report Fraud

      If you suspect suspicious activity on your account, or if you have provided personal information in response to a suspicious email, text or telephone call, please contact us as soon as possible on the below contact numbers:

      Northern Ireland
      Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
      365 Online: 0345 7 365 555

      Great Britain
      365 Online: 0345 7 365 333

      Republic of Ireland
      365 Online: 1890 365 200/ 0818 365 365

      Abroad
      365 Online: +44 345 7365 555

      365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

      To report suspicious Bank of Ireland related emails or texts, send the suspicious email or text to 365security@boi.com

      If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

  • Smishing (Text message) Scams

     

    The purpose of this alert is to warn Bank of Ireland UK customers about Smishing scams and how to protect yourself from becoming a victim of fraud.

    What it Smishing?

    Smishing is when a fraudster sends you a text message posing to be from a legitimate business & tricks you into providing them with your financial or personal information.

    What does a Smishing text look like?

    Smishing text messages can seem genuine as they can appear in the existing thread of text messages with a legitimate business. Some things to look out for include:

    • The threat that urgent action is needed or there will be negative consequences.
    • They may ask you to click on a link directing you to a website, or to provide a number to call in order to “verify” or “update” your personal current account.
    • Fake links lead to fake websites where you may be asked to provide personal information. The fraudster then uses that information to transfer money from your account.
    • Text messages claiming to be from your bank, asking you to confirm financial or personal information.

     

    What you can do

    Don’t focus on the details of the text message & follow this simple rule: If you receive a text message with a link asking for your financial or personal information do not click on the link. If you think the request for information is genuine, contact the business directly.

    You should never:

    • Click on or open suspicious links and attachments.
    • Respond to unsolicited text messages.
    • Share your banking details, including your full online banking PIN, or other personal information if requested via text message.
    • Use a phone number provided in the text which could be fake.

    If you have clicked on a suspicious link, call us as soon as possible on the emergency contact numbers listed below.

    Bank of Ireland will never:

    • Send you a text with a link directly to the login page of our online banking channels.
    • Ask you to provide all the digits of your six-digit 365 PIN.
    • Ask you to transfer money out of your account to protect yourself from fraud.

    #Take Five to stop fraud

    We encourage you to #Take Five by following the below steps:

    • Never disclose security details, such as your PIN or full banking password
    • Don’t assume an email or phone call is authentic
    • Don’t be rushed – a genuine organisation won’t mind waiting
    • Listen to your instincts – you know if something doesn’t feel right
    • Stay in control – don’t panic or make a decision you’ll regret.

    Report Fraud

    If you suspect suspicious activity on your account, or if you have provided personal information in response to a suspicious email, text or telephone call, please contact us as soon as possible on the below contact numbers:

    Northern Ireland
    Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
    365 Online: 0345 7 365 555

    Great Britain
    365 Online: 0345 7 365 333

    Republic of Ireland
    365 Online: 1890 365 200/ 0818 365 365

    Abroad
    365 Online: +44 345 7365 555

    365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

    To report suspicious Bank of Ireland related emails or texts, send the suspicious email or text to 365security@boi.com

    If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

     

  • Romance scams

    The UK has seen a rise in people falling victim to Romance scams during Lockdown. The rise comes as more people have turned to online dating during 2020 due to social distancing restrictions. The purpose of this Fraud Alert is to inform Bank of Ireland UK customers about Romance scams and how to protect yourself, your friends and family from Romance scams this Valentine’s Day.
     
    New data from UK Finance reveals a 20 per cent increase in bank transfer romance fraud between January and November 2020 compared to the previous year, with the total value of these scams rising by 12 per cent to £18.5 million. The average loss per victim reported to UK Finance members was £7,850, highlighting the significant impact this type of fraud can have on victims’ finances.
     
    What is a Romance scam?
     
    A Romance scam is when a person is duped into sending money or gifts to a fraudster because they believe they are in a genuine relationship and are sending them to their ‘partner’.
     
    Romance scams usually start with people meeting online; through dating websites or social media. Fraudsters often use fake profiles and spend a lot of time getting to know the victim to convince them that they are in a genuine relationship. Once the fraudster believes they have gained the victim’s trust they will ask for money or gifts that seem genuine; the fraudster could say they need money for emergency medical care, or to pay for travel costs if the victim lives overseas. There are numerous reasons, but the key is that money is requested, yet neither party have ever met.
     
    What to look out for
     
    When you are dating someone online, look out for the below alarm bells:

    • Requests for money or gifts from someone you have never met in person.
    • Requests for your personal data (e.g. a copy of your passport to arrange travel).
    • Does the person’s profile look genuine? You can complete a reverse image search to find if their profile picture has been taken from somewhere else.

    When your friends or family are dating someone online, look out for the below warning signs:

    • Being secretive about their relationship.
    • Sending money or gifts to someone they have never met in person.
    • Committing to someone very quickly, when they have not met in person.

    Protect yourself

    • Be cautious when providing your personal information. The more information you provide about yourself the easier it is for a fraudster to steal your identity.
    • If you notice any of the above alarm bells don’t be pressured into transferring your money, or spending your money to buy gifts.
    • Never reveal your banking information to anyone, including your account details, online banking information, card number & pin.

    No matter how long you’ve been speaking to someone online and how much you think you trust them, if you have not met them in person it’s important that you do not:

    • Send them any money
    • Allow them access to your bank account
    • Transfer money on their behalf
    • Take a loan out for them
    • Provide copies of your personal documents such as passports or driving licenses
    • Invest your own money on their behalf or on their advice
    • Purchase and send the codes on gift cards from Amazon or iTunes
    • Agree to receive and/or send parcels on their behalf (laptops, mobile phones etc.)

    We encourage you to #Take Five by following the below steps:

    • Never disclose security details, such as your PIN or full banking password
    • Don’t assume an email or phone call is authentic
    • Don’t be rushed – a genuine organisation won’t mind waiting
    • Listen to your instincts – you know if something doesn’t feel right
    • Stay in control – don’t panic or make a decision you’ll regret.

    Report Fraud
    If you think you have been a victim of a Romance scam, do not feel ashamed or embarrassed – you are not alone. Contact us immediately on:

    • Northern Ireland
      Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
      365 Online: 0345 7 365 555
    • Great Britain
      365 Online: 0345 7 365 333
    • Republic of Ireland
      365 Online: 1890 365 200/ 0818 365 365
    • Abroad
      365 Online: +44 345 7365 555

    365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

    To report suspicious Bank of Ireland related emails or texts, send the suspicious email or text to 365security@boi.com

    If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

  • COVID-19 Vaccine Scam Alert

    The purpose of this alert is to warn Bank of Ireland UK customers of a new scam circulating where fraudsters are using the COVID-19 vaccine rollout as an opportunity to try to steal your data.

    Summary

    Bank of Ireland UK have been informed that there is a new scam text message circulating in which fraudsters are posing to be from the NHS. The text message informs the recipient that they are eligible to apply for the COVID-19 vaccine and asks them to click on a link. The link takes the recipient to a fake NHS website and prompts them to enter their bank account details (including sort code, account number and card number) to verify their address. Please remember that the NHS, or your doctor would never ask you for this type of data.

    An example of the scam text message is shown below.

    Covid Fraud Alert

    We would like to remind our customers to remain vigilant against fraud. The above image is an example of a fraudulent text message that has been sent to an individual, however fraudsters will try to trick people by sending different variations of the same scam. Fraudsters also use different means of communication, other ways fraudsters may try to contact you is by email or telephone.

    How to protect yourself

    Suspicious texts (Smishing)

    Fraudsters may send texts pretending to be from a company you trust. They target mobile users by sending texts with links to fraudulent websites to trick you into providing your online banking details or card details.

    You should never:

    • Click on or open suspicious links and attachments.
    • Use a phone number provided in the text which could be fake.
    • Respond to unsolicited text messages.
    • Share your banking details, including your full online banking PIN, or other personal information if requested via text message.

    If you have clicked on a suspicious link, call us as soon as possible on the phone numbers provided below.

     

    Suspicious emails (Phishing)

    Fraudsters sometimes send emails pretending to be from a company you trust, usually asking you to click on a link or open an attachment. The emails may seem genuine and convincing but are designed to trick you into sharing your personal information, such as your username, full PIN or credit card number. They will often make urgent threats and try to scare you into providing your details.

    You should never:

    • Click on or open suspicious links and attachments.
    • Respond to unsolicited emails.
    • Share your banking details or other personal information if requested via email.
    • Use a phone number provided in the email which could be fake.

    If you have clicked on a suspicious link, call us as soon as possible on the phone numbers provided below.

     

    Suspicious calls (Vishing)

    Fraudsters may contact you be telephone pretending to be calling from a company you trust. Be vigilant if you receive a phone call out of the blue. The fraudsters may claim that your account has been compromised and ask you for your bank card or bank account details.

    You should never:

    • Give away personal or banking information. No matter what story you are told, if it seems a bit odd or out of the blue, don’t give away your passwords, personal details or banking details.
    • Use a phone number the suspicious caller gave you.

    If you have accidentally shared your banking information over the phone and you are worried, call us as soon as possible on the phone numbers provided below. Fraudsters can stay on the line after you have finished the call, so either use a different phone to report the incident or wait a few minutes and then call someone you know first, so that you can be sure the fraudster has disconnected completely.

    Further information

    To find out more about fraudster Tactics, and what you can do to protect yourself please refer to the Fraudster tactics section of our website.

    Report Fraud

    If you suspect suspicious activity on your account, or if you have provided personal information in response to a suspicious email, text or telephone call, please contact us as soon as possible on the below contact numbers:

    Northern Ireland
    Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
    365 Online: 0345 7 365 555

    Great Britain
    365 Online: 0345 7 365 333

    Republic of Ireland
    365 Online: 1890 365 200/ 0818 365 365

    Abroad
    365 Online: +44 345 7365 555

     

    365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

    To report suspicious Bank of Ireland related emails or texts, send the suspicious email or text to 365security@boi.com

    If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

     

    • Scam phone calls and fake text messages from fraudsters pretending to be from Bank of Ireland UK (BOIUK)

      Fraudsters are contacting BOIUK customers either by phone (vishing) or by text (smishing) and gaining enough personal and bank information to make fraudulent payments from customer’s accounts.

      Scam Phone calls (Vishing)
      Fraudsters are calling BOIUK customers pretending to be from a BOIUK fraud department. They claim that your account has been compromised and ask for your personal data, bank card or bank account details.

      What you can do

      • Don’t give away personal or banking information. No matter what story you are told, if it seems a bit odd or out of the blue, don’t give away your passwords, personal details or banking details.
      • If you receive a suspicious call, hang up and don’t call back any number the caller may have given you. Remember: Bank of Ireland will never ask for your full login PIN or full banking details over the phone.
      • If you have accidentally shared your banking information over the phone and you are worried, call us immediately on one of our numbers listed below. Fraudsters can stay on the line after you have finished the call, so either use a different phone to report the incident or wait a few minutes and then call someone you know first, so that you can be sure the fraudster has disconnected completely.

      Fake Text messages (Smishing)
      Fraudsters are sending fake text messages to BOIUK customers pretending to be from us, the text messages can appear in your existing message feed with BOIUK, so they can be hard to identify. The text messages could have a link to a fake BOIUK website, or it could provide you with a fake telephone number to call. Customers are being asked to remain vigilant against fraud.

      Remember, Bank of Ireland UK will never:

      • Send you a text or email with a link directly to the login page of our online banking channels to confirm banking details or ask you to update their banking details
      • Ask you to click a link in an email with an urgent warning about suspicious activity on your account
      • Ask you to transfer money out of your account to protect you from fraud
      • Ask you to tell us any ‘one-time password’ or code that you have received from us by text
      • Ask you to share or send us your full six-digit 365 PIN, four-digit card PIN or Business On Line credentials
      • Ask you to send us back your bank card

      For more information on how to protect yourself please refer to the Protect yourself link in our website.

      Examples of smishing
      Please see below some examples of smishing

      For more smishing examples please refer to our gallery of phishing and smishing examples here.

      Report Fraud
      If you suspect suspicious activity on your account, or if you have provided personal information in response to a suspicious email, text or telephone call, please contact us as soon as possible on the below contact numbers:

      Northern Ireland
      Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
      Freephone (Business accounts): 0800 032 1288 (24 hours, 7 days a week).
      365 Online: 0345 7 365 555
      Business Online: 0345 309 8123

      Great Britain
      365 Online: 0345 7 365 333
      Business Online: 0345 309 8124

      Republic of Ireland
      365 Online: 1890 365 200/ 0818 365 365
      Business Online: 1890 818 265

      Abroad
      365 Online: +44 345 7365 555
      Business Online: +353 1 440 6445

      365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

      Business Online Opening hours: Monday-Friday 8am-6pm. Closed Saturday, Sunday, Bank and Public holidays.

      If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

      To report suspicious Bank of Ireland related emails or texts (both personal and business customers), send the suspicious email or text to 365security@boi.com

    • Invoice Redirection Fraud (Business banking)

      We have seen an increase in Invoice Redirection fraud in 2020.

      Invoice Redirection fraud is where fraudsters pretend to be a supplier or service provider for your business in order to trick you into changing bank account payee details. They contact you to tell you that their bank account details have changed and to ask you to send all payments to a new account. This is an account controlled by the fraudster.

      What to look out for

      • The fraudsters may write to your company’s finance or payments department either on forged headed paper or by email, pretending to be one of your suppliers.
      • Typically, they tell you that their account details have changed.
      • The payee account may be located either in the UK or overseas.
      • The fraudster may ask an employee in your company to either send a pending payment to the new account or, alternatively, to ensure that all future payments are sent to the new account.

      What you can do

      If a company requests a change of payment details, always follow these simple verification steps before making payments:

      • Verify the change by contacting a known contact in the company directly, using contact details held on record, or by using a phone number displayed on the company’s website. Links or contact details contained in the email or letter requesting the change could be fraudulent. Don’t use them.
      • Fraudsters may change an email address to make it look as though it has come from someone you are used to dealing with. Always check email addresses carefully.
      • Regularly review supplier records to ensure they are up to date.
      • Ensure that your employees are aware of this type of threat and how to avoid it.
      • Contact us immediately if you receive a suspicious email or letter relating to payments or the Police if you think you have been the victim of fraud.

      We encourage you to Take Five by following the below steps:

      1. Never disclose security details, such as your PIN or full banking password
      2. Don’t assume an email or phone call is authentic
      3. Don’t be rushed – a genuine organisation won’t mind waiting
      4. Listen to your instincts – you know if something doesn’t feel right
      5. Stay in control – don’t panic or make a decision you’ll regret.

      Report Fraud

      To report online fraud, suspicious activity on your account, or if you have provided personal information in response to a suspicious email, text or phone call.

      Call us on:
      Northern Ireland
      Freephone (Business accounts): 0800 032 1288 (24 hours, 7 days a week).
      Business online: 0345 309 8123
      Great Britain
      Business Online: 0345 309 8124
      Republic of Ireland
      Business Online: 1890 818 265

      Abroad
      Business Online: +353 1 440 6445
      Business Online Opening hours: Monday-Friday 8am-6pm. Closed Saturday, Sunday, Bank and Public holidays.

      To report suspicious Bank of Ireland related emails or texts (both personal and business customers), send the suspicious email or text to 365security@boi.com.

      If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

    • Coronavirus related scams

      Fraudsters are exploiting the spread of COVID-19 coronavirus to facilitate various types of fraud and cyber crime.

      Reports were made by victims that attempted to purchase protective face masks from fraudulent sellers and also coronavirus-themed phishing emails in an attempt to trick people into opening malicious attachments or revealing personal and financial details.

      Watch out for scam messages:
      Don’t click on the links or attachments in suspicious emails, and never respond to unsolicited messages and calls that ask for your personal or financial details.

      Shopping online:
      If you’re making a purchase from a company or person you don’t know and trust, carry out some research first, and ask a friend or family member for advice before completing the purchase. If you decide to go ahead with the purchase, use a credit card if you have one, as most major credit card providers insure online purchases.

      For more information on how to shop online safely, please visit: https://www.actionfraud.police.uk/shoponlinesafely

      Protect your devices from the latest threats:
      Always install the latest software and app updates to protect your devices from the latest threats.

      For information on how to update your devices, please visit:

      https://www.ncsc.gov.uk/guidance/securing-your-devices

      For information about Coronavirus please visit:
      https://www.nhs.uk/conditions/coronavirus-covid-19/

    Archive

    Support for victims of financial crime

    Bank of Ireland UK (BOIUK) understands that becoming a victim of financial crime can happen to anyone, and that it can have an adverse impact on the victim. Often victims of financial crime can benefit from emotional and/or practical support. We have teamed up with Victim Support (VS) to ensure that our customers are provided with the emotional and practical support they need after becoming a victim of financial crime.

    Who are VS?

    VS is an independent charity who support people who have been affected by crime or traumatic events.

    VS offer a variety of services, one of which is their Fraud Support service; this is a tailored service to support people who have become a victim of financial crime.

    What does VS do?

    The Fraud Support Team within VS provides emotional and practical support to people who have become a victim of financial crime. Each customer will be provided with an individually tailored package of support, this could include:

    • Long term support over the phone from a trained case worker– you can be supported by the same caseworker throughout your referral.
    • Practical support, advice & guidance on how to prevent becoming a victim of fraud.
    • Signpost to other agencies, where appropriate.

    The service is independent, confidential and non-judgmental, and above all strives to support victims of financial crime. VS are independent of BOI UK, meaning any information you provide will remain confidential to VS.

    To find out more about VS please refer to their website at: https://www.victimsupport.org.uk/

    Will VS help investigate my BOIUK fraud case?

    No – VS are not involved in investigating BOIUK fraud cases.

    Can VS Provide any financial support?

    No – unfortunately VS are unable to provide any financial support or compensation

    How can I be referred to VS?

    We have a dedicated telephone number with VS for BOIUK customers:

    0808 168 9024 (available Mon – Fri 8am – 6pm).

    Alternatively, please inform the fraud team that you would like to be referred to VS when reporting your fraud case with us. To report fraud please contact us on our emergency contact numbers provided below.

    Report Fraud

    Lost or stolen card?

    As soon as you believe your card has been lost or stolen, please contact us as soon as possible via our Freephone numbers listed below. We’ll cancel your card as soon as you tell us it’s missing and get a new card issued to your address (the one we have on file for you) in 5 to 7 working days.

    Fraud, suspicious activity or unauthorised transactions?

    To report online fraud, suspicious activity, unauthorised transactions on your account or ATM fraud, please contact us as soon as possible via our Freephone numbers listed below.

    Shared your online login details?

    If you have shared your banking details in response to a suspicious email, text or call, please notify us as soon as possible via the Freephone numbers listed below.

    Report a suspicious email or text

    To report suspicious Bank of Ireland UK related emails or texts (both personal and business customers), send the suspicious email or text to 365security@boi.com

    Emergency Contact Numbers

    You can contact us 24 hours a day, 7 days a week on:

    Calling from UK
    Freephone: 0800 121 7790 (personal customers)
    Freephone: 0800 032 1288 (Business On Line and Global Market Customers)
    Calling from ROI
    Freephone: 1800 946 764 (personal and business)
    Calling from Overseas
    Not Freephone: 00353 567 757 007

    Please note: If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.


    • Fraud prevention philosophy

      What is our approach to fraud prevention?

      Keeping customers’ accounts secure is a top priority for us, but it is also important for you to protect yourself from fraudsters. The safety of our colleagues and customers is always a top priority for the bank. Our Security teams work round the clock to ensure our bank is a safe place to work, with plans, processes and controls in place to protect our customer’s finances.

      What controls do you have in place / How do we protect you?

      Online Security

      Our websites are encrypted to protect your information.
      Please use a secure browser to access account information and transact.
      Our websites are protected by a firewall (a barrier between the internet and our internal bank network).

      When you log on to Bank of Ireland 365 online, we’ll ask you for:

      • A private and individual User ID
      • 3 random digits from your 365 login PIN
      • A personal detail question

      This information is encrypted and will stay private if you don’t disclose it.

      Two factor authentication

      • You need a Two Factor Authentication to add or edit a payee on 365 online
      • We’ll text a code to your registered mobile phone, or send via post if you prefer

      Protecting your business with Bank of Ireland award-winning* KeyCode. It has many features and benefits including:

      • Unique, one-off codes you can use to log on to Business On Line and authorise payments and payees
      • You need a secure PIN to access the KeyCode app. This One Time Code is generated per transaction and expires when used, or after 60 seconds
      • KeyCode only works on your registered device, along with your corresponding Business On Line User ID
      • The app is registered to one individual user.

      Daily Control Limit

      • The administrator and your relationship manager will set a Daily Control Limit (DCL) on your Business On Line profile
      • This limit means your profile is less likely to be exposed to fraud.
      • Winner of ‘Best Information Security Initiatives (Corporate/Institutional)’ in Western Europe, Global Finance Best Digital Bank Awards 2017



    • Customer education and awareness

      What do you do to educate your customers to ensure they are fully aware of the latest fraud trends / advice?

      We reach our customers in several ways:

      Online & Social Media
      A wide range of Security and Fraud information is available within our Security Zone area on Bank of Ireland UK website. It’s specifically designed to highlight current scams and types of fraud along with measures you can take to help protect yourself.

      We have information about Fraud Alerts on a range of topics including Data Breaches, Phishing, Money Mules, Boiler Room Scams, and CEO fraud.
      We are supporters of the national Take Five campaign that offers straight forward and impartial advice to help everyone to protect themselves from preventable financial fraud.

      Educational content is sent within statement emails and our members are provided with fraud prompts on the Internet Bank and Banking App.
      We regularly post on the Social media platforms material concerning fraud.

      We also provide general guidance on How to Protect Yourself Online with information about Anti-virus software, operating systems, browsers and firewalls.

      Our ATMs carry fraud warnings particularly to guard against prying eyes when entering a PIN.

      Branch
      All our branches have fraud education material available and staff are trained to ask the right questions to help detect scams when processing payments. Branch colleagues are trained to identify fraud and victims of fraud, and provide bespoke advice including invocation of the Banking protocol. There are frequent communications delivered to branch colleagues raising the awareness of fraud and scams.

      All Bank of Ireland UK colleagues have to complete annual mandatory training which covers a broad spectrum of fraud education.



    • Contact

      How and when we would contact our customers

      We will contact our customers using email, phone calls, text messages and by letter. Customers should always take the necessary precaution to ensure they are talking to who they think they are.

      We also utilise various security controls and offer guidance for identifying malicious contact on our website.

      Examples of the controls / guidance we offer include;

      One-time passcodes – When we need to verify who you are, we’ll send a unique code to the mobile you gave us when you opened your account.
      The text will state exactly what the code is for, like creating a new payee. You shouldn’t tell anyone what this code is other than a Bank ABC colleague. If someone asks for the code but for a different reason than is stated in the text message, you shouldn’t answer them.
      If you get a one-time passcode message you’re not expecting, give us a call on 0345 309 8099

      Text Alerts – If we notice something suspicious or need to get in touch with you, we may send you an alert either by email or text message.
      While we may ask you to reply to messages, we’ll never:

      • Include a link to a log in page
      • Ask for your complete security number, password, or card number
      • Ask you for answers to your security questions

      If you’re not sure whether a text or email is genuine, give us a call on 0345 309 8099

      How and when can our customers contact us regarding fraud/ fraud prevention?

      If you believe you are a victim or fraud, or you require any fraud prevention advice customers can contact us 24 hours a day. Our contact numbers can be found here.



    • How we collaborate with the rest of the industry

      Industry initiatives/ collaboration

      • We are members of UK Finance and take an active part in all Industry Fraud initiatives.
      • We are members of CIFAS – The UK Fraud Prevention Service.
      • We contribute to the funding of the DCPCU. The DCPCU is a national police unit formed between the City of London Police, the Metropolitan Police Service, UK Finance and the Home Office.
      • We share fraud intelligence with the rest of the banking industry and law enforcement to protect our customers.
      • We are a signatory to the Take Five Charter which provides our customers with up to date advice on fraud prevention.
      • We are a participant of the Banking Protocol which helps our customers from being targeted by fraudsters and rouge traders.
      • We work with other banks to quickly recover fraudulent funds for our customers.



    • Summary

      We are the Partnership Bank.
      We provide simple, flexible, financial services to UK customers both directly and through partnerships with well-known UK brands. Technology is making it quicker and easier to stay on top of your finances wherever and whenever you want. As more of our customers choose to use new ways of banking such as phone, tablet or computer, we’re committed to keeping their accounts and information secure

    Take Five to Stop Fraud
    In 2019, £1.2 billion was lost to financial fraud in the UK, this is despite the finance industry preventing £1.8 billion of unauthorised fraudulent transactions. However, we can all help to lower financial loss from fraud by remembering to:

    STOP – take a moment to STOP and think before parting with your money or information.

    CHALLENGE – Could it be fake? It’s okay to reject, refuse or ignore requests. Only fraudsters will try to rush or panic you.

    PROTECT – Contact your bank immediately if you think you’ve fallen victim to a scam & report it to Action Fraud on 0300 123 2040 or at www.actionfraud.police.uk.

    If you receive a request to hand over (or do something with) personal or financial information, you need to take a moment to reflect and step back from the situation. Yes, even if they say they’re the bank, police or another trusted organisation, you still need to take the time to stop and think about what’s really going on.
    Because deep down, you probably already know these basic rules on how to beat financial fraud – you just need to take a deep breath and stay calm enough to remember them.

    1. Never disclose security details, such as your PIN or full banking password
    2. Don’t assume an email or phone call is authentic
    3. Don’t be rushed – a genuine organisation won’t mind waiting
    4. Listen to your instincts – you know if something doesn’t feel right
    5. Stay in control – don’t panic or make a decision you’ll regret

    UK Finance educational material

    Take Five to Stop Fraud

    For more information on the Take Five to Stop Fraud campaign including general and business advice guidance please visit: https://takefive-stopfraud.org.uk/

    UK Finance has worked in collaboration with the Met Police to create the Little Booklet of Investment Scams. The Little booklet of investment scams talks you through the current top eight investment scams, and gives advice on how you can protect yourself. To find out more click here to download the Little Booklet of Investment Scams.

    Fraudsters may ask you to receive money into your bank account and transfer it into another account, keeping some of the cash for yourself. If you let this happen, you’re a money mule. You’re involved in money laundering, which is a crime.

    You can be approached by fraudsters online or in person. They might post what looks like a genuine job ad, then ask for your bank details.

    Once you become a money mule, it can be hard to stop. You could be physically attacked or threatened with violence if you don’t continue to let your account be used by criminals.

    When you’re caught:

    • Your bank account will be closed.
    • You will find it hard to access further student loans.
    • It will be difficult to get a mobile phone contract.
    • You will have problems applying for credit.
    • You could go to prison for up to 14 years.

    Students can become money mules unwittingly. They might think they’re giving out their bank details for a genuine reason, then end up involved in money mule fraud.

    Don’t Be Fooled. Follow this advice:

    • Don’t give you bank account details to anyone unless you know and trust them.
    • Be cautious of unsolicited offers of easy money. If it sounds too good to be true, it probably is.
    • Research any company that makes you a job offer and make sure their contact details are genuine.
    • Be wary of job offers from overseas. It will be harder for you to find out if they are legitimate.
    • Be wary of job ads that are written in poor English, with grammatical errors and spelling mistakes.

    For more information, visit the Money Mules website.

    ROI customers – please click here