/ Money

What will it take for a change in scams legislation?

Online bank fraud

Online banking scams are becoming increasingly sophisticated. No more so than the one that targeted our guest writer. Jane Caldwell, who has appeared on Rip-Off Britain this week, describes how fraudsters scammed her out of £100,000.

On Saturday 28 January at 4pm I was phoned by what I thought was NatWest’s fraud department asking if I’d made two transactions, for several thousand pounds. I hadn’t, so the person at the other end of the phone informed me my online accounts had been compromised. I was told a stop had been put on the accounts but I needed to take action. Querying this I was told the transactions had been carried out from a different IP address to the one I usually use.

The caller asked me to look on my phone for the customer number for the NatWest. I was told they would phone me on my mobile from that number so I would know they were bonafide.

False sense of security

They called me and the customer service number appeared so I felt I was speaking with the fraud team. I hadn’t given them my number either so I assumed they used bank’s records to contact me. Logging into my bank account the scammer began querying several transactions I’d carried out the day before, asking if these were part of the scam. So far everything led me to believe I was speaking to the fraud team of NatWest.

They instructed me to open a new payee account, in my name, using my card reader and to transfer money into this. When I questioned this I was assured that as it was in my name the monies weren’t going anywhere but were clearing the virus on my account.

Unsure, I used my son’s mobile phone to call the NatWest customer service number myself to check I was speaking to the fraud team. At this point the person on the other end of the phone asked why I was doing this. Later I would find out that my webcam had been hacked letting the person I was speaking to see everything I was doing.

£100,000 out of pocket

I also moved £85,000 from our Nationwide accounts to clear viruses, again all set up in our names.

By the end of the call, thinking I had checked on numerous occasions the validity of the call, I thought I’d prevented a scam only to realise the opposite on Sunday morning.

Our accounts had been cleared of all our money, savings, pension lump sum, my late father’s inheritance, to the sum of £100,000.

We have since discovered that malware was probably downloaded onto my laptop enabling the scammers to see what was on the computer as I typed and to watch me on the camera as I made calls to customer service.

Nationwide have retrieved £25,000 but all other accounts were cleared within minutes of me making the payments.

Current legislation states banks are not responsible for these push payments, but if this had happened in America we would have got all our money back. Isn’t it time for a change in legislation?

This is a guest post by Jane Caldwell. All views expressed here are her own and not necessarily those also shared by Which?

Watch Jane’s story as she told it on the BBC’s Rip-Off Britain.

Comments
Member

Thanks for being brave enough to explain how you were victim of a scam, Jane. It might help protect others. The banks have encouraged us to use online banking and other services, and we regularly here about successful scams.

My approach is to avoid doing anything of a financial nature over the phone unless I have made the call. I’m beginning to wonder if that is enough.

Member
Jane Caldwell says:
3 October 2017

The problem is that local bank branches are closing all the time, especially in the rural area I live in, so online and phone banking are increasingly becoming the only way to bank.

Member

I agree, Jane. I am keen that the banks work together, as they do in providing ATMs, and have shared branches in rural areas.

Member
bishbut says:
4 October 2017

I will not use a phone for anything except social calls I only ring companies etc. when the number is Freephone or when my calls are free from my provider I never give a decision over the phone Complaints are quickly dealt with by personal face to face contact virtually impossible now The phone is my servant I am not it’s slave as many are

Member

The Post Office provide basic banking facilities for a range of banks’ customers.

Member

Quite so malcolm but your timing of that post is immaculate. Last week I got upset at HMG government sending me a letter which “purported ” to say – get your pension transferred into a bank account, no ifs,buts, etc. . As my bank closes on October 12 th in my rural area and its a 12 mile country road journey , which in the Winter is snow covered and not always snow ploughed ,to the nearest branch I was very upset.. -quote- we are advising you to open a bank account and arrange to pay your OAP into it.-PLease call us with your account details or fill in the form and send it to us. If you dont have an account or bank use a Credit Union – yes RIGHT a 1340 population has a Credit Union – sure it has !! .NO options were provided. iT now costs to phone HMG although they state-we atre a “servant of the people ” – Bull ! luckily its a number thats included in my paid for call bundle ( but NOT -0843 ) . After going through tell us what you are calling for -etc- then options -1- 5 –then options 1-3 -then 10 minute wait – I GOT through –and spoke my mind -nicely – the female who took my call ADMITTED it has upset-shocked and made nervous many OAP,s she said it was quote “badly worded ” . NOw if ever there was a sly,devious effort to force OAP,s to bank their pensions this letter is it . I have the letter in my hand and can post it verbatim if you want ?–DISGRACEFUL !! at their time in life the last thing OAP,s need is 1930,s GErmany style official letters from a government . For those that can read German –have you read the letters issued to German citizens in the 30,s ? I know that the Tories+ Liberal’s reached an agreement with the Post Office Contract to allow the contract to be extended to 2020 at least. I have read it original document and the extension given after the first part expired.. IS this how HMG treats its citizens ??

Member

Jane as you were not asked to download anything to access your computer but directed to access your account it looks like you were directed to a scam website . This could only happen if your browser had malware implanted in it or that a virus was already installed on it due to previous web surfing. I hope you either got a very good tech. virus remover or RE- installed your whole system and that includes losing your back-up as that will be infected too. To cut down this sort of thing requires various web blockers including – jscript protection/ malware server protection/ HTTPS only / scam website recognition apps etc OR a dear comprehensive malware protection program that covers BOTH your computer + Internet. Do not buy cheap , Kaspersky is good but there are others . I am sorry at your loss. For Jane and the British public here, in simple terms is how to avoid it : http://www.guard-privacy-and-online-security.com/phishing-and-how-to-block-it.html

Member
TrevorD says:
7 October 2017

I note that the website “guard-privacy-and-online-security” to which you have linked seems to be completely anonymous – no physical location, address, nor even country, appears to be given anywhere on the site. (I have not looked over the whole site: just the normal obvious places + a web search.) From the website address (*.com) it’s quite likely to be a US site. Based on the ‘Copyright’ Notice (dated 2013), it appears not to have been updated for several years.

I’ve not saying that any of the info is incorrect or inappropriate, etc., as I haven’t studied it. But – in those circumstances – it certainly would not be my first port of call.

Scams, etc. have become more sophisticated in the last 4 years, and banking practices in the US are different from those in the UK. No doubt parts of the advice (probably many parts of the advice) will still be applicable – but other parts may not. So I would treat it with care and caution. Also, could that site itself be used as a ‘phishing’ or similar site, especially as its provenance seems to be hidden? I’m being super-cautious here, as we all need to be in these circumstances.

It would be helpful if Which? itself were able either to produce an advice site of their own on on-line security avoiding scams, or to recommend a suitable UK site that covers these issues in more detail.