Truffles Bakers and Confectioners has been subject to online fraud after losing £19,600 from its NatWest account.

After an email supposedly from HM Revenue & Customs was opened by general manager Gabby Taylor, a virus gained access to the company computer. It then stored any details input into its system.

Reported on, the computer’s anti-virus software alerted Taylor to the possible problem, but she assumed any issues had been dealt with.

She then logged into the NatWest online banking site, entered the required details to process a payment, and was subsequently logged out of the account once all the information had been included.

The general manager attempted to log in again, this time gaining access, and entered a code from the NatWest keypad device to complete her payment.

The internet browser instantly closed and refused to open. The company’s outsourced IT help service confirmed an attack via the virus.

When Taylor returned to check the business account, it stated that £19,600 had been taken and paid into a Lloyds Bank account.

Commenting on a £20,000 loan offered by NatWest to, Truffles said the offer was a bid to “profit from its misfortune”.

In an official letter to the business, NatWest said that Truffles’ “authorised Bankline user divulged a challenge code to a third party, leading to the loss”, which is a breach of Bankline’s security terms.

NatWest added that “the bank does not accept it has any liability” for the loss caused from the Trojan virus.

Truffles, founded in1982, employs 200 staff who are paid weekly.

Speaking to, Taylor said: “We have been left flabbergasted by the decision from the bank and as a result are probably going to leave NatWest. There needs to be tougher regulation around the issue of online banking – especially for small businesses.”