While we have robust internal measures to keep your transfers secure and safeguard you from fraud, there are crucial actions you must take to protect yourself from external threats.
We count on you to verify that the person you're paying is legitimate and that the account information you've received is accurate. Fraud is a growing risk for all, and unfortunately, recovering funds sent to fraudsters is not always possible.
If you ever have any doubts about a transaction or communication, please reach out to us immediately.
Fraud comes in many forms, some of which are highly sophisticated and hard to detect. Below are some of the most common scams and key signs to look out for.
Pension fraud
Pension fraud occurs when someone deceives you into giving them part or all of your pension. Scammers often pose as offering investment opportunities, free pension assessments, or methods to take advantage of a 'loophole' that allows you to access your pension early or without paying taxes.
Impersonation fraud
Impersonation fraud occurs when a scammer pretends to be someone you know and trust, such as a friend, family member, colleague, or a representative from a reputable organization. They may use technology to make phone numbers, email addresses, or websites appear authentic.
Identity theft and fraud
Identity fraud occurs when a criminal gathers enough personal information to steal your identity and use it for illegal activities. For instance, they might open a credit card in your name or apply for a passport using your identity, allowing them to travel undetected.
Romance fraud
Relationship fraud, or romance fraud, happens when someone pretends to have romantic or emotional intentions to earn your trust. They exploit the connection they've created to manipulate you, often aiming to deceive you into giving them money or stealing your personal information to commit identity theft.
Investment fraud
Investment fraud occurs when a scammer deceives you into giving them money by pretending to offer a lucrative investment opportunity. This is often followed by a secondary scam, where the fraudster promises to help you recover the lost funds.
Online shopping fraud
Shopping fraud happens when a criminal pretends to be a business or individual in order to deceive you into purchasing something that isn’t real. Their goal may be to steal your money or valuable information, like your credit card details, which they can later use in another scam.
Fake banking websites
Bank imitation website scams are a form of impersonation fraud where scammers design counterfeit websites that resemble real banking sites. They typically deceive people by sending phishing emails or text messages that look legitimate and include links to these fake websites.
AI-generated scams
AI fraud occurs when scammers use artificial intelligence to trick individuals into revealing money or personal information. AI can be employed to generate realistic phishing emails or text messages, while more sophisticated tools can clone voices and create "deepfake" images and videos.
Explore our latest articles on fraud prevention, highlighting common scams, warning signs to be aware of, and tips for safeguarding yourself.
If you have any concerns about a transaction or the security of your account, our team is here to help. If you spot something suspicious or believe you may have fallen victim to fraud, please contact us immediately at +44 (0) 1736 335 250 or [email protected]
You can also reach out to the following organizations for further assistance and fraud advice:
An Authorised Push payment Fraud, or APP fraud, happens when someone is tricked into sending money to an account which they do not control.
The Fraud Reimbursement Rules are new UK-wide rules which change the way that APP fraud is dealt with by UK financial services businesses and came into force on 7th October 2024. They may, depending on certain criteria, mean that you may be reimbursed for any APP fraud.
Firstly, if you think that you have been the victim of an APP fraud, you should contact us as soon as possible to notify us of a potential reimbursement claim under the Fraud Reimbursement Rules. Once we receive your claim, we will review it and if it is in scope reimburse you within five business days – although it can take up to 35 business days if we need further information from you.
A £100 excess may apply. This means that if you make a claim of £1,000, you’ll get £900 back. You may not get any money back if your claim is under £100.
Please note, these rules apply to Faster Payments and CHAPS payments, and in GBP, only. They don’t apply to payments made in another currency or to payments made overseas, outside of the United Kingdom, or any payments made using cheque or card. There are certain other exceptions where we might not reimburse you, for example, where you may not have followed any fraud warnings that we have provided, or where you haven’t shown an appropriate level of caution.
We may need further information from you as part of your claim, and you will need to respond to these requests promptly. Once you’ve made a claim, we may ask you to report the details of the APP fraud to the police and provide any reference numbers that you have been given – you should do this to ensure that the police can investigate and take action.
If you wish to report a potentially fraudulent transaction, please contact us.
Password security
Nowadays, a password is required for nearly everything. With so many accounts to keep track of, it's tempting to rely on familiar words and phrases.
However, as tempting as it might be, using your birthday or your pet’s name won’t be sufficient if you want to keep your account secure.
Here are our top tips for creating ultra-secure passwords.
Use a minimum of 12 characters
There’s no strict rule about the ideal password length, but 12-14 characters is a good general guideline.
Include a mix of numbers, symbols, uppercase, and lowercase letters
Websites don’t ask for complicated passwords just for the sake of it – using a variety of character types makes your password harder to crack by fraudsters' software.
Avoid personal information
In today’s digital age, details like your birthdate, place of birth, or pet’s name are easy to find online. Passwords based on personal information are much easier to guess than those using random words or phrases.
Even if your passwords don’t contain personal details, it's important to control what information is available about you online. Check the privacy settings on your social media accounts, review privacy policies on sites you visit, and be cautious when participating in online surveys or quizzes that request access to your social media profiles.
Make it strong
When creating a password, think outside the box and use an unexpected combination of words, replacing letters with special characters or numbers that don’t resemble the original letter.
For example, bLuesWan37?? meets all these criteria and would take a computer 63,000 years to crack. Two random words make a decent password, but three are even stronger. bLuesWan37??Guit@r would take 380 quadrillion years to break!
Check your password strength
If you’re unsure about your password's strength, test it using a secure, reputable online checker. It will estimate how long it would take to crack your password, giving you the chance to try different combinations until you’ve created a near-impossible password.
Use unique passwords
Creating secure passwords and trying to remember them can be overwhelming, but using one password for multiple platforms undermines all your efforts. If a fraudster gains access to one of your accounts, they could access many others.
Use different passwords for each account to reduce the risk of widespread damage if one account is compromised.
Don’t share your password
Never share your password with anyone. One common issue with complicated passwords is that people are tempted to write them down so they don’t forget them. Resist this urge and try to memorize your new passwords instead.
Set a reminder to change your password regularly.
At TorFX, we will never ask for your password, and you should never share it with us - even if it seems like we've requested it.
If you believe your password is no longer secure, change it immediately.
Changing your password is easy - just follow this link.
Computer, mobile and tablet security
Everyday internet use can expose you to opportunistic fraudsters if you don’t take the necessary steps to protect yourself.
Here are some simple tips to help keep your computer, mobile, and tablet secure.
Keep your computer secure
Ensure that you have active anti-virus software and that your software and apps are regularly updated. Updates and patches often fix security vulnerabilities.
The P-word
Make sure your home Wi-Fi is password-protected and use the password tips provided in our security section to make it strong.
Log out when finished
If you're using a computer that isn't yours, avoid ticking the 'Remember me' option, and always log out once you're done.
Public Wi-Fi safety
When connecting to public networks (like those in bars or cafés), ensure they are ones you trust. We recommend avoiding public Wi-Fi whenever possible, as these networks are often targeted by cybercriminals. If in doubt, it's safer to use mobile data instead of public Wi-Fi.
Also, when logging into secure sites in public, make sure to check your surroundings to ensure no one is watching you.
Beware of suspicious links
While browsing the web, be cautious about clicking on links or pop-ups that seem suspicious. Fraudsters often use tactics such as offering prizes, creating urgency, or making threats to lure you into clicking malicious links. Typical messages might include: "You’ve won £1000! Click here to claim," "Your computer is under attack! Click here...," "Do this or your account will be restricted...," or "You’ve accessed illegal content, click here to avoid legal action..."
Choose your security questions wisely
When setting security information (such as answers to security or password recovery questions), be aware that any personal information you've shared on social media or other online platforms could be accessible to hackers and fraudsters. Choose questions that only you are likely to know the answer to whenever possible.
Check for authenticity
When visiting TorFX's website, always type the address directly into the browser or select it from a trusted search engine. Look out for these signs to confirm that the site is legitimate:
Sending funds securely
When making an international payment, it’s essential to have full confidence in the legitimacy of the recipient.
Verify the recipient's details and the reason for the transfer and never feel pressured to send funds if you're not entirely sure or comfortable with the payment.
Email security
When you receive an email it’s important to verify that it’s from a legitimate source.
We send several different types of emails to make sure you have access to all the information you need to plan your currency transfers at the right time, and there are points you can check to ensure the email you’ve received is from our team.
Give any email you receive from us a proper scan before clicking any of the links within it.
If there’s anything unusual about the communication or anything you would like to check, contact your Account Manager directly or email [email protected]
What should you look out for?
Contact your Account Manager or email [email protected] and we’ll let you know if it’s a genuine prize.
Telephone and text message security
Receiving unsolicited phone calls and texts is something we’ve all had experience of, but some scam calls can sound very convincing.
These simple steps can help protect you from fraudulent calls and texts.
Before answering a call
Fraudsters can make themselves appear genuine using legitimate caller IDs.
Enter the number into a search engine to check whether it belongs to a real company/a company you’re comfortable talking to.
If you think a call is from us but you aren’t sure, check the numbers listed on the contact section of our website. You can also add your Account Manager’s number to your address book, so you always know it’s them calling.
After you’ve picked up
When on a call never ever give out passwords or key security information, no matter who the person on the other end of the phone claims to be.
Text messages
We will send you occasional texts under very specific circumstances, for example if you’ve set a rate alert or have requested a One Time Pin.
If you receive a text message asking you to reply with a password, to call an unfamiliar number, or to click on a link, ignore it and contact your Account Manager by phone or email.
Tactics to prepare for
With any unsolicited calls or emails look out for these particular traits and tactics:
Online service and app security
Our online service and app have a number of inbuilt features to protect your transactions.
Online service and app
App only
Reporting fraud
If you notice something suspicious or think you may have been a victim of fraud, please let us know as soon as possible by contacting us on +44 (0) 1736 335 250 or [email protected]
Protecting yourself from fraud
We’re confident in the security systems we have in place but it’s vital that you stay vigilant too.
Our Fraud FAQs provide lots of useful information about protecting yourself from fraud, while our Help with fraud section has links to useful organisations.
Remember, an offer being too good to be true, being asked to send money out of the blue or being put under time pressure can all be warning signs. Never send a payment if you have any concerns and contact us immediately if you do – we’re here to help.
We can accept no responsibility for funds being sent to the wrong account based on the content of a fraudulent email, so always verify that any payment details sent or received by email are genuine, using a trusted source.
Scams to watch out for
The red flags and warning signs to look out for can differ depending on the reason for your payment. Below are some of the main things to be wary of.
Be particularly careful about sending money to someone you’ve never met in person, especially if you made contact via a dating app. Are they now asking for help with medical fees, housing or travel costs? Are they genuine?
Also beware impersonation scams, where you’re asked to send money to a family member who’s in trouble. Always contact that relation independently to check that a fraudster hasn’t got hold of their phone or hacked their social media accounts.
Have you checked that the goods exist, and that the supplier is genuine?
Be wary if you’re asked to pay a deposit or a big fee up-front as this could be an advance fee scam. Where possible, always check online reviews and get an invoice before paying anything.
Have you met the supplier? Do they have a registered business address? Are the contact details given by the supplier vague (maybe just a PO Box and a mobile or premium number)? Always verify that the person or business you’re dealing with is legitimate before sending a payment.
Fraudsters can intercept payments and redirect money to their own accounts, often by sending out a false invoice or email featuring their own account details. Make sure that the account details you’re paying into are genuine and think about sending a small payment first to check that the money has gone to the right place. This type of fraud is a particular risk in the property and real estate sector.
If an investment sounds too good to be true (high returns and low risk), it could turn out to be a scam.
Be wary of dealing with any company that approaches you out of the blue and always check that the property or investment you’re buying exists.
Is the broker willing to supply his/her copy ID? Does the company promoting the investment have a registered business address? Are the contact details vague (maybe just a PO Box and a mobile or premium number?) What do the online reviews say?
Are you being put under pressure to buy? Always check the FCA Register to see if there are any warnings about the individual or company you’re dealing with and look at the FCA’s Warning List. Seek advice from an FCA regulated firm before going ahead.
Help with fraud
You can get additional help and advice on fraud from the following organisations:
I think I’m the victim of a scam in connection with my account. What do I do?
Contact us as soon as possible on +44 (0) 1736 335 250 or [email protected]
You can also report fraud to the police via Action Fraud using their on-line reporting tool or by calling 0300 123 2040.
If you’re not based in the UK, inform the police or anti-fraud authorities in your own country.
What can I do to protect myself against fraud?
These are some key actions you can take…
The above isn’t a full list but it gives you an idea of the type of questions you should be asking. You’ll find more on this in our Scams to watch out for section.
How do I spot someone trying to de-fraud me?
We’ve listed a range of red flags based on different transfer requirements in our Scams to watch out for section. It’s crucial that you take the time to check that your payment isn’t falling into the wrong hands.
If you ever notice anything out of the ordinary or have any security concerns, give us a call on +44 (0) 1736 335 250 or email [email protected]
Highest level of creditworthiness | ||
---|---|---|
TorFX is proud to hold a Level 1 rating from leading credit rating agency Dun & Bradstreet. Dun & Bradstreet provides Scores and Ratings to help customers identify the risk levels of organisations. The D&B Rating provides a quick and clear indication of the credit-worthiness of an organisation, which helps customers to identify any risks. | ||
![]() |
Organisation: | Tor Currency Exchange Ltd (73-940-3512) |
Rating: | 1 (Highest level of creditworthiness) | |
Risk Level: | Minimum risk |
TorFX is authorised by the Financial Conduct Authority as an Electronic Money Institution under the Electronic Money Regulations 2011. Our FCA Firm Reference Number is 900706.
Find more Security information here