Ombudsman not upheld my complaint

slingo63

trient said:

Came here to also ask what was the difference between transaction #1 and #2-4.

Also if OP doesn't mind we could all learn a bit more from the pattern used here. Since all 4 txns were debit card payments, there should be a business (if paying for goods/services) or individual (if doing a top-up by card like for Revolut) rather than a generic current account on the other end. This should have been displayed at during authorisation stage and later on the Starling transaction list/account statement.

Was the recipient name suggesting a payment to Starling or OP's own name? I'm thinking the OP wouldn't have fallen for paying say Currys or PayPal or Mr Mohammad Smith. And if the recipient wasn't an individual, could Starling not have gone for that business as presumably their details would be available through the card network?

The caller said they were using a fictitious business name so as not to alert whoever was monitoring my account (the irony). Even writing this makes me squirm at how stupid I was ☹️

MattMattMattUK

slingo63 said:

eskbanker said:

Renfrewman said:

eskbanker said:

slingo63 said:

eskbanker said:

slingo63 said:

I never expected Starling to be out of pocket, I thought banks had reciprocal processes in place to recover funds from the banks the stolen money had gone to. If I buy goods that turn out to not be what they are supposed to be I have protection, but it appears we don't have full protection for our bank accounts where we have innocently been duped.

There are reciprocal processes to recover funds directly transferred between accounts, but this won't be possible once the payee account has been emptied.

Likewise, there's the APP scam code, under which the two banks are collectively responsible for reimbursing qualifying fraudulent transfers, unless the sender ignored warnings.

However, debit card transactions are outside the scope of these arrangements, although there is chargeback (like with goods purchases), which can be used to reverse such payments - to what extent did Starling invoke that for you?

There were 4 transactions and they reimbursed 3 of them but wouldn't do the first one 

What makes the first one different?  I was under the impression that all four were paid by debit card, in which case they can't reject the claim simply on the basis that you authorised the transaction, as you'd presumably have done exactly the same for the ones that they did reimburse?

 Each is a separate transaction and should be examined on that basis. Would 4/4 rejection be better?

I'm not sure you understand the point I'm making?

OP said that "they said because I authorised the payments in my banking app (as I was convinced he was from the bank!) I can't get my money back", so I'm saying that this position is illogical - either none of the transactions should be reimbursed or all of them, unless there are relevant differentiators, in which case let's hear what they are.

This was my argument, but they refunded the subsequent payments as they recognised they should have noticed the unusual activity and stopped it, but not the first one.

Transaction #1 could have been a legitimate transaction, you ignored general guidance as well as the warnings issued when you authorised the payments, hence they declined you request for reimbursement for that payment. Transactions #2, #3 and #4 were indicative of a pattern of behaviour which indicated fraud, meaning that they should have suspended your account until they verified if those transactions were legitimate or not, as they allowed those transactions to proceed, even though you were culpable, they have reimbursed you. 

Chief_of_Staffy

slingo63 said:

trient said:

Came here to also ask what was the difference between transaction #1 and #2-4.

Also if OP doesn't mind we could all learn a bit more from the pattern used here. Since all 4 txns were debit card payments, there should be a business (if paying for goods/services) or individual (if doing a top-up by card like for Revolut) rather than a generic current account on the other end. This should have been displayed at during authorisation stage and later on the Starling transaction list/account statement.

Was the recipient name suggesting a payment to Starling or OP's own name? I'm thinking the OP wouldn't have fallen for paying say Currys or PayPal or Mr Mohammad Smith. And if the recipient wasn't an individual, could Starling not have gone for that business as presumably their details would be available through the card network?

The caller said they were using a fictitious business name so as not to alert whoever was monitoring my account (the irony). Even writing this makes me squirm at how stupid I was ☹️

People seem to think I'm being pedantic when I say this, but if everybody understood that when you deposit money into the bank it is now the bank's money, not yours, nobody would fall for these scams.

Just imagine if you loaned me £1000 and I promised you to pay it back to you if you asked. I keep the money in my house and one day a burglar breaks in a steals it. I then tell you, "Sorry, someone's stolen your money, you won't be getting any of it back." You'd think I was mad. Yet most people believe this is how banks operate. That the banks have rows of vaults with our cash inside and if someone breaks into one of them and steals 'our' money, we lose it.

This lie is peddled by the banks and the media. It's no wonder people believe it.

MattMattMattUK

Chief_of_Staffy said:

slingo63 said:

trient said:

Came here to also ask what was the difference between transaction #1 and #2-4.

Also if OP doesn't mind we could all learn a bit more from the pattern used here. Since all 4 txns were debit card payments, there should be a business (if paying for goods/services) or individual (if doing a top-up by card like for Revolut) rather than a generic current account on the other end. This should have been displayed at during authorisation stage and later on the Starling transaction list/account statement.

Was the recipient name suggesting a payment to Starling or OP's own name? I'm thinking the OP wouldn't have fallen for paying say Currys or PayPal or Mr Mohammad Smith. And if the recipient wasn't an individual, could Starling not have gone for that business as presumably their details would be available through the card network?

The caller said they were using a fictitious business name so as not to alert whoever was monitoring my account (the irony). Even writing this makes me squirm at how stupid I was ☹️

People seem to think I'm being pedantic when I say this, but if everybody understood that when you deposit money into the bank it is now the bank's money, not yours, nobody would fall for these scams.

Just imagine if you loaned me £1000 and I promised you to pay it back to you if you asked. I keep the money in my house and one day a burglar breaks in a steals it. I then tell you, "Sorry, someone's stolen your money, you won't be getting any of it back." You'd think I was mad. Yet most people believe this is how banks operate. That the banks have rows of vaults with our cash inside and if someone breaks into one of them and steals 'our' money, we lose it.

This lie is peddled by the banks and the media. It's no wonder people believe it.

Your analogy works right up until the point it does not. 

The bank is not being burgled, the customer is claiming their money, or recalling their loan using your example, then handing that money over to a man who turns out to be a burglar.

The issue is not people or banks being burgled, it is people willingly handing over money to third parties then expecting the rest of us, via increased banking costs, to reimburse them when they realise that it might not have been such a good idea to hand over their money.

Chief_of_Staffy

MattMattMattUK said:

Chief_of_Staffy said:

slingo63 said:

trient said:

Came here to also ask what was the difference between transaction #1 and #2-4.

Also if OP doesn't mind we could all learn a bit more from the pattern used here. Since all 4 txns were debit card payments, there should be a business (if paying for goods/services) or individual (if doing a top-up by card like for Revolut) rather than a generic current account on the other end. This should have been displayed at during authorisation stage and later on the Starling transaction list/account statement.

Was the recipient name suggesting a payment to Starling or OP's own name? I'm thinking the OP wouldn't have fallen for paying say Currys or PayPal or Mr Mohammad Smith. And if the recipient wasn't an individual, could Starling not have gone for that business as presumably their details would be available through the card network?

The caller said they were using a fictitious business name so as not to alert whoever was monitoring my account (the irony). Even writing this makes me squirm at how stupid I was ☹️

People seem to think I'm being pedantic when I say this, but if everybody understood that when you deposit money into the bank it is now the bank's money, not yours, nobody would fall for these scams.

Just imagine if you loaned me £1000 and I promised you to pay it back to you if you asked. I keep the money in my house and one day a burglar breaks in a steals it. I then tell you, "Sorry, someone's stolen your money, you won't be getting any of it back." You'd think I was mad. Yet most people believe this is how banks operate. That the banks have rows of vaults with our cash inside and if someone breaks into one of them and steals 'our' money, we lose it.

This lie is peddled by the banks and the media. It's no wonder people believe it.

Your analogy works right up until the point it does not. 

The bank is not being burgled, the customer is claiming their money, or recalling their loan using your example, then handing that money over to a man who turns out to be a burglar.

The issue is not people or banks being burgled, it is people willingly handing over money to third parties then expecting the rest of us, via increased banking costs, to reimburse them when they realise that it might not have been such a good idea to hand over their money.

You completely miss the point.

If the customer knows that they cannot lose money from someone accessing their bank account, they are not going to withdraw money and 'hand it over' to a third party.

born_again

slingo63 said:

I know some of you probably think I'm an idiot but I'm a reasonably intelligent guy and I did attempt to verify he was from the bank and I just never realised they could spoof the short code SMS number the bank uses. I never expected Starling to be out of pocket, I thought banks had reciprocal processes in place to recover funds from the banks the stolen money had gone to. If I buy goods that turn out to not be what they are supposed to be I have protection, but it appears we don't have full protection for our bank accounts where we have innocently been duped. 
This is the end of the matter for me anyway - I just hoped there may be some loophole to help me recover my money but it seems not. Thank you all for your input, God bless you.

No spoofing required. It will be from your bank to approve the payment. Did you pass that code to the fraudster?
If you did then that is the reason why complaint was declined. As message Says not to pass to anyone.

As this is  card payment & as code was used. It makes it a secure payment & your bank can not claim it back from retailer.

Process. Fraudster has your card details & makes payment using them, which means your bank sends SMS with code to your phone. So they ask you for the code. They then complete payment with code. Which as far as bank goes is you confirming the payment was made by you.  

jimjames

Chief_of_Staffy said:

slingo63 said:

trient said:

Came here to also ask what was the difference between transaction #1 and #2-4.

Also if OP doesn't mind we could all learn a bit more from the pattern used here. Since all 4 txns were debit card payments, there should be a business (if paying for goods/services) or individual (if doing a top-up by card like for Revolut) rather than a generic current account on the other end. This should have been displayed at during authorisation stage and later on the Starling transaction list/account statement.

Was the recipient name suggesting a payment to Starling or OP's own name? I'm thinking the OP wouldn't have fallen for paying say Currys or PayPal or Mr Mohammad Smith. And if the recipient wasn't an individual, could Starling not have gone for that business as presumably their details would be available through the card network?

The caller said they were using a fictitious business name so as not to alert whoever was monitoring my account (the irony). Even writing this makes me squirm at how stupid I was ☹️

This lie is peddled by the banks and the media. It's no wonder people believe it.

It's not a lie as the analogy is nonsense. The actual equivalent is the customer going to their bank, asking for their money back and then handing it over to a third party. The bank has not been burgled or had any of their systems compromised. There might be no big vaults of cash but equally there has been no break in either.

Chief_of_Staffy

jimjames said:

Chief_of_Staffy said:

slingo63 said:

trient said:

Came here to also ask what was the difference between transaction #1 and #2-4.

Also if OP doesn't mind we could all learn a bit more from the pattern used here. Since all 4 txns were debit card payments, there should be a business (if paying for goods/services) or individual (if doing a top-up by card like for Revolut) rather than a generic current account on the other end. This should have been displayed at during authorisation stage and later on the Starling transaction list/account statement.

Was the recipient name suggesting a payment to Starling or OP's own name? I'm thinking the OP wouldn't have fallen for paying say Currys or PayPal or Mr Mohammad Smith. And if the recipient wasn't an individual, could Starling not have gone for that business as presumably their details would be available through the card network?

The caller said they were using a fictitious business name so as not to alert whoever was monitoring my account (the irony). Even writing this makes me squirm at how stupid I was ☹️

This lie is peddled by the banks and the media. It's no wonder people believe it.

It's not a lie as the analogy is nonsense. The actual equivalent is the customer going to their bank, asking for their money back and then handing it over to a third party. The bank has not been burgled or had any of their systems compromised. There might be no big vaults of cash but equally there has been no break in either.

I literally addressed this in the post above your own.

If the customer knows that they cannot lose money from someone accessing their bank account, they are not going to withdraw money and 'hand it over' to a third party.

Let me try and simplify it as much as I can without resorting to pictures.

IF
the customer realises the money is safe in the bank
THEN
they cannot be convinced to withdraw the money to safeguard it
SO
they cannot be scammed in this way

QrizB

Chief_of_Staffy said:

jimjames said:

It's not a lie as the analogy is nonsense. The actual equivalent is the customer going to their bank, asking for their money back and then handing it over to a third party. The bank has not been burgled or had any of their systems compromised. There might be no big vaults of cash but equally there has been no break in either.

I literally addressed this in the post above your own.

If the customer knows that they cannot lose money from someone accessing their bank account, they are not going to withdraw money and 'hand it over' to a third party.

Let me try and simplify it as much as I can without resorting to pictures.

IF
the customer realises the money is safe in the bank
THEN
they cannot be convinced to withdraw the money to safeguard it
SO
they cannot be scammed in this way

That does fall apart rather once you involve regular human beings.

In this case, the customer knew (because banks and the government will have told them, repeatedly, over many years) that their money was safe in the bank.

Nevertheless, they allowed a scammer to persuade them that it wasn't. And this is no criticism of the OP; these scammers are seasoned professionals and Joe & Jo Public aren't.

Chief_of_Staffy

QrizB said:

Chief_of_Staffy said:

jimjames said:

It's not a lie as the analogy is nonsense. The actual equivalent is the customer going to their bank, asking for their money back and then handing it over to a third party. The bank has not been burgled or had any of their systems compromised. There might be no big vaults of cash but equally there has been no break in either.

I literally addressed this in the post above your own.

If the customer knows that they cannot lose money from someone accessing their bank account, they are not going to withdraw money and 'hand it over' to a third party.

Let me try and simplify it as much as I can without resorting to pictures.

IF
the customer realises the money is safe in the bank
THEN
they cannot be convinced to withdraw the money to safeguard it
SO
they cannot be scammed in this way

That does fall apart rather once you involve regular human beings.

In this case, the customer knew (because banks and the government will have told them, repeatedly, over many years) that their money was safe in the bank.

I've never had anyone tell me my money is safe in the bank, and neither has anybody else (with the exception of FSCS guarantees, which are not the same thing).

In any event, that's not what I'm proposing. The government saying "This is safe" is a complete waste of time. At best, it will convince people of the opposite.

If - and bear with me on this radical proposal - the public aren't treated like morons, and it's explained in a straightforward way HOW the system works and WHY their money is safe, and this message is communicated directly to every person who uses banks as opposed to being 'available' on some random website, then that will obviously prevent scams.

Now I know that several people on this forum are vehemently opposed this notion, and we can speculate about why, but in terms of a genuine improvement in individual's financial security it's beyond sensible debate that this would be beneficial.