Warning: fake supermarket Facebook posts shared thousands of times

Malcolm r, providing a name, sort code and account number can absolutely lead to fraud. It has been discussed in other forums how scammers can set up Direct Debits to fraudulently obtain funds from Bank accounts.

A scammers is unlikely to gain approval directly with a Bank to become part of the Direct Debit scheme, but they can process Direct Debits through Merchants/Payment Processors. Under normal circumstances, reputable organisations setting up Direct Debits via a Merchant/Payment Processor would follow the Direct Debit Scheme rules, such as informing a consumer in writing and in advance before any funds are debited, but of course scammers will not do this and therefore consumers are unaware funds will be debited from their account. Typically, scammers will set up a Direct Debit for small monthly amounts in the hope these go unnoticed.

Consumers should therefore avoid disclosing ANY financial details whatsoever.

Thanks Wingman. The point I was making was that simple bank details are available from cheques.
I check my bank statement every month and reconcile it with payments I record, so would immediately spot an unexpected payment. I would be happy in the knowledge that my bank will refund any fraudulent payments taken from my account if all I have done is given away name, sort code and account number. I would not, on principle, normally disclose those to an unknown person and certainly not any other personal information.

As you indicated, account details are available on cheques, but as so few cheques are used these days, the risk of a cheque falling into the hands of an unscrupulous individual is relatively low.

The Direct Debit scheme rules are quite rigid and Banks have a responsibility to refund consumers once it has been identified the Direct Debit was set up fraudulently, so in general consumers have a high level of protection.

Malcolm wrote: “As far as I know, simply giving someone my name, bank sort code and account number should not lead directly to fraudulent use of my account.”

I believed that until Roger Pittock provided an example of account details being used to set up a direct debit: https://conversation.which.co.uk/scams/financial-ombudsman-service-psr-code/#comment-1640250

Yes, he did. But my point was that the information is, and has always (as far as I know) been on cheques, and while they are much less used now the principle is that this is not personal information we are told not to disclose. I was asking just what personal information these fraudsters request that we should not disclose that would lead to fraud and George has clarified that.

I have exchanged account name/account number/sort code with people to receive payments and have never had a problem but I hope that it would no longer be possible for someone to set up direct debit payments using this information.

I would like to see an investigation of whether the CVV printed on the back of debit and credit cards is supporting crime. The CVV is, like a PIN, supposed to be confidential information, so why print it on cards? It would be easy to place an online order and ask for it to be delivered to an alternative address. When I receive a new card I erase the number after making a note of it in case someone saw it when I was using the card. The banks have improved security in recent years but perhaps there is more that can be done.

I have never understood what contribution the CVV number makes to personal security.

It was introduced to ensure that when something was being purchased by telephone the person would actually have to have the credit card in their hand in order to read out the CVV. It then, intentionally or otherwise I don’t know, became a requirement for every purchase whether by mail order, telephone, or on-line and our CVV’s have joined all the other details that are no doubt in the scammers’ databases.

In the early days of credit cards it was not possible to order anything for delivery anywhere other than to the cardholder’s registered address. That soon went for an early bath as it stopped people sending flowers to their mother.

You are right about the former restriction on delivery to the cardholder’s address, John. To be able to arrange delivery to our post room at work I had to register a credit card under my work address. That remained in place for years until I retired.

PIN and CVV are both regarded as confidential information. It would be foolish to write your PIN on a card yet most cards have the CVV printed on them.

Someone might steal your credit and debit card details online but will not see your CVV unless they are in possession of your card. Therefore they will not be able to complete any transactions. That is their purpose, it seems.

We enter our PIN when completing a physical transaction, such as an in-store purchase or at an ATM. Why are we not simply asked for our PIN in online transactions? If they are secure enough to encrypt the card data they should protect the PIN.

The issues with credit cards are that the banks want us to use them with as little hassle as possible, yet the criminal fraternity are always attempting to make that ease of use a vulnerability.

Most banks are now starting to adapt their systems, thankfully, to allow those with no mobile signals to verify their card at home. It does mean a little build up of card machines in our homes, but does at least make it possible to order online with a CC with the minimum of fuss.

If a card is lost or stolen the company will usually reimburse the card holder for most or all losses and such payments have amounted to over £100 million per annum in the UK: https://www.statista.com/statistics/286259/united-kingdom-uk-lost-or-stolen-fraud-losses-on-plastic-cards/

I wonder how much this could be reduced by simple measures such as not printing CVVs on cards.

What percentage of credit card fraud is performed by criminals working inside the banking system? I know the SAGE security banks use has already been hacked from inside their own system.

When these people lose money by following up these “too good to be true” offers, are the banks required to use our money to refund them?

I have been looking for something that will retail for around £200 and will likely be bought online from a company I have never heard of.

Part of my search has been by image and quite a few too-good-to-be-true sites have turned up in my searches with 70% discounts. These sites are becoming a real problem.

The other thing, is the same product turning up on different sites that look the same but have different names. For these businesses, the parent company is often named, but you do have to be on the ball.