We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
MSE News: 'I lost £17,000 from my TSB account after fraudster's call'
Comments
-
The MSE news article seems to believe this is an 'authorised push payment' scam, which I understand to be when a customer logs in to their account and transfers money to an account number belonging to a fraudster.
It's still 'push payment.'So yes, Rachel was gullible for reading out the six digit code, but TSB's security had already been breached.
As already noted, the second factor is part of the security, exactly to prevent this sort of thing happening....Conjugating the verb 'to be":
-o I am humble -o You are attention seeking -o She is Nadine Dorries0 -
You absolutely do not need to turn your mobile phone off and back on again. Hanging up on a mobile terminates the call. As to landlines, pulling the line cord out of the socket won!!!8217;t do anything, but IIRC BT have tweaked things anyway so it!!!8217;s unlikely to be an issue but calling from a different line or a mobile device is a reasonable suggestion.
To be absolutely fair, switching your mobile off and then on again, is hardly a chore and it's something I would personally do, but again, that is me. As for the landline business of pulling the plug, well I do have a landline but I never use it, it is there for the fibre broadband element only, so I don't even have a phone plugged into the Master socket. That achieves one thing at least, I never, ever get a scam call! I just know that a the last time I did use the landline at home, you could put the receiver down and on more occasions than I care to remember, the line was still left open when I picked up the receiver again, so in one respect you are correct, possibly pulling the plug from the socket won't help, but at least if you try calling your own number and it is engaged, you know something isn't right and you can use another phone if available.
The problem with most human beings, is this burning desire to answer the telephone when it rings, mostly out of the fear that the call might be important. Our lives are full of 'what ifs', but as far as I'm concerned, if it's that important, they will leave a voicemail message assuming you have it set it up. Scammers generally only let the phone ring for 5 rings anyway as lots of voicemail are set up to divert to voicemail soon after and if it goes to voicemail, they have to pay for the call. This is why if you don't answer immediately, they cut the call off and then if you're of a nervous disposition, they're hoping you'll call back in case the call was important and then they've achieved one of two things, they can either attempt to scam you with their rubbish, or they've routed your call through a premium number so you're paying £2 a minute for the call.0 -
In cases like this, banks absolutely share the lion's share of the blame.
For years, banks have maintained procedures where they call customers' mobile phones in cases of suspected card theft or unauthorised transactions. Typically they then ask to verify personal customer information. I have direct experience of this from at least Nationwide, Santander and TSB, but I have heard about it from most major banks. In each case I have later verified that the call was genuine. They call you out of the blue and expect you to be willing to verify yourself, and if you ask "how do I know you are who you say you are?" they are generally nonplussed and can't suggest how to move forward.
Some banks also send text messages as part of this kind of process, with content like "A transaction was made at xx:xx for £xx.xx to xxxxxx. If this was you, please reply with 'Yes', otherwise please call 555-5555".
These patently insecure practises have conditioned customers to expect their banks to sometimes call them on their phone and sometimes ask for personal information.
Banks now create arbitrary "security education" to try to shift the blame onto customers - "We may call you on your phone, but we will never ask for characters from your password" (even though they might ask for date of birth, secret answer or details of last transaction) or "We will never ask you on the phone for a verification code from a text message" (even though they might ask you for a bunch of other stuff).
To most people, it's confusing and arbitrary, especially in a stressful situation.
What banks should have done since the beginning is have a policy of "We will never call you and ask for any personal information of any kind. We will only ever call or text you to ask you to call us on the number on the back of your credit or debit card. If anyone ever calls you for any reason, if they ask you to do anything other than call the number of the back of your card, they are a scammer."
If they had done that, and spent years educating the public on a clear and simple rule, maybe I would be more open to putting more of the blame on the customer in cases like this. But they did nothing close to that. They set up insecure and confusing systems.
Yes, cases like this could be avoided if every bank customer were perfectly savvy, well educated on security best practises and always reacted calmly under pressure. But we know most people aren't like that, and given that banks have vastly more resources and are in the business of financial security, responsibility must fall on them to create secure, easy-to-use, easy-to-remember systems and procedures. Until they do so, I will never blame the customer in cases like this.0 -
What you don't mention is that security codes received by text are generally (always?) accompanied with strong warnings about never sharing them with anyone.0
-
What you don't mention is that security codes received by text are generally (always?) accompanied with strong warnings about never sharing them with anyone.
SMS sent to me by my bank*. (OK, it's not a security code, but still, it mentions a phone number to ring, not suggesting you go look it up yourself...
Sainsbury's:
And it's not just banks doing this sort of thing:
----
* It looks like an email because my SMS are backed up to GMail, which is where this screenshot is from.Conjugating the verb 'to be":
-o I am humble -o You are attention seeking -o She is Nadine Dorries0 -
Whereas I get the point, I don't think you are comparing like-to-like there, but I should have been more specific.0
-
MSE are becoming as bad as Daily Mail in their reporting of non-essential rubbish. Just like when DM runs an article on someone and will quote how much their house is worth or some other inane BS.A vet who was called by a fraudster pretending to be from TSB
Who cares what job she does? What relevance does that have to the article? Is the implication that being a vet means she is held higher than others and has more intelligence? Clearly not.My mum is a lawyer and my dad is a cop.
Who in the UK uses terms such as lawyer or cop? Surely it would be solicitor or police officer, not that it matters though, again why were her parents occupations even mentioned? To highlight that she comes from some kind of high achieving/intelligent family?I saved that for a really long time. I got some of the money doing night shifts and one time I worked 24 hours straight, so when I think how hard I worked for it, it's quite bad.
No sh*t sherlock! Honestly what was the point?I'm a Board Guide on the Credit Cards, Loans, Credit Files & Ratings boards. I'm a volunteer to help the boards run smoothly, and I can move and merge threads there. Any views are mine and not the official line of moneysavingexpert.com0 -
If I were to walk into a bank with a baseball bat, balaclava, a sack, fake IDs, and there were fake licence plates in the boot of my vehicle in order to change them once I'd made my getaway to evade detection, the fact that I've tricked someone with legitimate access to the secure area to let me through would not change the fact that if I take money I have robbed a bank.
Similarly, the person tricked would be a victim of crime regardless of whether I managed to get through the door by persuasion or by force.0 -
HornetSaver wrote: »If I were to walk into a bank with a baseball bat, balaclava, a sack, fake IDs, and there were fake licence plates in the boot of my vehicle in order to change them once I'd made my getaway to evade detection, the fact that I've tricked someone with legitimate access to the secure area to let me through would not change the fact that if I take money I have robbed a bank.
Similarly, the person tricked would be a victim of crime regardless of whether I managed to get through the door by persuasion or by force.0
This discussion has been closed.
Categories
- All Categories
- 346.5K Banking & Borrowing
- 251.3K Reduce Debt & Boost Income
- 451.3K Spending & Discounts
- 238.7K Work, Benefits & Business
- 614.1K Mortgages, Homes & Bills
- 174.7K Life & Family
- 251.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 15.1K Coronavirus Support Boards