Since the start of September, Action Fraud UK have received over 200 reports from victims claiming to have received a call from a fraudster saying that someone has used their personal details to set up an Amazon Prime account.
The call is automated at first and the message instructs the victim to press 1 in order for them to stop the account from being set up and them being charged. When they do this, they are then directly connected to the real scammer who pretends to be a customer services agent from Amazon.
The fraudster tells the victim that a fraudulent account has been set up using their details and in order to fix the problem and prevent this from happening again, they need remote-access to their computer. They will ask them to download an app called Team Viewer, which allows the fraudster to see the screen of the victim’s computer from their own computer screen, wherever they are.
They ask the victim to log-in to their online banking account so they can see where the problem occurred, but in actual fact, this just allows the criminal to see all of the victim’s personal and bank details, as well as the log in details.
Fraudulent text messages that appear to have come from the mobile network, EE, have been spotted recently.
The messages have been coming from a UK-based mobile number and claim that EE were unable to process the customer’s latest bill. In order to update billing information and to avoid being charged fees, the customer is urged to follow a link.
The link is likely to take you to a fraudulent website which has been designed to capture any personal or banking data you enter.
I spoke with a customer service agent at EE and they said that if they weren’t able to process a customer’s bill, they do send a text message to make the customer aware, but this text will never contain any links and they won’t ask you to update any billing or bank information via this method.
EE say that if you receive one of these messages, you should forward it to 7726 to report it. Do not click on any links within the message and delete it straight afterwards.
Using a strong, unique password for every one of your online accounts is a well-established rule of how to keep you and your data safe online. However, having strong passwords doesn’t keep you safe from data breaches or when you have entered the password into a fake website which you thought was genuine.
Action Fraud has reiterated the importance of enabling two factor authentication (sometimes written as 2FA). 2FA is a way of strengthening the log-in process to get into your online accounts – so if it’s something that matters, you should be enabling this.
When you log into an account which has 2FA, you will get an alert sent to your phone which will include a one-time passcode (OTP) which you will need to enter to authorise the log-in.
So, if your password is stolen by a criminal, they won’t be able to log-in without having your phone too. And if your phone is stolen, they still don’t have your password.
You should enable 2FA on your email account especially, and any other accounts which hold any kind of personal or financial details.
The US-based company, Concentrix, that runs the call centre for Action Fraud (the UK’s national fraud reporting centre) is currently under investigation for the way they treat scam victims who call their helpline. More than half a million people call Action Fraud every year to report scams which have happened.
Despite the US firm’s reputation for aggressive practices, City of London Police hired them to run Action Fraud’s helpline in 2015. Concentrix was also recruited by HM Revenue and Customs in 2014 but they later cancelled the contract in 2016 due to the number of complaints they received about their customer service.
Concentrix staff have been accused of mocking scam victims, misleading them and making them believe they are talking to a police officer, and having a ‘guilty until proven innocent’ approach to claimants.
The job of the call handlers is to assess whether to file cases as ‘information reports’ or ‘crime reports’, the former being unlikely to be investigated at all. Cases are only classed as ‘crime reports’ if the victim has had money stolen and their bank refuses to compensate them. In 2018, Action Fraud filed 270,000 crime reports and only 10,000 of these led to the criminals being caught.
In the wake of these allegations, four of Concentrix’s employees have been suspended and a spokesperson for City of London Police has said that they are now reviewing their contract with the US firm.
Authorised Push Payment (APP) scams cost victims £354.3m last year but only £83m was refunded to customers, according to UK Finance. APP scams occur when a fraudster tricks you into authorising a payment into their account by convincing you they are someone else – usually a company you’ve done business with, a friend or even a solicitor.
Unlike other types of financial fraud, victims of these scams have not been entitled to any form of reimbursement due to the loss not being a fault of the bank once you have authorised the payment– unless there has been a clear fault in the way the bank has handled the transaction. But now, as of 28th May 2019, a new voluntary code has been put into place which eight major banks have committed to implementing immediately – Barclays, HSBC, Lloyds, Metro Bank, Nationwide, RBS, Santander and Starling Bank. Under this code, innocent victims of APP scams should be reimbursed by their bank provided they have not been negligent in any way.
The reimbursement money will come from a ‘central pot’ which has been created by these financial providers to then be withdrawn from to refund victims where neither the bank or the customer are to blame. A long-term funding solution should be agreed by the beginning of 2020.
A decision as to whether a victim should be refunded will take up to three weeks, or up to seven if it is a complicated case. If a case is disputed and ends up going to the Financial Ombudsman Service, the process could take a lot longer.
Banking giant, TSB, has become the first of major banks in the UK to pledge to refund victims for all types of fraud – including authorised push payment (APP) scams which are notorious for victims not being compensated by banks.
Currently, banks are only required to refund scam victims if money was taken without the customer’s authorisation. If the customer authorised the payment, then banks are not required to compensate them due to it being a fault of the customer. According to UK Finance, throughout 2018, £1.2 billion was lost through bank fraud - £354 million of which was stolen through APP scams. Only £83 million was refunded to customers by financial providers. In April 2018, TSB had an IT meltdown which left millions of customers unable to access their money or log-in to their online banking accounts. The announcement of the new ‘refund guarantee’ forms part of TSB’s mission to rebuild their image, with Chief Executive, Richard Meddings, saying this is about “giving peace of mind to our customers and doing the right thing.”
This new guarantee will refund victims for all types of fraud, effective from Sunday 14th April 2019 – even if the payment was authorised by the customer. The amount possible for compensation will be capped at £1,000,000. Customers will need to report fraudulent activity to the bank, which will then be investigated to find out what happened and how. They will also use this information to inform customers how they can protect themselves from similar scams int the future.
TSB has stated that customers who decide to abuse the system by committing fraud against themselves to gain compensation, or repeatedly ignore safety advice will not be reimbursed under the refund guarantee. Fraudulent activity that occurred before Sunday 14th April 2019 will also not be refunded under the new guarantee.
This is a major step forward for the banking industry and fraud protection in the UK- many customers have lost life changing amounts of money through APP scams and finally victims won’t have to fight to get their money back. It is very important now for all other major UK banks to follow in TSB’s footsteps in order to protect their own customers.
This scam has been making an appearance on and off over the past few years. However, there have been more cases reported this month so we thought it was a good time for a reminder of what the scam is and how to protect yourself from it.
Fraudsters cold call their victims on their landline claiming to be from the phone and broadband company, BT. They will say that you last bill wasn’t paid and they require payment of this immediately as your account has gone into arrears. They demand that this payment is made over the phone using a debit or credit card, otherwise your phone line will be disconnected. The scammer doesn’t seem phased if you say you are not a customer of BT, they simply make up an excuse as to why some of your phoneline payments go to BT as well.
If you challenge the scammer, they will ‘prove’ that they work for BT by ‘disconnecting the phone line for a few minutes’. What they actually do is press the mute button and stay on the line which, to the victim, looks like the call has ended and it prevents them from making any other calls, making it look like the phone line is dead. The scammer can hear your attempts to make other calls, and once they hear you give up, they ring back immediately to demand payment.
BT has stated that occasionally they need to call customers in relation to debt, however, they will never ‘disconnect the phone line’ in the middle of the call.
Scammers have been performing this trick for years, but we have received many of these phishing emails recently so we thought it would be a good time to bring it back to your attention.
Fraudsters look on company websites for a name of someone working in the finance or accounts department. They will take their name and send an email to someone else from the same team, usually someone in the HR department, or something similar.
They will send this person an email, being able to address them by name to make it personal, and claim that their bank details have changed and they need to be updated on the system, effective immediately for the next ‘payment’ (this is where fraudsters guess who payments may get made to).
If you change the bank details to the ones given by the fraudster, the next payment will be made directly into the fraudster’s bank account which may be very difficult to get back due to the payment being authorised.
Spot the Signs:
Over the past couple of months there have been several reports made regarding scammers posing as landlords of properties available online.
These scammers have been contacting potential renters and asking them to pay the deposit, and even the first months’ rent in some cases, prior to viewing the property. In order to sound legitimate, they claim that the money will be kept safe under the Tenancy Deposit Scheme.
After the victim has paid the money, the fraudster will send an email, claiming to be from the scheme, confirming they have received the deposit and the money will be protected under government legislation.
Similarly, there have also been reports of a fake DepositGuard website (Deposit Guard is the service offered by the Residential Landlords Association for deposit protection with the Tenancy Deposit Scheme). Tenants searching for properties online have been contacted by this fake website, asking for a bank transfer to be made in order to secure the property before viewing it.
Over the past few months, several reports have been made regarding fraudulent investment schemes being advertised on the social media platform, Instagram.
Scammers are posting adverts of ‘get rich quick’ schemes which promise a high return on your investment within 24 hours. Victims are asked for an initial investment of around £600, paid via a bank transfer into the scammer’s account.
Once the bank transfer has gone through, the scammer sends fake screenshots of thousands of pounds being credited into their investment account, which they claim can be released back to them at anytime in return for a fee. When the victim requests for their money to be released, the fraudster ceases all contact and closes the Instagram account so they can’t be contacted again.
How to protect yourself;
Find it useful? Please share!
Find it useful? Please share!
Last updated: 12 November 2019 | © KIS Finance 2018 |