Victim of Sophisticated Bank Fraud £4000
The fraudsters didn't even ask for account or password details: Victim of sophisticated banking con reveals how she was tricked into transferring £4,000 to scammers
Few weeks ago, I broke down in sobs in front of my bank manager. Other customers eyed me curiously as the blood pounded in my ears and nausea crept over me.
I had just been told I was £2,000 overdrawn, despite having transferred £4,000 into a new account the day before. No, I wasn’t coming to terms with having indulged in a sudden spending spree. I had been scammed.
It’s not just pensioners and the vulnerable who fall victim to scammers these days. I am neither gullible nor a Luddite. I’m a middle-aged mother-of-three who considers herself to be sassy and alert.
I thought I would always be safe from such cons: I know not to give bank details over the phone and scoff at emails purporting to be from HMRC or Paypal, with links to ‘get your refund now’.
But what my experience shows is that we all need to be aware that things have moved on from ‘phishing’ — the term for when criminals use fake email or bogus websites.
We’ve since had Smishing (SMS phishing via text messages) and we’re now on to Vishing — phone calls where fraudsters impersonate bank staff so plausibly they are able to talk you into transferring money into their account.
Officially known as ‘Authorised Push Payment fraud’ or APP, this is how my money ended up being transferred into a random Barclays Bank account, now empty.
APP is one of the fastest growing types of fraud. There have been 19,370 reported cases in the past six months, with an estimated £101.2 million transferred to fraudsters in that period.
With APP, the average loss to an individual is around £3,000, although these figures are just the tip of the iceberg, as many people don’t even report it because they fear they will be ridiculed or dismissed as stupid.
The sad fact is, defrauding people like me — and you — is ‘big business’. According to one fraud analyst: ‘These people work for large organisations in an office like yours, with a photocopier in the corner and a plant on their desk.
‘They’re trained in how to use sophisticated psychological techniques to exploit consumers and are completely heartless — and they are always one step ahead of the banks.’
Not long ago, I was cooking supper for my teenagers when I received an automated text saying a new phone number had just been registered with my NatWest online account. Five minutes later, the bank rang
The 0345 number that came up on my mobile’s display was the main switchboard number for NatWest — I had it saved in my phone a while ago so I could be sure.
‘We suspect some suspicious activity on your account and I need to check a couple of things with you,’ said the lady who introduced herself as one of the NatWest fraud investigation team. She sounded a bit like my mum, very well spoken and with a tone that was concerned, yet calm and professional.
‘We’ve noticed a direct debit has been set up for John Lewis for £1,150 and one with the mobile phone network GiffGaff for £45.’
My heart began pounding. No, I hadn’t set them up, I gabbled.
‘We’ve noticed an IP address from Bristol has logged into your account a few times today. Was it you?’
‘No it was not,’ I said, worried but also relieved that my bank was on the case.
Four years earlier I’d been scammed when someone got hold of my bank details —possibly by intercepting a statement — and set up a banking app in my name, using their own phone number.
Whoever it was then told the bank they had lost the bank card and needed to get cash out, so they were given a four-digit code.
The fraudster then used the four-digit code instead of a bank card to withdraw money from a branch in North London. I had £2,000 taken out of my bank account — £500 a time over four days — in this way.
NatWest refunded me on that occasion, but now it sounded like the fraudsters were back.
I switched off the hob and gave the lady my full attention. I’m aware many emails and phone calls are from scammers and so usually ignore them, but as it says on NatWest’s own website: ‘If we hold your mobile number, we will send you an SMS to confirm some activities on your account and check that it was you that made the transaction or changed some of your information . . . If we suspect or become aware that your account may be subject to fraud, we will attempt to contact you.’
This was my follow-up call from the bank after that preliminary SMS warning — wasn’t it?
It’s usually at this point in the story that friends ask: ‘But why did you give her your account details?’
And this is the strangest thing about it: I have never given my account details on the phone to anyone. The woman knew all my details already. At no point did she ask for my account number, sort code, even my name. The only thing she asked was for the first and third letter of my password — just as any bank does during a phone call.
Looking back, the woman I spoke to must have been working from a sophisticated script based on the bona fide NatWest advice and information you can find on its website. Even the background noise was exactly the same as when I talk to my bank.
Perhaps she had worked for a bank before — apparently it’s a career history of many fraudsters.
The woman had also created a situation where I felt that I was the one in control. At no point had I revealed any details about my account or myself.
In fact, I’d been the one who asked if my account could be frozen so no money could be taken out. I’d been the one who asked if I could open a new account.
Or had I? I began to wonder if I’d somehow been hypnotised: it was preferable to believing that I had authorised a transaction and been tricked.
Few weeks ago, I broke down in sobs in front of my bank manager. Other customers eyed me curiously as the blood pounded in my ears and nausea crept over me.
I had just been told I was £2,000 overdrawn, despite having transferred £4,000 into a new account the day before. No, I wasn’t coming to terms with having indulged in a sudden spending spree. I had been scammed.
It’s not just pensioners and the vulnerable who fall victim to scammers these days. I am neither gullible nor a Luddite. I’m a middle-aged mother-of-three who considers herself to be sassy and alert.
I thought I would always be safe from such cons: I know not to give bank details over the phone and scoff at emails purporting to be from HMRC or Paypal, with links to ‘get your refund now’.
But what my experience shows is that we all need to be aware that things have moved on from ‘phishing’ — the term for when criminals use fake email or bogus websites.
We’ve since had Smishing (SMS phishing via text messages) and we’re now on to Vishing — phone calls where fraudsters impersonate bank staff so plausibly they are able to talk you into transferring money into their account.
Officially known as ‘Authorised Push Payment fraud’ or APP, this is how my money ended up being transferred into a random Barclays Bank account, now empty.
APP is one of the fastest growing types of fraud. There have been 19,370 reported cases in the past six months, with an estimated £101.2 million transferred to fraudsters in that period.
With APP, the average loss to an individual is around £3,000, although these figures are just the tip of the iceberg, as many people don’t even report it because they fear they will be ridiculed or dismissed as stupid.
The sad fact is, defrauding people like me — and you — is ‘big business’. According to one fraud analyst: ‘These people work for large organisations in an office like yours, with a photocopier in the corner and a plant on their desk.
‘They’re trained in how to use sophisticated psychological techniques to exploit consumers and are completely heartless — and they are always one step ahead of the banks.’
Not long ago, I was cooking supper for my teenagers when I received an automated text saying a new phone number had just been registered with my NatWest online account. Five minutes later, the bank rang
The 0345 number that came up on my mobile’s display was the main switchboard number for NatWest — I had it saved in my phone a while ago so I could be sure.
‘We suspect some suspicious activity on your account and I need to check a couple of things with you,’ said the lady who introduced herself as one of the NatWest fraud investigation team. She sounded a bit like my mum, very well spoken and with a tone that was concerned, yet calm and professional.
‘We’ve noticed a direct debit has been set up for John Lewis for £1,150 and one with the mobile phone network GiffGaff for £45.’
My heart began pounding. No, I hadn’t set them up, I gabbled.
‘We’ve noticed an IP address from Bristol has logged into your account a few times today. Was it you?’
‘No it was not,’ I said, worried but also relieved that my bank was on the case.
Four years earlier I’d been scammed when someone got hold of my bank details —possibly by intercepting a statement — and set up a banking app in my name, using their own phone number.
Whoever it was then told the bank they had lost the bank card and needed to get cash out, so they were given a four-digit code.
The fraudster then used the four-digit code instead of a bank card to withdraw money from a branch in North London. I had £2,000 taken out of my bank account — £500 a time over four days — in this way.
NatWest refunded me on that occasion, but now it sounded like the fraudsters were back.
I switched off the hob and gave the lady my full attention. I’m aware many emails and phone calls are from scammers and so usually ignore them, but as it says on NatWest’s own website: ‘If we hold your mobile number, we will send you an SMS to confirm some activities on your account and check that it was you that made the transaction or changed some of your information . . . If we suspect or become aware that your account may be subject to fraud, we will attempt to contact you.’
This was my follow-up call from the bank after that preliminary SMS warning — wasn’t it?
It’s usually at this point in the story that friends ask: ‘But why did you give her your account details?’
And this is the strangest thing about it: I have never given my account details on the phone to anyone. The woman knew all my details already. At no point did she ask for my account number, sort code, even my name. The only thing she asked was for the first and third letter of my password — just as any bank does during a phone call.
Looking back, the woman I spoke to must have been working from a sophisticated script based on the bona fide NatWest advice and information you can find on its website. Even the background noise was exactly the same as when I talk to my bank.
Perhaps she had worked for a bank before — apparently it’s a career history of many fraudsters.
The woman had also created a situation where I felt that I was the one in control. At no point had I revealed any details about my account or myself.
In fact, I’d been the one who asked if my account could be frozen so no money could be taken out. I’d been the one who asked if I could open a new account.
Or had I? I began to wonder if I’d somehow been hypnotised: it was preferable to believing that I had authorised a transaction and been tricked.
Comments
Post a Comment