NatWest Impersonation Scams
Scammers impersonate NatWest with spoofed fraud-team calls and phishing texts pressuring customers to move money to a 'safe account'. The real NatWest will never ask you to do this or to share a one-time passcode.
Last reviewed: 1 June 2026
NatWest customers, including business banking users, are commonly targeted by impersonation scams involving spoofed calls from someone claiming to work in the bank's fraud department. The pitch is almost always the same: your account has been compromised, and the only way to protect your money is to move it to a new account immediately.
Business customers face an additional variant — invoice fraud, where scammers pose as a supplier or as NatWest itself to redirect a genuine payment to a fraudulent account by claiming bank details have 'changed'.
NatWest is the victim of this impersonation. The bank publishes ongoing scam warnings and, like other major UK banks, states clearly that it will never ask a customer to transfer funds to a 'safe account'.
How scammers impersonate it
- Spoofing NatWest's real customer service number on caller ID
- Posing as the NatWest fraud team and claiming your account is under attack
- Instructing victims to move funds to a new 'safe' account during a supposed investigation
- Sending phishing texts and emails with links to fake NatWest login pages
- Posing as NatWest or a supplier to redirect business payments by claiming bank details have changed
What the real organisation never does
- Ask you to move money to a 'safe account', even temporarily
- Ask you to read out a one-time passcode sent to your phone
- Ask for your full online banking password or PIN
- Send you a link by text or email to log in to online banking
- Notify a change of business bank account details by unsolicited call or email alone
Common red flags
- Urgency and fear about an ongoing attack on your account
- Any instruction to move or transfer money to protect it
- A request to read out a one-time passcode
- A link used to log in rather than the official NatWest app
- An email or call claiming a supplier's bank details have changed, with no independent confirmation
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
Call: 'This is NatWest fraud prevention — your account has been compromised. Please transfer your funds to the secure account we'll provide.'
Email: 'NatWest Business Banking: Please note our account details have changed. Update your records and resend the payment to [fraudulent account].'
How to verify
- Hang up and call 159 or the number on the back of your card
- Log in only through the official NatWest app or by typing the address directly into your browser
- Never move money anywhere at the instruction of an unsolicited caller
- For business payments, verify any change of bank details by phone using a known, independently sourced number — never one provided in the email itself
What to do if you're targeted
- Do not move money, share codes, or click links in the message
- Contact NatWest directly through the app, the number on your card, or by calling 159
- Report the scam to Action Fraud at actionfraud.police.uk
Frequently asked questions
A supplier emailed to say their NatWest account details changed — should I just update my records?
No. Always verify a change of bank details by phone using a number you already have on file, not one provided in the email. Invoice fraud commonly uses exactly this kind of message to redirect payments to a scammer's account.
Can I trust a call that appears to come from NatWest's real number?
No. Caller ID can be spoofed to display any number, including NatWest's genuine customer service line. Hang up and call back using 159 or the number on your card rather than trusting the display alone.