Banks preventing fraud

societys_child

I fail to see how knowing who my internet is with prevents fraud

A fraudster may not know, the bank obviously do, and it's just one of their security questions, along with the others.

Perhaps you like living in a dictator society full of scum.

Scum are people who tell others to:

FO and die in a fire.

Just sayin'




Maybe they don't like you . . .
What you're experiencing has never happened to me

EachPenny

karlie88 wrote: »

Are you sure you phoned TSB?

Just what I'd been thinking... phoning a number you are told to because of 'fraud'... never a good idea.

maniacmartin

This was my immediate thought too. What is the number that you called?

It sounds to me like you probably weren’t initially on the real TSB website at all, but a fake one run by fraudsters. I would call TSB on telephone number printed on the back of your card to clarify, as soon as possible.

colsten

h3456671 wrote: »

They specifically told me those questions are from the scammers at the credit reference companies.

Who are the scammers at the credit reference companies?

colsten

ColdIron wrote: »

Have you considered that it may be the Russians?

The OP's incredible ordeal doesn't bear the hallmarks of Russians. Much more like the Martians, who are specifically after h3456671 as they suspect he is impersonating one of them. As everyone knows, h3456671 is as common a name on Mars as Smith or Jones is on earth.

jonnygee2

It sounds to me like you probably weren’t initially on the real TSB website at all, but a fake one run by fraudsters.

The questions asked were not about secure information though. Fraudsters don't generally set up fake websites and phone lines to check who someone is using as their ISP.

As I say, can anyone explain specifically how answering those questions proves that I'm not trying to commit some huge bank fraud?

You basically experienced an incredibly lousy and poorly thought through 'fraud prevention' system. It's security theatre more than anything.

If you already have to use a card reader to log in (as you claim you do) AND a number through a text, that's three factor authentication, which is obscene. Making the phone call crated a fourth factor, but one that was far more easily breakable than the other three, so utterly pointless.

Generally any two factor system is enough to prevent all but a few extremely sophisticated attempts at fraud. Anything more is just a pain for users. It also fails to prevent debit card fraud which is probably 99% of the fraud that banks and their customers experience.

Still, if you don't like it you could just look for a better bank?! TSB is not exactly known for its outstanding IT systems. If you like the bonuses you get etc you'll just have to live with the rubbish digital service they provide.

colsten

jonnygee2 wrote: »

If you already have to use a card reader to log in (as you claim you do) AND a number through a text, that's three factor authentication, which is obscene.

TSB don't use card readers. Nor do they send you any texts with numbers for logging in. May be the various rants in this thread aren't about TSB. Mind you, I don't know of any UK banks which text you numbers for logging in.

Westie983

colsten wrote: »

TSB don't use card readers. Nor do they send you any texts with numbers for logging in. May be the various rants in this thread aren't about TSB. Mind you, I don't know of any UK banks which text you numbers for logging in.

Starling and Santander send you codes to enter, but normally when setting up new payments.

You maybe right about the thread not actually being about TSB, but its one of many threads on fraud prevention, which baffles me as are we not grateful of the extra steps put in place to protect our money held in the banks?

Westie983

AnotherJoe

h3456671 wrote: »

Yes but, as I say, what could the 'fraudster' do? They can't even log in (because I couldn't even log in). I fail to see how knowing who my internet is with prevents fraud. I don't think anyone actually knows. But I bet someone somewhere is making money out of it (the scammers at the credit reference agency probably charged to ask those questions for example).

It may be they can tell, from an access attempt to your bank recently that it used an ISP in (say) Kazakstan so that unless you mention your ISP is Khazakstan Best Broadband, they can be fairly confident there was a previous attempt which was fraudulent and therefore they need to be a little more careful with your account.

After all you'd no doubt raise merry hell if your account did get accessed and later you said "well look its from Khazakstan that ive got no dealings with why didn't you ask me".

Or more prosaically if your ISP is Sky and there are in future attempts to access your account from say PlusNet, then first time round that happens they'll be asking questions again. Because i suspect that if your account was accessed by soemone other than you in the future and it turned out after an audit it came from Plusnet your first reaction would be "I've been with Sky for ten years why didn't you ask me the first time there was an access from Plusnet if Id changed".


Or it may be inept security theatre as someone else posted.
Or it may be you were being scammed by a fake call centre.


None of which are worthy of a ranty tinfoil hat wearing type post.

takman

colsten wrote: »

TSB don't use card readers. Nor do they send you any texts with numbers for logging in. May be the various rants in this thread aren't about TSB. Mind you, I don't know of any UK banks which text you numbers for logging in.

Tesco Bank will text you a code or ring you if you log in from a browser they can't confirm you have logged int from before.