We all think it wouldn't happen to us, but criminals are using increasingly sophisticated techniques to steal our cash. Here, we talk to one victim who was tricked into sending more than £10,000 to scammers who impersonated her bank.
Over the last few years, there has been greater publicity about scams and lots of advice on how to spot and avoid them, but fraudsters are becoming more sophisticated in their approach.
For example, these scammers may have confidential personal or financial information or spoof genuine numbers to convince people that they are a legitimate organisation.
To help raise awareness about how these crooks operate, we talked to a loveMONEY reader who was tricked out of over £10,000 through an elaborate scam.
‘There was a security breach’
In late October 2020, Mindy (her name has been changed to retain anonymity) received a call allegedly from Barclays.
The number matched the number on the back of her card. This is a technique known as number spoofing, which allows crooks to mimic seemingly legitimate numbers.
As Mindy was convinced it was Barclays, she talked to the scammer who informed her that there had been two unusual transactions and wanted to verify whether these were genuine.
“They said they thought there was a security breach,” commented Mindy.
Unfortunately, she was affected by fraudulent activity around the end of August 2020, which meant she had to get a new card from Barclays.
So, when Mindy received a call about unusual transactions, it was easy to believe this was genuinely happening.
“I was quite thrown off as this had legitimately happened to me already,” she said.
The scammer said they would make her a new account and move her funds using a switching service (Mindy cannot remember the exact name of the service the scammers said they would use).
According to Mindy, the fraudsters impersonated her bank to an unnerving degree – their holding music was even the same that Barclays used.
As she was unsure, she put the bank on hold to discuss what was happening with her family, who believed switching her funds to a new account made sense following the alleged fraudulent activity.
The fraudsters told her that her new account would be activated within 24 hours and her Direct Debits would also be transferred.
Usually, a red flag for this type of scam is that the account name doesn't match the person sending the money, but this wasn’t the case for Mindy.
Her full name – which is quite rare – was used for the new account to transfer money into, plus the authenticity of this account was verified by Confirmation of Payee.
Banks use Confirmation of Payee to check the name on an account before sending money, so the money goes to the right person, plus it’s also used to combat fraud.
If the payment details, including the name on the account match, you’ll see a green tick and you can send the money, which is what happened in Mindy’s situation.
In some cases, if the details don’t match, the bank won’t let you send money.
As requested, Mindy made five transactions over two days totalling over £10,000 but got suspicious when a new account didn’t appear in her Barclays app, so she called the bank, which told her the account didn’t exist.
Despite making unusual transactions as Mindy tends to pay using her credit card, Barclays never got in touch, and she reported the scam as soon as the bank confirmed the account wasn’t real.
Unfortunately, she was then targeted by more scammers – these attempts were reported and ignored by Mindy.
How did Barclays respond?
After Mindy reported the scam to Barclays, she got in touch with loveMONEY.
We contacted Barclays, explaining what had happened and flagging how elaborate the scam was, as well as what Mindy did to try and verify the legitimacy of the call.
Also, we mentioned that she rarely makes transfers as she tends to pay for stuff with a credit card.
Barclays investigated the case and decided to offer a full refund.
“We have every sympathy with our customer, who was the unfortunate victim of a very sophisticated and targeted [scam],” commented a spokesperson for Barclays.
“Having investigated the matter, we can confirm we have provided our customer with a refund, returning the customer’s account back to the position it should have been in before the event.
“We take the protection of customer funds and data extremely seriously.
“We’d urge customers to remain vigilant when sharing personal details or being asked to transfer money.
“Your bank will never ask for your sensitive account information or ask you to move money to a different account.”
Legitimate companies would never ask you to move money due to fraud or a refund you are due. Before taking any action complete extra checks and phone back on a genuine, trusted number. For more on staying safe and avoiding fraud, visit https://t.co/nylW2u41yd pic.twitter.com/sfNi9UfwAs— Barclays UK (@BarclaysUK) September 15, 2020
How to stay safe
Some fraudsters are using sophisticated methods to try and trick people into sending them money.
While it can be easy to detect email scams due to obvious spelling errors or suspicious links, numbers, and email addresses, it can be more difficult if you get called by scammers as they can be persuasive.
It’s also worth remembering that genuine firms won’t use apps like WhatsApp to contact you.
Unfortunately, due to widespread spoofing of genuine numbers, if you get an unexpected call from your bank, HMRC or any other firm, you should be wary, especially if fraudulent or criminal activity is mentioned.
Inform the company you’ll call them back after searching for the official number and hang up. Once the line has been officially disconnected for 10 minutes, look up the number and call them back.
You can also call the new emergency hotline 159, which may be able to connect you to your bank’s fraud prevention service (if they’ve signed up).
While this seems extreme, this could help you detect a scam by going to the legitimate firm and save you from potentially losing thousands of pounds as your bank may not reimburse you.
Be the first to comment
Do you want to comment on this article? You need to be signed in for this feature