/ Money

Been scammed? It’s all on you!

Bank fraud

Royal Bank of Scotland’s CEO has said that customers need to take more responsibility if they are conned by online scammers. We think there’s a lot more they should be doing to protect you from sophisticated scammers.

The Chief executive of Royal Bank of Scotland has reportedly warned victims of bank fraud not to automatically expect refunds.

Speaking to the Daily Mail, Ross McEwan has suggested it was not wholly the responsibility of banks if customers provide their account details to fraudsters.

He told the paper: “We are working very hard to help customers detect when there are difficulties, but I think this has to be in partnership with the customer and with the bank.”

Of course, there will be times when people could have taken reasonable steps to protect themselves, or have acted with gross negligence, and need to accept responsibility for that. There is a role here for educating people to protect themselves from some of the risks, but it can’t be a blanket approach or the only measure to address the problem.

We wrote to the banks earlier this year to ask them what progress they’d made. The overwhelming response from industry was that focus remains on educating consumers to better protect themselves.

The industry is being required to do more, and banks are looking at best practice for responding to victims and how to better share information. In the meantime, we’re still hearing from people who’ve lost huge sums money to scams that have been incredibly difficult to spot.

Agnes said:
‘I fell victim to a telephone banking scam in which I transferred £20,000, unknowingly to a fraudsters’ account. Within 20 mins of realising what I had done I alerted RBS, who assured me an immediate stop would be put on the transfer. I later learned when speaking to my bank manager that no such stop had been put on the transfer and indeed nothing had been done until some six days later, by which time any hope of retrieving our money had long since gone.’

Scam paranoia

Probably the most stressful experience of my life, so far, was the day I finally transferred my deposit to my solicitor in order to buy my first home. I’d always known I wanted the security of my own house (OK, flat – it is London after all) so had saved hard for years, often living in rubbish places to keep the rent down so I could build up a deposit. I’d just managed to get enough to be able to afford a small flat outside London weeks before prices shifted up again, putting everything out of reach.

At the time I was paranoid I was going to send it to the wrong account, but it never crossed my mind that someone could have hacked into my solicitor’s emails and sent me the account details of a fraudulent account instead.

Thankfully that hadn’t happened and nearly two years on I’m happy in my little flat, despite a DIY to-do list as long as my arm. But for many people that dream of a new home turns into a nightmare when they realise the account they’ve just transferred their life savings to doesn’t belong to their solicitor, but to a fraudster – and they have no legal right to get their money back from the bank.

Impersonating a solicitor to con you out of a house deposit isn’t the only scam that tricks people into transferring money to a fraudster. That’s why, last year, we issued launched our scams campaign and issued a super-complaint to the Payments Systems Regulator (PSR), who agreed there was a lot more banks should be doing to protect their customers.

Do you feel educated enough so as to not fall victim to a scam?

No (64%, 4,148 Votes)

Yes (36%, 2,351 Votes)

Total Voters: 6,499

Loading ... Loading ...

This is not just about refunding consumers when things go wrong. There are things banks can be doing to prevent the customer losing money in the first place, such as bringing forward the introduction of ‘Confirmation of Payee’ that checks the name of the account holder where you were sending money to ensure it matched.

PSR report

The PSR is due to report back in the coming months on what progress banks have been making to better protect people since the start of the year. As our CEO Peter Vicary-Smith said earlier this summer, this is an opportunity for banks to step up and address this problem themselves. This doesn’t have to be a chore for industry, banks could even see it as an opportunity to compete to be the best on handling this issue for its customers.

But if they fail to take this issue seriously they are leaving the regulator with little option but to intervene. We would expect the regulator to take strong action to protect consumers from this continued risk.

Do you think it’s right that banks are putting all the responsibility on you to spot when you are being scammed?

Mr Inman says:
11 August 2017

I’ll have to admit to feeling a bit misled by the email I got from Which? about this. The impression I had was that this was referring to investment by the banks: banks (especially RBS) are guilty of some thoroughly reckless decisions on this, so I voted that money invested by the banks should be entirely the responsibility of the banks.

What I didn’t realise was this was to do with security of customers’ personal accounts. If the entire responsibility for the security of these lies with the banks, then it becomes more likely legitimate account holders would be prevented from accessing their accounts through prohibitive security measures. Protecting customers from scams requires a bit of work from both banks and themselves, I think.

Wait until Open Data regulation take effect – then we’ll all be in trouble!

I am 72 years old. As time goes on the odds are that I shall become more susceptible to scams not less. For this reason I have resisted the many attempts by my bank. ironically NatWest, to encourage me to use its on-line system to make payments. Instead I have made payments in batches by going in person to my local branch. They have now closed this local branch (in a town, not a village, and one which even houses the local authority for the County!). So far it is the only one of the major banks to do so but, given the continuing mindset of our banks, (RBS historically, in my opinion, having been the worst), to focus on money for its shareholders and directors ahead of service for its customers, and to follow each other like sheep, I fully expect others to follow and for RBS to praise itself for being the first, rather than apologise. I believe that the banks have a duty to protect the money we deposit with them and to take responsibility for any defect in their systems which fails to give, and to continue to give, this protection.

This comment was removed at the request of the user

Correct me if I am wrong is it not the royal bank of scotland who lost so much money and had to be bailed out by our government. They are a disgrace and both them and Nat West should be made more responsible and take control instead of passing the buck to their customers who do their best not to be scammed. It is also laughable that this bank who still owes the taxpayer for the bail out and are still working at a loss talk about the oot calling the kettle black.

If I take responsibility for looking after someone’s precious children or goods I automatically become it’s guardian,
That means I take full responsibility,
And that means not just the good bits of the responsibility,
They have our money and they make a lot of money by using our money for there gain,
If they want the good bits of money holding then they must take the bad bits as well

But, John, supposing the parents of the children in your care ask you to take them to a party, give you the wrong address, and that is inhabited by not nice people that you do not realise at the time. Who is responsible – you? Or the parents?i

june says:
12 August 2017

Having been the victim of scammed. I can assure you that these people are extremely clever and convincing. I am by no means stupid but I fell victim to these terrible people who preyed on my good nature and my honesty. They manipulated and abused me emotionally to the extent that I feel unsafe everywhere.

Helen says:
12 August 2017

With any payment I set up on internet banking I send a small payment of say £1.00, check that it has arrived successfully, perhaps make a phone call to the person involved. Only when I know the small payment has arrived successfully would I send the larger payment. I’ve worked in the banking industry for over 20 years and have seen first hand how payments can end up in the wrong account by accident let alone when sophisticated scammers get in on the act. It is frightening how fraudsters can get hold of enough information to successfully get through the security questioning and try to pass themselves off as a genuine customer.

Some of us have done the same but I wonder why this advice is not provided by every bank.

And have Which? provided this advice? Anyone provide a link please?

Hi Helen – You mention that fraudsters can easily get hold of enough information to get through security checks, but do you know if standards differ significantly between banks. Obviously I’m not looking for names.

Having used various online accounts with banks and building societies, the security of the login procedure seems better for some than others.

Some years ago when opening a new account (probably a building society), I had to take a photo of myself and several items of proof of where I lived to the local post office who then endorsed it.

It seemed over the top at the time but I haven’t been asked to do this since. Anyone else come across this?

Arthur D Hyde says:
13 August 2017

It is very easy to fall for any Scam. The Scammers are very well trained! I have told hundreds of students how to look out but I was still ‘taken in’ by a MS Phone Scam for 15 minutes. Never believe it won’t happen to you.
With Banking, the Banks make the rules and encourage us to do these unsafe operations.. They should then take full responsibility. They have the choice to change the system but, at the moment they make more profit by letting the customer pay. ADH

When someone is scammed by a bank transfer the Scammer has opened an account to take the deposits
The Bank receiving the payments should be responsible for ensuring that their client is Bona Fide and not a scammer
I would say when scams do occur they should have to refund all the money unless they can show its not due to their inability to correctly vet the applications
Also when a bank transfer takes place the sending bank should be responsible for recovering that money from the bank who took the transfer

We bought a car and the dealer asked for a bank transfer which I was very unhappy about because if the sales guy made a one digit mistake or I did then the 10K could disappear into the ether while all the parties washed their hands of the problem
It went through OK thankfully but there needs to be some really robust set of checks and balances not just lets punch in the number and press send
How can that make sense?

No technology is 100% secure When a new way is found to improve security some one starts to discover a way to beat it Not just rogues it is a challenge to some Make use of it but do not trust it at all many things can go wrong Somebody once said—-IF anything can go wrong it will —-sooner or later

I certainly feel the elderly and vulnerable should be particularly protected, as many are not completely computer savvy and too trusting. These accounts should be flagged up, and no unusual or large transactions on accounts should be completed until they have been fully investigated by the bank.

George says:
14 August 2017

Who needs banks? Bitcoin all the way. Resaearch it!

Mark Gentry says:
16 August 2017

From a layman’s point of view I find this type of rebuke from the Royal Bank Of Scotland hard to take, given the way it has been reported by the media over the last eight yearsI mean The continual crisis it seems to have in over the past years when led by others in charge of the Bank at the time. Perhaps if it came from a bank that had been led by good stewards in the past ( Leaving a company or organisation in better standing and condition than when they took there directorships or chairman ships.) I would accept it, as we all are responsible for, in part, for our security.
In any company dealings there should integrity (honesty uprightness.) Are you old enough to remember when banks and managers were considered pillars of society? Gods word to us the Bible was the basis of our society in years gone by, Was there more integrity in business then? Perhaps we should dust the old book down and as a society have a read. The chances are there’s one laying around in our homes, normally an older relatives ?

I lived in Spain for 30 years and for the last 10 years the major banks operate the following system :-
Every time you make a transfer, use an ATM machine, pay at a petrol station or make any purchase using your credit card, you receive a text message to your mobile within 25 to 30 seconds, therefore alerting you straight away that your card has been used.
The text states which company took the money and the time and date of the transaction.
If you receive a text and you know you did not make the transfer or use your credit card you can call your bank immediately to inform them and cancel.
This saves the banks millions paying out to customers and allows you to contact the bank straight away if your card has been used without your knowledge.

Seems sensible. The Credit Agricole in France confirm card payments and DDs over the internet though possibly this could be by SMS instead.

The cartel of the UK banks has for years being arranging matters to their own benefit.

One votes a particular way and Which? has the audacity to inform me about someone who HAS been scammed.
What percentage of fraud carried out is the bank’s fault? More public information films need to be aired to inform people that Microsoft don’t call people about virus’, banks don’t ask for passwords, etc.

This comment was removed at the request of the user

I recognise that from the BBC news: http://www.bbc.co.uk/news/technology-41095606

Not doubt other sites will give more detail.

This comment was removed at the request of the user

Many will rightly be wary of messages about security issues that invite them to access unfamiliar websites, but might trust an organisation such as the BBC. The BBC page gives the same link. I appreciate your efforts to keep us informed about security matters because I suspect that many don’t believe that they could possibly be affected.

This comment was removed at the request of the user

Fair enough, but I expect that people will trust the BBC more than anything that you or I or any unknown person might post on a website.

Websites generally mention they use cookies but what I would like to see on every website is an honest and up to date explanation of what information is used for.

Which? has a host of trackers but does explain why. But I agree; the BBC is inherently far more trustworthy than many other sites. What is interesting about the linked site is that you have to type in your email to see if it’s been ‘pwned’, which is exactly what scam sites ask you to do. And, in the past, sites like that have been ether hacked or taken over or – in some cases – are already being run by scammers.

So I treat with incredible scepticism being asked to enter my email address in a site of which I’m not extremely sure.

Stop one or more scams ok but there will other scams waiting in the wings just to take their place Can anyone win but the scammers ??

This comment was removed at the request of the user

Duncan, I think the best way to avoid those back doors is simply to use old PCs with pre-2006 designs. I have no shortage of those here, but do also use a couple of newer i5’s now and again.

This comment was removed at the request of the user

At least these old PCs are nice and cheap. I even managed to acquire a 2008 MacBook for £100 a couple of weeks ago. It has a nice fast 2.4GHz Core2 Duo CPU. Whilst its version of OS X is no longer supported with security patches by Apple, “upgrading” these machines to run a modern, supported version of Linux is a simple matter.

This is a good step. I have had no problems with Bank so far. Unfortunately I was a victim of a online scam, through Facebook, most of my hard earning savings were lost. All gone by Western union and money gram. Though the matter was reported, nothing was done. I am still suffering.
I wish there is more help from Western union and money gram for public once scam is reported.