New wave of phishing impersonating UK banks—especially Lloyds—poses as routine policy updates to steal one‑time passcodes and account access. Spot red flags (check sender, hover links, never click email links); AI makes scams more convincing.