We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Bank APP scam rejection and possible lax security measures
Options
Comments
-
Some thoughts:connor0811 said:
He made a purchase on a well known online retailer for around £5, minutes later a text message came through about a purchase at a well known bike/car accessory store asking if it was him that made a purchase of £100 (plus loose change) and to reply Y for yes and N for no (if this happened to me I’d of known it was a scam). He replied N and got a phone call from someone saying they were from his bank and he needed to move his money into a new account they’d set up for him. He thought it was too much of a coincidence that the message came through after the purchase and someone had managed to get his details and spent money elsewhere. Then it was around 5 minutes after this he told me what had happened and when I told him it was a scam he asked if I was sure. The bank do know all this and a couple of police forces are investigating as part of a larger operation (Derbyshire and City of London if memory serves me right). It was also inheritance money he’d not long received and he emptied his full account to them.eskbanker said:
There's no harm in posting significantly more detail than you have, which would perhaps lead to advice about which aspects are and aren't worth mentioning or emphasising in a complaint....connor0811 said:Thank you for the replies and it’s interesting reading the debate on it. Yes vulnerability was mentioned in the first letter but I didn’t go into great detail as I didn’t want him to be a sympathy case. It all lies around the circumstances, which I’ve mentioned at the start of the thread but given no details, that lead up to the phone call. I didn’t want to out details of that into here but on second thought as long as no where is named I’m sure there’ll be no harm?
1) Was the transfer he made unusually large compared to other similar transfers he has made in the past? Or are there any other reasons why the bank would have cause to considered the possibility of fraud? E.g. was the account less with significantly less than normal (don't really know if there is any mileage in this last thought.)
2) If so did the bank give any warnings e.g. online or did they call him to warn him about scams? (The more out of his ordinary practices the payment was, the more you would expect the bank to warn him.)
3) If he was warned, how detailed was it?
4) Not sure this is relevant, but if he was aware the payment was going to an account with a different name, why did he proceed?
5) If you realised it was a scam after 5 minutes what steps did he take to alert the bank? How quick did they respond? Is there any possibility that they could have prevented the fraud after they were alerted?1 -
As suggested by naedanger, the key things to focus on in a complaint to the bank are their actions, or lack of them. The exact details of how he fell for the scam aren't really directly relevant to the bank, but, in the context of seeking to hold the bank liable, what you/your relative need to highlight is specifically what the bank could/should have done to prevent it, given what they'd have known at each stage....1
-
The bit you might need to clarify. You say you got a query from the same bank when making a large transaction and are surprised he didn't. Yet above you say he did get a warning from the bank and was told to ignore it. So it sounds like you both got the same warnings, you accepted it but he ignored it as the scammers advised him to do.connor0811 said:
He got a text message from the bank which told him to contact them if he didn’t make this payment, but on his online banking it was shown as paying to an account in his name.eskbanker said:connor0811 said:
Yes they did, but they told him to ignore these warnings (naive I know but he genuinely believed it was someone from his bank), but the new account was in his name!I’m shocked that the fraud measures didn’t pick up such a large amount being sent to an account elsewhere, as when I made an irregular but legitimate transaction in the past, the bank (I’m with the same one funnily enough) got in touch to make sure it was me making the transaction and it wasn’t some form of scam if it was me, I presume they held it in pending or something until I confirmed and it was no where near the sum we’re talking about here.Remember the saying: if it looks too good to be true it almost certainly is.0 -
I got a phone call, I presume the payment was held until I confirmed it was me.jimjames said:
The bit you might need to clarify. You say you got a query from the same bank when making a large transaction and are surprised he didn't. Yet above you say he did get a warning from the bank and was told to ignore it. So it sounds like you both got the same warnings, you accepted it but he ignored it as the scammers advised him to do.connor0811 said:
He got a text message from the bank which told him to contact them if he didn’t make this payment, but on his online banking it was shown as paying to an account in his name.eskbanker said:connor0811 said:
Yes they did, but they told him to ignore these warnings (naive I know but he genuinely believed it was someone from his bank), but the new account was in his name!I’m shocked that the fraud measures didn’t pick up such a large amount being sent to an account elsewhere, as when I made an irregular but legitimate transaction in the past, the bank (I’m with the same one funnily enough) got in touch to make sure it was me making the transaction and it wasn’t some form of scam if it was me, I presume they held it in pending or something until I confirmed and it was no where near the sum we’re talking about here.He got a text message after from the genuine bank that only said to call number stated if it wasn’t him who made the transfer. The bank said the payment was instant that’s why they couldn’t recover it, so even if he did phone sooner (phoned around 5 mins after the transfer anyway) they wouldn’t of been able to retrieve it.
Hope I’ve cleared that up, sorry if I was vague before.0 -
1. Yes, massively bigger than anything. At least 50x larger than anything before. And transferring the full amount to a new account set up elsewhere in the country should of set off some sort of alarm bells surely?naedanger said:
Some thoughts:connor0811 said:
He made a purchase on a well known online retailer for around £5, minutes later a text message came through about a purchase at a well known bike/car accessory store asking if it was him that made a purchase of £100 (plus loose change) and to reply Y for yes and N for no (if this happened to me I’d of known it was a scam). He replied N and got a phone call from someone saying they were from his bank and he needed to move his money into a new account they’d set up for him. He thought it was too much of a coincidence that the message came through after the purchase and someone had managed to get his details and spent money elsewhere. Then it was around 5 minutes after this he told me what had happened and when I told him it was a scam he asked if I was sure. The bank do know all this and a couple of police forces are investigating as part of a larger operation (Derbyshire and City of London if memory serves me right). It was also inheritance money he’d not long received and he emptied his full account to them.eskbanker said:
There's no harm in posting significantly more detail than you have, which would perhaps lead to advice about which aspects are and aren't worth mentioning or emphasising in a complaint....connor0811 said:Thank you for the replies and it’s interesting reading the debate on it. Yes vulnerability was mentioned in the first letter but I didn’t go into great detail as I didn’t want him to be a sympathy case. It all lies around the circumstances, which I’ve mentioned at the start of the thread but given no details, that lead up to the phone call. I didn’t want to out details of that into here but on second thought as long as no where is named I’m sure there’ll be no harm?
1) Was the transfer he made unusually large compared to other similar transfers he has made in the past? Or are there any other reasons why the bank would have cause to considered the possibility of fraud? E.g. was the account less with significantly less than normal (don't really know if there is any mileage in this last thought.)
2) If so did the bank give any warnings e.g. online or did they call him to warn him about scams? (The more out of his ordinary practices the payment was, the more you would expect the bank to warn him.)
3) If he was warned, how detailed was it?
4) Not sure this is relevant, but if he was aware the payment was going to an account with a different name, why did he proceed?
5) If you realised it was a scam after 5 minutes what steps did he take to alert the bank? How quick did they respond? Is there any possibility that they could have prevented the fraud after they were alerted?
2. He was sent some things via letter about scams after the event.
3. see above
4. It shows on his online banking it was transferred into a bank account in his name. And he wasn’t aware it could of been an account in someone else’s name or he would of never transferred anything.5. Phoned the fraud team at the bank and they taken details of what happened etc and said it was an account for the same company and they had frozen it. I think they acted as quickly as they could with this.
Thank you.0 -
It sounds like you can make a strong case from those answers.connor0811 said:
1. Yes, massively bigger than anything. At least 50x larger than anything before. And transferring the full amount to a new account set up elsewhere in the country should of set off some sort of alarm bells surely?naedanger said:
Some thoughts:connor0811 said:
He made a purchase on a well known online retailer for around £5, minutes later a text message came through about a purchase at a well known bike/car accessory store asking if it was him that made a purchase of £100 (plus loose change) and to reply Y for yes and N for no (if this happened to me I’d of known it was a scam). He replied N and got a phone call from someone saying they were from his bank and he needed to move his money into a new account they’d set up for him. He thought it was too much of a coincidence that the message came through after the purchase and someone had managed to get his details and spent money elsewhere. Then it was around 5 minutes after this he told me what had happened and when I told him it was a scam he asked if I was sure. The bank do know all this and a couple of police forces are investigating as part of a larger operation (Derbyshire and City of London if memory serves me right). It was also inheritance money he’d not long received and he emptied his full account to them.eskbanker said:
There's no harm in posting significantly more detail than you have, which would perhaps lead to advice about which aspects are and aren't worth mentioning or emphasising in a complaint....connor0811 said:Thank you for the replies and it’s interesting reading the debate on it. Yes vulnerability was mentioned in the first letter but I didn’t go into great detail as I didn’t want him to be a sympathy case. It all lies around the circumstances, which I’ve mentioned at the start of the thread but given no details, that lead up to the phone call. I didn’t want to out details of that into here but on second thought as long as no where is named I’m sure there’ll be no harm?
1) Was the transfer he made unusually large compared to other similar transfers he has made in the past? Or are there any other reasons why the bank would have cause to considered the possibility of fraud? E.g. was the account less with significantly less than normal (don't really know if there is any mileage in this last thought.)
2) If so did the bank give any warnings e.g. online or did they call him to warn him about scams? (The more out of his ordinary practices the payment was, the more you would expect the bank to warn him.)
3) If he was warned, how detailed was it?
4) Not sure this is relevant, but if he was aware the payment was going to an account with a different name, why did he proceed?
5) If you realised it was a scam after 5 minutes what steps did he take to alert the bank? How quick did they respond? Is there any possibility that they could have prevented the fraud after they were alerted?
2. He was sent some things via letter about scams after the event.
3. see above
4. It shows on his online banking it was transferred into a bank account in his name. And he wasn’t aware it could of been an account in someone else’s name or he would of never transferred anything.5. Phoned the fraud team at the bank and they taken details of what happened etc and said it was an account for the same company and they had frozen it. I think they acted as quickly as they could with this.
Thank you.
However I have a few of follow on questions for clarity:
1) When you said the fraud team said it was an account for the same company, do you mean the money was transferred to an account with the same bank, as your family member? (If it was then that may open further areas of potential failure by the bank e.g. were they at fault for setting up an account, presumably, based on false details?)
2) Do you know if the account the money was transfered to actually had the same account holder's name as the family member? Or was it in some way spoofed? (For example I can give my accounts a nickname, but I don't think that nickname is seen by anyone else, and if it is then that would seem to present a significant security risk.)
3) Do you know how the payment was made? I am guessing it was a faster payment. My thought is that those on this forum who are knowledgeable about the payment method will be able to comment on whether or not it is correct that a payment would (or might have been) unstoppable after 5 or 10 minutes. [It just seems slightly surprising to me that the fraudsters were able to get the money out of an account so quickly. Surely it would have been extremely suspicious seeing money come in and go out of an account in a few minutes.]1 -
1. Yes, both of the same bank (different branches if that’s of any relevance).naedanger said:
It sounds like you can make a strong case from those answers.connor0811 said:
1. Yes, massively bigger than anything. At least 50x larger than anything before. And transferring the full amount to a new account set up elsewhere in the country should of set off some sort of alarm bells surely?naedanger said:
Some thoughts:connor0811 said:
He made a purchase on a well known online retailer for around £5, minutes later a text message came through about a purchase at a well known bike/car accessory store asking if it was him that made a purchase of £100 (plus loose change) and to reply Y for yes and N for no (if this happened to me I’d of known it was a scam). He replied N and got a phone call from someone saying they were from his bank and he needed to move his money into a new account they’d set up for him. He thought it was too much of a coincidence that the message came through after the purchase and someone had managed to get his details and spent money elsewhere. Then it was around 5 minutes after this he told me what had happened and when I told him it was a scam he asked if I was sure. The bank do know all this and a couple of police forces are investigating as part of a larger operation (Derbyshire and City of London if memory serves me right). It was also inheritance money he’d not long received and he emptied his full account to them.eskbanker said:
There's no harm in posting significantly more detail than you have, which would perhaps lead to advice about which aspects are and aren't worth mentioning or emphasising in a complaint....connor0811 said:Thank you for the replies and it’s interesting reading the debate on it. Yes vulnerability was mentioned in the first letter but I didn’t go into great detail as I didn’t want him to be a sympathy case. It all lies around the circumstances, which I’ve mentioned at the start of the thread but given no details, that lead up to the phone call. I didn’t want to out details of that into here but on second thought as long as no where is named I’m sure there’ll be no harm?
1) Was the transfer he made unusually large compared to other similar transfers he has made in the past? Or are there any other reasons why the bank would have cause to considered the possibility of fraud? E.g. was the account less with significantly less than normal (don't really know if there is any mileage in this last thought.)
2) If so did the bank give any warnings e.g. online or did they call him to warn him about scams? (The more out of his ordinary practices the payment was, the more you would expect the bank to warn him.)
3) If he was warned, how detailed was it?
4) Not sure this is relevant, but if he was aware the payment was going to an account with a different name, why did he proceed?
5) If you realised it was a scam after 5 minutes what steps did he take to alert the bank? How quick did they respond? Is there any possibility that they could have prevented the fraud after they were alerted?
2. He was sent some things via letter about scams after the event.
3. see above
4. It shows on his online banking it was transferred into a bank account in his name. And he wasn’t aware it could of been an account in someone else’s name or he would of never transferred anything.5. Phoned the fraud team at the bank and they taken details of what happened etc and said it was an account for the same company and they had frozen it. I think they acted as quickly as they could with this.
Thank you.
However I have a few of follow on questions for clarity:
1) When you said the fraud team said it was an account for the same company, do you mean the money was transferred to an account with the same bank, as your family member? (If it was then that may open further areas of potential failure by the bank e.g. were they at fault for setting up an account, presumably, based on false details?)
2) Do you know if the account the money was transfered to actually had the same account holder's name as the family member? Or was it in some way spoofed? (For example I can give my accounts a nickname, but I don't think that nickname is seen by anyone else, and if it is then that would seem to present a significant security risk.)
3) Do you know how the payment was made? I am guessing it was a faster payment. My thought is that those on this forum who are knowledgeable about the payment method will be able to comment on whether or not it is correct that a payment would (or might have been) unstoppable after 5 or 10 minutes. [It just seems slightly surprising to me that the fraudsters were able to get the money out of an account so quickly. Surely it would have been extremely suspicious seeing money come in and go out of an account in a few minutes.]
2. We don’t know the true name of the account just that it shows up as his name, I fear it possibly is a nickname showing up as his name.
3. Yes, it was made on the banks app which is 9/10 instant, so yes I think faster payment it is. And on the point, I think I’ve mentioned this earlier in the thread his app shows the payment was made one day but on his statement it says the next, which could be the way these things are recorded but it aroused my suspicion.
0 -
In that case I think you have an extremely strong case, but then I have only heard one side.connor0811 said:
1. Yes, both of the same bank (different branches if that’s of any relevance).naedanger said:
It sounds like you can make a strong case from those answers.connor0811 said:
1. Yes, massively bigger than anything. At least 50x larger than anything before. And transferring the full amount to a new account set up elsewhere in the country should of set off some sort of alarm bells surely?naedanger said:
Some thoughts:connor0811 said:
He made a purchase on a well known online retailer for around £5, minutes later a text message came through about a purchase at a well known bike/car accessory store asking if it was him that made a purchase of £100 (plus loose change) and to reply Y for yes and N for no (if this happened to me I’d of known it was a scam). He replied N and got a phone call from someone saying they were from his bank and he needed to move his money into a new account they’d set up for him. He thought it was too much of a coincidence that the message came through after the purchase and someone had managed to get his details and spent money elsewhere. Then it was around 5 minutes after this he told me what had happened and when I told him it was a scam he asked if I was sure. The bank do know all this and a couple of police forces are investigating as part of a larger operation (Derbyshire and City of London if memory serves me right). It was also inheritance money he’d not long received and he emptied his full account to them.eskbanker said:
There's no harm in posting significantly more detail than you have, which would perhaps lead to advice about which aspects are and aren't worth mentioning or emphasising in a complaint....connor0811 said:Thank you for the replies and it’s interesting reading the debate on it. Yes vulnerability was mentioned in the first letter but I didn’t go into great detail as I didn’t want him to be a sympathy case. It all lies around the circumstances, which I’ve mentioned at the start of the thread but given no details, that lead up to the phone call. I didn’t want to out details of that into here but on second thought as long as no where is named I’m sure there’ll be no harm?
1) Was the transfer he made unusually large compared to other similar transfers he has made in the past? Or are there any other reasons why the bank would have cause to considered the possibility of fraud? E.g. was the account less with significantly less than normal (don't really know if there is any mileage in this last thought.)
2) If so did the bank give any warnings e.g. online or did they call him to warn him about scams? (The more out of his ordinary practices the payment was, the more you would expect the bank to warn him.)
3) If he was warned, how detailed was it?
4) Not sure this is relevant, but if he was aware the payment was going to an account with a different name, why did he proceed?
5) If you realised it was a scam after 5 minutes what steps did he take to alert the bank? How quick did they respond? Is there any possibility that they could have prevented the fraud after they were alerted?
2. He was sent some things via letter about scams after the event.
3. see above
4. It shows on his online banking it was transferred into a bank account in his name. And he wasn’t aware it could of been an account in someone else’s name or he would of never transferred anything.5. Phoned the fraud team at the bank and they taken details of what happened etc and said it was an account for the same company and they had frozen it. I think they acted as quickly as they could with this.
Thank you.
However I have a few of follow on questions for clarity:
1) When you said the fraud team said it was an account for the same company, do you mean the money was transferred to an account with the same bank, as your family member? (If it was then that may open further areas of potential failure by the bank e.g. were they at fault for setting up an account, presumably, based on false details?)
2) Do you know if the account the money was transfered to actually had the same account holder's name as the family member? Or was it in some way spoofed? (For example I can give my accounts a nickname, but I don't think that nickname is seen by anyone else, and if it is then that would seem to present a significant security risk.)
3) Do you know how the payment was made? I am guessing it was a faster payment. My thought is that those on this forum who are knowledgeable about the payment method will be able to comment on whether or not it is correct that a payment would (or might have been) unstoppable after 5 or 10 minutes. [It just seems slightly surprising to me that the fraudsters were able to get the money out of an account so quickly. Surely it would have been extremely suspicious seeing money come in and go out of an account in a few minutes.]
2. We don’t know the true name of the account just that it shows up as his name, I fear it possibly is a nickname showing up as his name.
3. Yes, it was made on the banks app which is 9/10 instant, so yes I think faster payment it is. And on the point, I think I’ve mentioned this earlier in the thread his app shows the payment was made one day but on his statement it says the next, which could be the way these things are recorded but it aroused my suspicion.
For brevity I am pretending you are the victim rather than your family member.
Firstly you can make all the points about them failing to identify the transfer as out of character (due to its size etc) and consequently failing to contact you prior to actioning the transfer to warn you of the possibility it was a scam. They have obligations to help prevent fraud which they have failed to meet. Had they contacted you to check you were not being defrauded then you would have immediately realised it was a fraud because you believed it was actually the bank who wanted the transfer to be made in the first place. [This failure alone is probably sufficient to make the bank liable in my view.]
Secondly the account the money was transfered to had your name on it. Either there was a failure to stop a nickname as appearing to an unsuspecting person as the account holder's name, or even worse they have set up an actual account for a fraudster based on false details. Had the account been in another name there is good chance you might have realised something wasn't right.
Thirdly the fact they held the fraudster's account seems to me to be quite a damning point. Surely there must have been failings that permitted a fraudster to set up an account with them. If the fraudster had not been given an account by them this would not have happened.
Lastly, and I think this is their biggest failing, they let the fraudster's account pay out a very large sum within minutes of receiving it. Surely that is obviously suspicious and should have been checked. (I bet the account was also not long established and had very little money in it, prior to the transfer you paid, which should have been additional warning signs.) Had there been any delay while they checked with the account holder that the transaction was valid - which of course it wasn't - then they would have been thwarted since you raised the alarm within minutes of it happening. And even if you hadn't raised the alarm they should still have had suspicions after speaking to the account holder since the transaction was indeed criminal.1 -
Without knowing the actual name and address on the fraudster's account, along with other information only the banks have, you can't be sure there has been any negligence by any bank regarding the opening of the fraudster's account. It is perfectly possible that two people have the same name, even in the same family. Fraudsters can set up perfectly legit bank accounts and use publicly available tools to search nationwide for matches. Banks would only be negligent with certainty if they had been made aware of fraudulent activity on the fraudster's account and failed to block the account following that discovery.naedanger said:
Secondly the account the money was transfered to had your name on it. Either there was a failure to stop a nickname as appearing to an unsuspecting person as the account holder's name, or even worse they have set up an actual account for a fraudster based on false details. Had the account been in another name there is good chance you might have realised something wasn't right.
As to 'nickname': CoP doesn't look for nicknames but for matches with the actual account holder name. Can you explain further how you think a nickname might have been used in the OP's case?0 -
You are right I can't be sure of anything.colsten said:
Without knowing the actual name and address on the fraudster's account, along with other information only the banks have, you can't be sure there has been any negligence by any bank regarding the opening of the fraudster's account. It is perfectly possible that two people have the same name, even in the same family. Fraudsters can set up perfectly legit bank accounts and use publicly available tools to search nationwide for matches. Banks would only be negligent with certainty if they had been made aware of fraudulent activity on the fraudster's account and failed to block the account following that discovery.naedanger said:
Secondly the account the money was transfered to had your name on it. Either there was a failure to stop a nickname as appearing to an unsuspecting person as the account holder's name, or even worse they have set up an actual account for a fraudster based on false details. Had the account been in another name there is good chance you might have realised something wasn't right.
As to 'nickname': CoP doesn't look for nicknames but for matches with the actual account holder name. Can you explain further how you think a nickname might have been used in the OP's case?
I actually think it extremely unlikely that the account does have the same name as the op's family member. They would have not had time to set it up, and having the same name by coincidence seems highly unlikely. Sounds more like the fraudster somehow spoofed the name (e.g. by somehow getting a name of his choosing to display) or perhaps the op's family member is mistaken. And no I can't explain how fraudster's spoofed anything and I obviously cannot supply any evidence to support the view the op's family member was not mistaken.
Any time I have set up a bank account I have had to supply proof of address and id. I think the bank that set up the account should be explaining how their checks in this area failed, assuming the fraudster did use false details. If they had set up a perfectly legit bank account I would be surprised.
0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.6K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards