Fake NatWest email falsely claims FCA is making biometric login mandatory
Impersonating: NatWest
What is this scam?
Phishing emails impersonating NatWest falsely tell recipients that the Financial Conduct Authority has made biometric login — using a fingerprint or facial recognition — mandatory for all online banking customers. The email creates urgency by implying the recipient must update their login method immediately to avoid losing account access. Clicking the link leads to a fraudulent site designed to harvest banking credentials and personal details. The FCA does require Strong Customer Authentication but has not mandated biometric checks, and NatWest never sends unsolicited emails with embedded login links.
Example scam message
Red flags to look out for
- The message creates urgency — threatening a fine, missed delivery, or account closure.
- Links lead to unofficial domains that don't match the real company's website.
- You weren't expecting this message and can't verify the event it references.
- It asks you to confirm payment details or personal information via a link.
- The sender's number or email address doesn't match the company's official contact.
What to do if you receive this
- Do not transfer money — your bank will never ask you to move funds to a 'safe account'.
- Hang up and call your bank directly on the number printed on the back of your card.
- Report it to Action Fraud at actionfraud.police.uk.
- If you've already transferred money, contact your bank immediately and ask about the APP fraud refund scheme.
Not sure if your message is a scam?
Check it instantly with our free AI-powered detector.
Check a message nowSource: Which?