Find out how fraudsters claim to be from the FCA and other organisations, and what you can do to spot and avoid these scams.
Some fraudsters contact people and firms through emails, letters and on the phone, claiming to be from the Financial Conduct Authority (FCA) or using the name of FCA employees to make them seem genuine.
We would never ask a consumer for personal information like bank account details or internet banking passwords.
Fake versions of our websites
Fraudsters may create copies of our websites and modify some of the information on them. They may change our warnings pages for example so it appears that scam firms are authorised by us when they are not. These cloned websites can be very convincing with links that work and contact us information.
You can check whether our website is genuine by checking the web address (domain name or URL), which appears in the address bar at the top of the webpage. It should always begin with: www.fca.org.uk or register.fca.org.uk for the FS Register website.
Our online systems for firms have web addresses that start with:
We are receiving letters and phone calls from individuals telling us that they do not consent to the FCA sharing their banking details with any third party. These communications appear to be linked to a recent YouTube video which seems to be causing confusion about the role of the FCA and what we do with information we hold about people.
The FCA does not routinely collect or make available individual bank account details as the incorrect claims in this video suggest. There is, therefore, no need for anyone to contact us with a statement refusing consent.
How fake FCA correspondence works
The scammers may contact you by email, post or a phone call and claim to be from the FCA or use the name of an employee, to give the impression that the communication is genuine.
We send emails from addresses ending in @fca.org.uk and @fcanewsletters.org.uk, but be aware that fraudsters can ‘clone’ these email addresses to make their emails seem genuine. Find out the FCA email addresses we have been told fraudsters are using.
The fake emails and letters may contain our logo or other images taken from our website or publications. The fraudsters may say you owe us money or ask for personal information such as copies of your payslips or passport.
You may also be told you are entitled to a sum of money, perhaps because we have collected it from a bank, and that we need your bank account details to make the payment. However, the fraudsters intend to access your account, using the details you have given them, to remove money from it.
The fraudsters may also claim to be from the organisation that used to regulate financial services in the UK, the Financial Services Authority (FSA).
Remember: if it sounds too good to be true, it probably is!
Keep in mind that we would never contact members of the public asking for money or your bank account details.
The correspondence is likely to be linked to organised fraud and we strongly advise you not to respond to the criminals in any way.
Look for signs that the email, letter or phone call may not be from us, such as it listing a mobile or overseas contact phone number, an email address from a hotmail or gmail account, or a foreign PO Box number. Scam emails or letters often contain spelling mistakes and poor grammar.
If you are in any doubt about the authenticity of contact from the FCA, call our Consumer Helpline on 0800 111 6768.
There are more steps you can take to protect yourself from unauthorised firms.
You can also find out more about reporting a scam.
More fake communication scams
You should also beware of emails or calls claiming to be from HMRC and offering a tax rebate. HMRC never sends emails or calls about tax rebates, or asks for personal or payment information in this way. For more information see HMRC’s examples of phishing emails.
Caller ID spoofing
We have been told scammers are making our switchboard numbers – 020 7066 1000, 0300 500 8082 and 0800 111 6768 – appear in the caller ID of people they contact. Ofcom explains how to avoid ‘caller ID spoofing’ and why not to give any information to these people or call them back.