Beware of wolves in email banking clothes. Don't give them the keys to your account

For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails

Sign up to our free breaking news emails

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

The alarming number of email scams uncovered in recent weeks serves as a warning to us all to be vigilant when banking over the internet.

Emails have been sent to customers of NatWest, Barclays, Nationwide and Halifax requesting they hand over the password and PIN to their current account.

But although these emails appear to come from the banks in question, they are, in fact, bogus and are thought to originate in Russia and other parts of eastern Europe. They carry a link that takes customers through to what looks like the bank's website but is actually one created by the fraudsters.

As soon as the customers have handed over their details, the fraudster has all the information needed to empty their personal accounts.

The Independent on Sunday was alerted to this practice by a reader, Roger Evans, who is a customer of NatWest, after he received an email claiming to be from "the NatWest server". He was asked to verify his email address by clicking on the link in the email. This took him through to a website requesting his NatWest login ID, password and PIN (personal identification number).

Suspicious, Mr Evans forwarded the email to NatWest's customer services department. Sure enough, the bank knew nothing about it. However, Mr Evans was told NatWest was "aware that these messages are in circulation", that they didn't originate from the Royal Bank of Scotland Group (its parent company), and that they have been reported to the relevant authorities. Mr Evans was advised not to reply to the message.

Luckily, before he could become a victim of internet fraud, Mr Evans remembered you shouldn't reveal your PIN or password in full to anyone, not even your own bank. Banks warn that alarm bells should start ringing if someone does ask you for these details.

It is not only NatWest customers who have received emails requesting them to log on to a website that proves to be a realistic-looking fake. Halifax recently closed its online banking operation for 48 hours while it attempted to track down the perpetrators of a similar fraud. And last weekend, the Nationwide warned its customers of yet another scam.

A handful of Barclays customers have also had money stolen from their online accounts in the past month. However, customers caught out in this way had the money refunded.

While those banks which have been targeted have tried to get the fraudulent websites closed down as quickly as possible, new sites are springing up all the time. It is important, therefore, that customers remain on the look-out.

"Don't relax your guard when online," warns Sandra Quinn, the director of corporate communications at Apacs, the Association for Payment Clearing Services. "Be more suspicious of an email than you would of someone knocking at your door requesting information because it is harder for you to ask the sender to prove they are who they say they are."

Email scams are nothing new. Earlier this year, Citibank customers received spam messages informing them they had won £138 but needed to register their details (including their password and PIN) in order for the money to be credited to their accounts. Of course, anyone supplying such information would probably have had their account cleaned out - the "prize money" was nothing more than a bait to catch the unsuspecting victim.

To help those who bank online to protect themselves against internet crime, the National Hi-Tech Crime Unit (NHTCU), Apacs and the British Bankers' Association have released an anti-fraud checklist (see below).

As well as being wary of emails requesting passwords and PINs, customers should watch out for "funds transfer" scams. These involve spam emails offering people the chance to make easy money by acting as a UK agent to a business overseas.

The recipients of these emails are asked to accept funds into their bank account and forward the money overseas, less their commission. If you agree to this, your account will be used to pass on stolen funds to fraudsters.

"We know that many of these 'funds transfer scams' involve the proceeds of fraud, and consumers who participate in these schemes are likely to become embroiled in a police investigation," warns Detective Chief Superintendent Len Hynds at the NHTCU. "The message is: don't allow yourself to be duped. Remember: if an unsolicited money-making offer looks too good to be true, then it probably is."

Safety in cyberspace: seven steps to protect your bank balance against fraud

* Know who you are dealing with: whenever you access internet banking, always type the bank's address into your web browser. Never go to a website from a link in an email, and if you do so inadvertently, never enter your personal details. If in doubt, contact the bank on a telephone number from a separate source.

* Keep passwords and PINs safe. If you write them down, make sure they cannot be identified by anyone else.

* Be on your guard if you receive unsolicited emails or calls asking you to disclose any personal details or card numbers. Keep this information secret. Be wary of disclosing any personal information to someone you don't know. Your bank and the police would never contact you to ask you to disclose your PIN or your full password.

* Keep hold of your cash. Don't be conned by convincing emails offering you the chance to make some easy money, especially if they come from outside the UK. It is much harder to trace messages from overseas and to prove that the senders are who they say they are.

* Keep your PC secure. Use up-to-date anti-virus software and a personal firewall and, if your computer uses the Microsoft Windows operating system, keep it updated from the Microsoft website. Be extra careful if using internet cafés or any PC that is not your own and over which you have no control.

* If in doubt, a good place to get advice on how to protect your PC and yourself online is your bank's website. Look at this regularly for guidance.

* Always check your bank statements. If you notice anything unusual on your account, contact your bank immediately.

Sources: NHTCU, Apacs and the BBA