Keeping your account safe
When you save with us online, we guarantee your money is safe. In the unlikely event that money is fraudulently taken from your NS&I accounts or investments by someone else, we'll reimburse you. All we ask is you follow our recommendations for keeping your information safe.
We follow banking industry best practices to protect you online. Whenever you make an online transaction with us, we protect your personal details (like your debit card numbers and account balances) by encrypting them.
Our liability for losses due to unauthorised payments
- If you deny having authorised a payment, it's for us to prove the payment was authorised.
- If a payment from your account wasn't authorised by you, we must (within a reasonable period) refund the amount to your account.
'Phishing' is when a fraudster pretends to be someone else, like your bank, to try to trick you into giving them your personal or sensitive information. A phishing email can look very similar to a genuine email from a trusted company or person you know. And it will normally ask you to do something that will benefit the scammer. A phishing email could include any of the following messages:
- "Your account has been blocked. Please click the following link to verify your account log-in to gain access.”
- “Your account has been compromised. Please change your password using the following link.”
- "To claim your refund, please click the following link.”
We’ll never send you a link in an email going directly to our login page, or ask you to enter your online banking details. Avoid opening attachments or clicking on links if they look suspicious.
If you're concerned about an email that seems to be from NS&I, please send it to us immediately here: email@example.com
We’ll investigate it but we might not always reply to you personally.
Suspicious phone calls
Phone call scams, or 'vishing', is when someone pretends to be calling from a genuine company or person you know to trick you into sending money, or giving them your personal information or security details. If you're suspicious of an unsolicited call you've received claiming to be NS&I, here are some tips to help keep your account safe:
- NS&I will never ask you to transfer money into a ‘safe account’ for fraud prevention purposes.
- If you're unsure of the caller, don't give them personal or security details until you've confirmed the caller is genuine.
- You can always call NS&I back using a trusted telephone number from our website or another communication you've received from us.
Browsing and logging into our website securely
Phishing and look-alike websites are designed to appear like our official website. But they're created by fraudsters to trick you into giving them your personal or sensitive information online.
Here are a few tips to help you check if you’re on our official website:
- Our website address in your browser will always start with “https://” followed by “www.rustynale.com” or “secure3.nsandi.com” once you've logged into your account.
- Look out for the padlock near the website address in your browser. This means it’s a secure connection and less likely to be a fraudulent website.
- You can click on the padlock to view our certificate, which shows that it’s valid and issued to www.rustynale.com.
- Watch out for anything that doesn’t look right like spelling mistakes, unusual pop-ups and poorly laid out screens. If in doubt, don't enter your account details. Just close your web page and contact us.
Although managing your money online is usually safe, it’s your responsibility to keep your details secure too. Here are a few tips to keep in mind:
- Never tell another person your full password, not even someone who works for NS&I.
- We recommend you don’t write down or record your password or security details.
- Avoid choosing a password that’s easy to guess.
- Avoid re-using passwords from other online accounts.
- Be careful when you throw away documents about your NS&I accounts – you may want to shred them first.
- Check your NS&I statements regularly: if you see anything out of the ordinary, get in touch with us straight away.
Liability for losses due to unauthorised payments
- You may be liable if you've acted fraudulently.
- You may be liable if you've intentionally, or through your negligence, failed to comply with the customer agreement (terms and conditions) covering how you give us instructions about your account.
- You may be liable if you fail to take all reasonable steps to keep your security information safe.
- You'll have no further liability after you've notified us of the loss, theft, misappropriation or unauthorised use of your security information (unless you've acted fraudulently).
- You won't be liable if we haven't ensured you're able to report the loss, theft, misappropriation or unauthorised use of your security information (unless you've acted fraudulently).
Please call us straight away if:
- You think you’ve responded to a fraudulent email
- Someone may have seen your security details
- You think someone else has accessed your accounts
Find out more about staying safe and preventing fraud
- Financial Fraud Action– the UK banks’ initiative to help you stay safe online.
- CPNI Digital footprint
- Get Safe Online - how to protect yourself and your money online.
- Action fraud – the UK’s national reporting centre for fraud and cyber crime.
- Cyber Aware – information about cyber security.
- National Cyber Security Centre - providing advice for dealing with common cyber problems