Help - bank scam
Options
pritchardtuesnoad
Posts: 1 Newbie
This is a complaint about Nat West who I have been a customer with for over 40 years.
I was subject to a scam which was perpetrated on me on the 17th December 2018. It resulted in us (myself, my wife and my daughter) having £15,690 removed from our bank accounts and has left us completely devastated.
I consider myself savvy, but this was extremely professional. I was persuaded to give out my mobile app number on the basis that this was an activation code and the mobile app needed to be urgently deactivated. When I challenged this saying I never give out a code, I was told the bank would never ask for a PIN code, but they needed the activation code, and this was different.
Again, I challenged the caller asking to confirm they were from Nat West. They told me to look at the number they were calling from to check it matched the enquiries number on my debit card. I did and indeed it did match.
I think there is a vulnerability in the NatWest security system which allows a single number to access the mobile app. As I had not used it for 2 or 3 years I was persuaded that the number I was giving out was an activation code rather than a PIN number. Had I been using it regularly I don't think I would have done that. Surely there ought to be a system that if a feature is not used for certain period it is all automatically deactivated?
The caller then rang the following day at a pre-arranged time and clearly had made some transfers between our accounts already. He had cleared my wife's and my daughter’s account and my overdraft. He went through about 20 direct debits with me, ostensibly to check I wanted them all transferred to the new account – in hindsight this was a further confidence boosting measure. Using the card reader, I was persuaded to transfer the sum of £15,690 into the account which I was assured was my new ‘safe’ account. It was set up with my name and reference.
Still thinking this was genuine but feeling a little uneasy, I called NatWest fraud line who said it was likely to be a scam. They have since said the beneficiaries account had been cleared and no monies could be recovered, the bank had no liability. I received a highly impersonal standard photocopied letter from Nat West. In my view displaying a complete lack of concern for a customer of over 40 years.
Aside from the systems vulnerability of the single access code for the mobile app, the second issue I have is that the perpetrator was able to move amounts from accounts which are linked but not related to mine, although were accessible through the internet banking site, and by doing so was able to take money out of my wife's and daughters accounts. without any action on my part. This also seems to be a vulnerability in the internet portal.
The police have identified a suspect and they tell me there is a chance they might be able to pursue charges.
Do I have any comeback against Nat West or other suggestions on what I might be able to do to recover any funds?
I was subject to a scam which was perpetrated on me on the 17th December 2018. It resulted in us (myself, my wife and my daughter) having £15,690 removed from our bank accounts and has left us completely devastated.
I consider myself savvy, but this was extremely professional. I was persuaded to give out my mobile app number on the basis that this was an activation code and the mobile app needed to be urgently deactivated. When I challenged this saying I never give out a code, I was told the bank would never ask for a PIN code, but they needed the activation code, and this was different.
Again, I challenged the caller asking to confirm they were from Nat West. They told me to look at the number they were calling from to check it matched the enquiries number on my debit card. I did and indeed it did match.
I think there is a vulnerability in the NatWest security system which allows a single number to access the mobile app. As I had not used it for 2 or 3 years I was persuaded that the number I was giving out was an activation code rather than a PIN number. Had I been using it regularly I don't think I would have done that. Surely there ought to be a system that if a feature is not used for certain period it is all automatically deactivated?
The caller then rang the following day at a pre-arranged time and clearly had made some transfers between our accounts already. He had cleared my wife's and my daughter’s account and my overdraft. He went through about 20 direct debits with me, ostensibly to check I wanted them all transferred to the new account – in hindsight this was a further confidence boosting measure. Using the card reader, I was persuaded to transfer the sum of £15,690 into the account which I was assured was my new ‘safe’ account. It was set up with my name and reference.
Still thinking this was genuine but feeling a little uneasy, I called NatWest fraud line who said it was likely to be a scam. They have since said the beneficiaries account had been cleared and no monies could be recovered, the bank had no liability. I received a highly impersonal standard photocopied letter from Nat West. In my view displaying a complete lack of concern for a customer of over 40 years.
Aside from the systems vulnerability of the single access code for the mobile app, the second issue I have is that the perpetrator was able to move amounts from accounts which are linked but not related to mine, although were accessible through the internet banking site, and by doing so was able to take money out of my wife's and daughters accounts. without any action on my part. This also seems to be a vulnerability in the internet portal.
The police have identified a suspect and they tell me there is a chance they might be able to pursue charges.
Do I have any comeback against Nat West or other suggestions on what I might be able to do to recover any funds?
0
Comments
-
Hello, thank you for your post.
I am really sorry to hear you have lost your money.
Time for some bad news, I don’t think Natwest will assume responsibility on the matter.
You really should of put down the phone and called them back.
As you have admitted to passing security codes, I assume you will be left liable.
Again sorry to hear about your incident.0 -
You have no comeback against NatWest as you gave away your access to your accounts.
But hopefully the police will have some success.
In future, if a bank calls you and ask for details of anything, always call them back.0 -
I think there is a vulnerability in the NatWest security system ...
Yes. it is called the customer. it is the weakest part in any security chain.Aside from the systems vulnerability of the single access code for the mobile app,
It is not vulnerable unless you give it out. And the banks tell you time and again, not to give this information out.the second issue I have is that the perpetrator was able to move amounts from accounts which are linked but not related to mine, although were accessible through the internet banking site, and by doing so was able to take money out of my wife's and daughters accounts. without any action on my part. This also seems to be a vulnerability in the internet portal.
I dont know the natwest system but most banks will only list sole accounts or joint accounts under the single login.
Hopefully, someone else with knowledge of Natwest systems will clarify that.Do I have any comeback against Nat West or other suggestions on what I might be able to do to recover any funds?
Probably not as you voluntarily gave out the security details and agreed and carried out the instructions. Sorry.I am an Independent Financial Adviser (IFA). The comments I make are just my opinion and are for discussion purposes only. They are not financial advice and you should not treat them as such. If you feel an area discussed may be relevant to you, then please seek advice from an Independent Financial Adviser local to you.0 -
Natwest requires a card reader to be used to set up a new payee, doesn't it? So how was this step bypassed?
Edit: perhaps using the "Pay Someone New" feature in the app (https://supportcentre.natwest.com/Searchable/913207942/What-is-Pay-someone-new-in-the-mobile-app.htm), but this is limited to £500 per day
Edit2: Nevermind, here's the answer: "Using the card reader, I was persuaded to transfer the sum of £15,690 into the account which I was assured was my new ‘safe’ account. It was set up with my name and reference."0 -
Agreed, but worth adding that you should also always ensure the line has been cleared (i.e. the scammer is not still connected) and manually enter the number from a trusted source (like the back of your card) rather than using any 'contacts' or last-number redial.Deleted_User wrote: »You have no comeback against NatWest as you gave away your access to your accounts.
But hopefully the police will have some success.
In future, if a bank calls you and ask for details of anything, always call them back."In the future, everyone will be rich for 15 minutes"0 -
OP, please can you clarify what number you gave to the thieves. I have the Natwest app, and I can't see anything called a mobile app number. Do you mean the app passcode? The passcode by itself is obviously not enough info for using the app - unless the thieves used your mobile to log into the app and to move the money (but you said you moved the money yourself?)
I also think we have some other details missing. How did the scamsters have access to the wife's and the daughter's accounts? You may be shocked to hear this but it sounds suspiciously as if your wife and/or your daughter are actually in cahoots with the thieves.
It's excellent that you have reported the theft to the Police and that they might have a suspect. I hope you get your money back from the thieve(s) but I don't think you have a claim against Natwest as it appears you have willingly given out security information to access your account, and critically, you have transferred the £15,690 yourself.0 -
pritchardtuesnoad wrote: »Do I have any comeback against Nat West or other suggestions on what I might be able to do to recover any funds?
Have a look at:
https://www.thisismoney.co.uk/money/beatthescammers/article-5470187/New-rules-protect-victims-bank-fraud-following-crackdown.html
https://www.moneysavingexpert.com/news/2018/02/new-protection-for-victims-of-cash-transfer-scams/0 -
Also agree. Always put the phone down if in doubt and ring the number provided on any paperwork or the actual website. Also, importantly, ring the number from a different phone.Agreed, but worth adding that you should also always ensure the line has been cleared (i.e. the scammer is not still connected) and manually enter the number from a trusted source (like the back of your card) rather than using any 'contacts' or last-number redial.Personal Responsibility - Sad but True
Sometimes.... I am like a dog with a bone0 -
Still not agreed, let alone implemented, unfortunately. The last press report I read in October last year suggested the new rules would be brought in at some point this year, but would not affect those defrauded prior to them coming into effect.
Edit: "The new rules will come into force on 31 January 2019." https://www.financialreporter.co.uk/regulation/fca-issues-new-rules-for-banks-receiving-fraudulent-payments.html
"Victims of APP fraud can make a complaint to the PSP receiving their payment and if they’re not satisfied with the outcome, can refer their complaint to the Financial Ombudsman Service."
Shame this is too late for the OP.0 -
The week's Moneybox covers a story of someone else who was defrauded out of £33,000 from two different banks. The banks were able to recover some of the money. Both banks eventually decided to refund all the money and bear some of the loss as a gesture of good will (covered at the start of the programme).
https://www.bbc.co.uk/radio/play/m0001zw30
This discussion has been closed.
Categories
- All Categories
- 343.2K Banking & Borrowing
- 250.1K Reduce Debt & Boost Income
- 449.7K Spending & Discounts
- 235.3K Work, Benefits & Business
- 608.1K Mortgages, Homes & Bills
- 173.1K Life & Family
- 247.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards