Beware NHS Covid pass fraud - a MoneySaver was scammed out of £25k, but got his money back

nyermen

The fraudsters convinced Rory to drive to a Santander branch in Dumferline - speaking to him on the phone the entire time - where the cashier followed his instructions to move £25,000 out of his Santander account.

(From original article) - what I'm unclear on is whether the cashier asked the questions etc.  I know even then people have been conned by being told the branch is "in on it", but it doesn't seem to be mentioned in this story (and often is in others).  If they didn't even bother to double check the transfer, then Santander didn't meet the agreed code.

For me - I can't help but feel large payments should be better tracked in some way.  Fraud seems to often be a transfer to a newly setup account which is promptly emptied in cash (or crypto or international transfer).  Just prevent those onward transactions for x period of time.  If they're legitimate, then people/businesses etc will adjust to new timescales.
Won't stop the most sophisticated, but might stop some.

Chris_English

Banks need to re-write the code to stop paying people when the bank has done nothing wrong. It's like asking Royal Mail to compensate you if you packege up and send a bundle of cash to a fraudster, and it makes no sense for the banks to pay for it.

It was done for some positive PR, not because it was the right thing to do, and it seems that it may well be leading to people taking even less care than they once did about who they send money to.

RogerBareford

This type of scam just makes no sense whatsoever to me.

The "bank" ask someone to transfer money to another account to protect it and then the person has to go to a branch to do this.

If they applied any common sense at all they would know that the bank has a duty to protect your money anyway and if money needed to be moved to another account then they can do that in a few clicks using their system and wouldn't need someone to go to the branch.

Sandtree

nyermen said:

The fraudsters convinced Rory to drive to a Santander branch in Dumferline - speaking to him on the phone the entire time - where the cashier followed his instructions to move £25,000 out of his Santander account.

(From original article) - what I'm unclear on is whether the cashier asked the questions etc.  I know even then people have been conned by being told the branch is "in on it", but it doesn't seem to be mentioned in this story (and often is in others).  If they didn't even bother to double check the transfer, then Santander didn't meet the agreed code.

With this type of scam questioning is probably less intrusive but it is a fairly fine balance... my uncle sends money to Nigeria every now and then to help his g/friend of 30 years family and gets fairly irate when the bank suggest that its a scammer trying to take advantage of his advanced age etc... he now goes to the bank with an packet of photos now to show them hes been with her, in person, for almost half his life and a prewritten complaint letter to date and submit.

Chris_English said:

Banks need to re-write the code to stop paying people when the bank has done nothing wrong. It's like asking Royal Mail to compensate you if you packege up and send a bundle of cash to a fraudster, and it makes no sense for the banks to pay for it.

Its not the same though... banks have to do KYC checks on account opening whereas Royal Mail has no duty to vet addresses. You get an account number wrong and its likely to bounce or go into a suspense account; the bank wont try and guess who you meant it for; write something  on the front of an envelope and RM will try their best (Locke & Co famously recount the mail they received that was simply addressed to "The Best Hatters In London").

Most importantly though you go to your personal bank to instruct them to make the transfer so your bank knows who its coming from, where its going to and if its something you do regularly both in terms of type of transaction and payee. Royal Mail do not require you to go to your local post office with ID to send anything, they dont log whos sent what to whom but instead you can anonymously just drop it in a post box and so RM have no opportunity to vet it.

nyermen

Maybe thats the answer - make the receiving account's bank liable.  Bet their "KYC" will improve then...

Chris_English

nyermen said:

Maybe thats the answer - make the receiving account's bank liable.  Bet their "KYC" will improve then...

KYC is generally fine, scammers pay mules a few pounds to use their legitimate accounts to receive funds.

born_again

the_lunatic_is_in_my_head said:

Silvertabby said:

the_lunatic_is_in_my_head said:

Silvertabby said:

jimbo6977 said:

He didn't get his money back though.

He deprived Santander of £25 grand of their money, despite ignoring all the oft repeated warnings from all banks, government, MSE, uncle Tom Cobley and all, NEVER to follow instructions to move money to a "safe" account. 

Not quite.  He actually deprived Santander customers - by making them pay higher interest rates on loans, and being paid lower interest rates on savings.  

25 grand is peanuts to Santander, the idea that sum will affect mortgage or interest rates is ludicrous. 

I assume Santander aren't obligated to cover the loss, if that is true they effectively spent the money on PR.  

But it's not just £25K is it?  It's the sum of ALL of the 'refunds' paid out by ALL of the banks to ALL of those people who were 'conned'.  The banks must factor in these losses when crunching their numbers 

Making it easier to pay these 'refunds' has just given a green light to the crooks, as bank customers will be even less likely to apply due diligence if they think that they won't lose 'their' money.

A quick Google suggests that banks have signed up to a code to refund people defrauded by this type of scam when the bank could have done more to prevent the fraud but there's mention they are discussing it will become a law to refund customers who are victim to this type of scam.

One report suggests 80% of complaints against Santander, where they didn't refund or part refunded, were upheld suggesting the banks aren't living up to the code. 

Why aren't these scam texts detected and blocked, why can someone change the number that appears on the phone, why can someone transfer £25k to a new recipient without the bank performing checks. Of course law enforcement should do more and government should do more but you and I would pay for that also.

It may be easy to say let the guy lose his £25k because well it's not you, but there are plenty of people who are simply not wise to this type of thing. A lot of scams play on greed and it might be fair to say the victims deserve less sympathy in such instances but with this type of scam the victim is blinded by a situation expertly crafted to extract their life savings on the premises they will otherwise lose their money. The scammers have perfected an art of convincing the victim they are in a vulnerable position and must act now, with the impression there is no time and something is about to be lost most people won't act with the same rational thought they would otherwise usually apply. 

We once did a poll of people reading the advice sent out with new cards & on their statements.
Less that 1% actually read it.

These scams are in the media virtually every week. Banks have been telling people for years "We will never ask you to transfer funds to another account".
There comes a point where no matter what certain individuals will ignore the advice given. As it will never happen to them.

Such as this case.
>>'Unfortunately, despite repeatedly warning her of the dangers of transferring money to someone she hadn't met and directly raising our concerns that this was a scam with Ms Elwell and the police, she confirmed she wanted to proceed with the payments.'<<

https://www.dailymail.co.uk/news/article-9838979/Romance-fraud-victim-facing-bankruptcy-Santander-HSBC-want-reclaim-113-000-loans.html

Yet she still expects the banks to pay her back...🤦‍♂️

Sandtree

born_again said:
We once did a poll of people reading the advice sent out with new cards & on their statements.

Less that 1% actually read it.

I'm surprised its that high

On our car insurance website there are assumptions and T&Cs you have to agree to before you can click onto the next page to make payment.  If printed on normal A4 paper at Ariel 11 its about 1.5 pages (though lots of bullets).

According to our server logs the average time between the request for the page and the button click response was under 5 seconds and that includes the amount of time for the page to load (and we are talking when ADSL wasnt even that common at home and FTTC wasnt invented yet) and the time for the person to find and click the "I Agree" button and that to get back to our servers.