/ Money

Scam watch: fraudsters pose as police and bank staff

If you were called by the police and told that your current account had been targeted by fraudsters you would naturally take it seriously. But when this happened to a reader it proved to be a scam.

A reader who wished to remain anonymous told us: I got a phone call from a man purporting to be from the police at Paddington Green Station in London to warn me my current account was one of many being targeted by fraudsters.

The man advised me to phone my bank immediately.

They said I should put the money in a ‘holding account’

In great alarm, I put the phone down and dialled the bank’s number to speak to a member of its fraud team. They advised me to transfer funds into a ‘holding account’ as a means of catching the fraudster red-handed. I went to the branch that morning and transferred £4,450.

I later realised I’d been had. The trick is supposedly that when I agreed to phone the bank, the fraudster posing as a policeman stayed on the line until I had dialled, thus blocking my call.

Then, a colleague of his spoke as if he was from the bank. The sequence of events convinced me that the whole thing was legitimate.

This is a sophisticated scam

We say: This is certainly a sophisticated scam. It’s easy to let down your guard when you’ve made an outbound call yourself.

A similar variant of this operation involves scammers sending a courier to collect credit cards which have supposedly been compromised.

Banks will never use ‘holding accounts’ or credit card couriers as a means of catching fraudsters. You were right to alert your bank’s real fraud department, albeit after you transferred the funds.

Unfortunately there’s no guarantee that it will be able to get your money back.

What your bank will never ask

The banks last year launched a campaign and leaflet called ‘Know Fraud, No Fraud’. The leaflet set out eight things a bank would never say or do that are typical of the methods used by scammers. Your bank would never:

  • Ask for your full PIN number or any online banking passwords over the phone or via email.
  • Send someone to your home to collect cash, bank cards or anything else.
  • Ask you to email or text personal or banking information.
  • Send an email with a link to a page which asks you to enter your online banking log-in details.
  • Ask you to authorise the transfer of funds to a new account or hand over cash.
  • Call to advise you to buy diamonds, land or other commodities.
  • Ask you to carry out a test transaction online.
  • Provide banking services through any mobile apps other than the bank’s official apps.

And there are other steps you can take to protect your bank account against fraud.

Have you been targeted by a scam such as this or a similar one? Do you have any tips on how to spot a possible bank scam?

Comments
Profile photo of Beryl
Member

I have recently heard that it is possible for someone to fix a computer fault by remote control and an elderly friend has just had this done. Alarm bells started ringing straight away when she said the service had been recommended and was free. I alerted her to the danger of allowing a complete stranger to gain access to her computer. She doesn’t bank online thankfully but I warned her that her `fixer` probably makes his money by selling on her personal details and that she could now be bombarded with unsolicited telephone calls and junk mail.

I am not sure about the legitimacy of this practice and would be grateful to receive some information as to how this is done and the extent to which personal information can be procured when allowing access by remote control.

Member
wev says:
16 June 2015

Beryl, how much do you know about antivirus software? Are you able to run a rootkit scanner on your friend’s computer?

How much info can they get? If they installed a keylogger, they could get card info, address, everything if your friend shops online.

Profile photo of Beryl
Member

Thanks Wev. I am sure my friend is completely in the dark about anti virus software
and that she is probably more vulnerable than I am. She was very reluctant to go into too much detail except to say the problem with her computer had been fixed and as far as she was concerned that was the end of the matter!

It is very worrying nevertheless and an example of how the vulnerable can be exploited.

Profile photo of alfa
Member

Hi Beryl, I think you should tell your friend to keep a very close eye on her credit cards and bank account.

As well as a keylogger, it is possible that her “fixer” installed some software that might not kick in for some time. My father had screens pop up demanding money to clear them. As he ignored the pop-ups, the money went up and the screens got more frequent. Luckily, I was able to fix his computer remotely and the demands stopped.

Wev’s suggestion of a rootkit scan is good but she might find it easier to understand if she just runs a full computer scan from her internet security or anti-virus software.

Profile photo of Beryl
Member

Thanks alfa. This is very enlightening stuff especially as it may be sometime before anything kicks in. I will pass on your good advice asap. I hope your father was not too upset by his experience.

Member
wev says:
16 June 2015

Unfortunately full antivirus scans aren’t as good at finding rootkits as proper rootkit finding software. If your friend or you have the time, you should install and run both types.

See if she starts receiving scam mail as well, like what happened at thinkjessica.com. If she does, just bin them or forward them to Trading Standards.

Member
James says:
16 June 2015

Hi Beryl. i can provide to you a rootkit and antivirus program. they wont cost your friend anything and could help prevent issues if her computer has been compromised.

Rootkit:
https://www.malwarebytes.org/antirootkit/

Antivirus:
http://www.avg.com/gb-en/homepage

Her computer may be fine but for example if infected with a RAT (remote access tool) it can be used to control her computer and if she has a webcam it can be used to secretly spy on her.

ask her to run the software. if nothing is found, that’s great. if trojans/viruses/keyloggers/RATs are found, the programs will remove them. i would then recommend that she change passwords to any online account she has.

hope all works out well!

Profile photo of JohnHM
Member

I have just looked at a message that arrived on my mobile on 22 October, which reads as follows: – Your recent accident has been signed of and funds allocated. Fill out http;//accidentinjury-so/?n=1943556287 for us to put 3766.88 in your bank now,
This is an obvious fraud attempt as there was no accident or claim by me. The phone number that showed the call to be from was +44 7518047616. Not sure who to pass this info to, maybe you have an idea.