should banks be compelled to give people their money back when those people have given it away of their own volition
It's a good question but I think it's the other side of the coin of having these fast electronic payments that are probably cheaper for them. Also the instant payment stuff that is good for retailers (and banks) as it 'lowers the friction of payment', ie.makes it easier for you to buy stuff you don't need before you change their mind. I'm guessing they put up with it as it makes us feel more comfortable with online and electronic banking
It's the inconsistency of payments being blocked that slightly baffles me.
Even after authorising, sending small amount first to make sure it's gone to the right place, I've still had payments blocked and had to phone the bank to release.
Which brings, for me, an interesting ethical question – should banks be compelled to give people their money back when those people have given it away of their own volition (even if that may have been a result of a scam).
Yes, as the banks have made it too easy to transfer money to total strangers e.g. not checking the name of the recipient matches on the account before allowing it...
The victims haven't given it to fraudsters of their own volition, they been taken advantage of using the lax money transfer processes the banks have implemented.
Even after authorising, sending small amount first to make sure it’s gone to the right place, I’ve still had payments blocked and had to phone the bank to release.
Same here, but was told that reason was quite usual way for scammers to act, taking a small payment first then increase ££
It’s the inconsistency of payments being blocked that slightly baffles me.
Even after authorising, sending small amount first to make sure it’s gone to the right place, I’ve still had payments blocked and had to phone the bank to release.
Look at it the other way - it's not uncommon for a scammer to send a small amount first to check it's going to work, and then go for the main amount.
The banks use a lot of expensive software and experienced staff to try and judge if the payments being requested might be fraudulent. A lot of this is done by looking at past account behaviour, like have you paid the payee in the past (not just in the past couple of minutes), is it a larger amount than you normally pay, is it at a time/day that you normally make payments etc etc. There are literally thousands of rules, using incredibly clever kit and people, and it costs them millions, yet they still get told they're not doing enough.
/industry rant over
We’re idiots if we allow ourselves to think it’s only idiots that fall for these things
+1
As the OP shows, send out enough messages and eventually you'll find the parents of someone who regularly changes their number, requests money, is waiting for some online shopping, is traveling in Mexico, etc. At which point it probably barely raises an eyebrow.
e.g. not checking the name of the recipient matches on the account before allowing it…
This is done now, and has been for the past few years. it's called Confirmation of Payee and it's industry wide. If you set up a payment to an account and the names don't match, you will be asked "are you sure, the names don't match". You can then double check and correct the details or cancel the payment, or, if you want, carry on. If you do the latter it's, reasonably IMO, on you.
I still get a chuckle out of Halifax letting me buy a flight to scotland, get the train to the airport, hire a car in Glasgow without issue.
But try to buy dinner at a restaurant in Scotland? outside of my normal activity, card declined.
While yes, admittedly it is not something I do regularly, the rest of the activity might give some indication of my location and intentions.
I still get a chuckle out of Halifax letting me buy a flight to scotland, get the train to the airport, hire a car in Glasgow without issue.
But try to buy dinner at a restaurant in Scotland? outside of my normal activity, card declined.While yes, admittedly it is not something I do regularly, the rest of the activity might give some indication of my location and intentions.
Well, they couldn't have known where your flight was going, or your train, or where your hire car was booked for, or, potentially, that you'd done anything like that at all if you'd bought that stuff through any third parties.
And it might have been the restaurant that was flagged as dodgy.
This is done now, and has been for the past few years. it’s called Confirmation of Payee and it’s industry wide.
My understanding was it was a voluntary code and they took ages to implement it - not even sure if all banks actually have....
I like to think I'm pretty vigilant when it comes to scammers. I've worked in banking for 15+ years so I've pretty much seen it all. You'd be amazed at the volumes of "successful" scams. The banks generally take the hit and refund the customer unless the customer has clearly been grossly negligent. 99% of the time the customer will get the money back as demonstrating gross negligence to a standard that satisfies the regulators is almost impossible, it's just not worth the hassle.
One had me scratching my head the other day though. The Mrs advertised something on FB marketplace and was quickly contacted by someone asking if it was available etc. They exchanged a few messages and the the interested party started with the "I'm away with worth so I'll send an Agent to collect it and pay cash". They went on to say "the cash will be in a black envelope and handed to you by my agent who will ask that you count the cash and confirm that you are happy blah blah blah". She stopped responding at that point and then received several messages pushing for "urgent resolution to ensure you get your cash". It was clearly a scam - bad spelling etc. But the fact they essentially pushing for cash on collection? How would that one pan out?
My understanding was it was a voluntary code and they took ages to implement it – not even sure if all banks actually have….
The largest banking groups* were given no choice and had to have it done by June 2020, smaller ones have signed up voluntarily
*Bank of Scotland plc, Barclays Bank UK plc, Barclays Bank plc, HSBC Bank plc, HSBC UK Bank plc, Lloyds Bank plc, National Westminster Bank plc, Nationwide Building Society, Royal Bank of Scotland plc, Santander UK plc and Ulster Bank Limited
But the fact they essentially pushing for cash on collection? How would that one pan out?
Counterfeit notes?
Counterfeit notes?
Seems a bit of a stretch for a 2nd hand relatively cheap buggy! Perhaps the conversation would have evolved into something further involving a bank transfer.
Maybe something like asking if they can pay by bank transfer instead, claiming to have accidently sent too much money, providing a screenshot of a fake payment confirmation and then asking if she could arrange to transfer the difference back immediately.
No , not cash on collection. As soon as you agree they will send you a link to pay for insurance for the collection/delivery. It won’t be a huge sum, but it’s accumulative.
These are often hacked FB accounts and, surprisingly, rarely originate in the UK.
Let’s not be so quick to blame victims for the actions of the perpetrators.
@the_muffin_man
I feel like I started off those comments about your sister with the phone number changing. It certainly wasn't my intention to imply anything about her or even to suggest it was in anyway her fault. It was merely a suggestion that might help make things more reassuring for your parents going forward. Even just a simple code like including her middle name if asking for money.
Look at it the other way – it’s not uncommon for a scammer to send a small amount first to check it’s going to work, and then go for the main amount.
In the pre chip & pin, pre contactless days, someone broke into the staff room at work and nicked some wallets.
They used my Barclaycard in a local supermarket almost immediately, small transaction. Then went back and bought a load more stuff, obviously relying on faking the signature and the checkout staff not looking closely enough.
Barclaycard picked up on this very quickly and blocked the attempted third (much bigger) transaction.
Phoned me at work (we were still oblivious to the theft from our staff room) and it was only then I found out about the theft, they cancelled the card immediately and reimbursed the (relatively small) amount that has been spent. They picked it up because it was totally outside my normal spending patterns.
We had a few attempts to use stolen cards in the shop as well, they'd always pick on junior (often female) members of staff and rely on their confidence/bolshiness in talking their way around it if they got pulled up on the signatures not matching.
"Oh I broke my writing hand, had to sign it left handed" was a common one...
IANABE
Is there not someway that banks can 'flag' dodgy receiving accounts? Surely some kind of system, like on social media, of banks staff going 'this account is dodgy' to be investigated more? Any payment to that account is temporarily blocked until checks are made...?
My bil had his card cloned at a petrol station.
They used the card to buy 2 x airline tickets to the US.
Would the police wait at Heathrow and arrest the 2 people sitting in aisle 33.... Nope
IANABE
Is there not someway that banks can ‘flag’ dodgy receiving accounts? Surely some kind of system, like on social media, of banks staff going ‘this account is dodgy’ to be investigated more? Any payment to that account is temporarily blocked until checks are made…?
IAABE and very sophisticated systems are in place for fraud detection and the vast majority of fraud is detected with funds being returned. The issue is the industrial scale and trying to balance friction vs convenience in the payment space can make it seem less safe.
In the case above given it clearly isn’t one of gross negligent and the bank will refund. Your parents can contact the fraud team as well to get some reassurance as fraud can be a traumatic experience.
One finally thought, most people are convinced they’ll never fall victim right up to the moment they do so your parents shouldn’t feel too bad about this. It can happen to anyone.
I've got an odd one at the moment.
Cheap, but not suspiciously cheap, Wahoo Kickr on Facebook marketplace. It's not local, but is just up the road from somewhere I'll be working at the weekend, advert does say he'll post.
He's immediately straight into "too busy, need it gone, what's your full address?" All I'd asked was was it still for sale and how much would the postage be.
Told him I'll leave it for now and possibly pick it up in person in a few days instead.
"It might be gone by then"
Maybe he's either really affluent and doesn't care about selling it cheap and sucking up the postage (or was going to pass it through the work account), or maybe he really needs the money. And a Kickr would be a niche thing to use as bait in a scam, but then the internet was awash with Bowflex dumbbells' as a scam the last few years. Profile has several red flags though, 2000+ friends, mostly looking 20 years younger in low cut tops and the profile name doesn't match the facebook.com/joe.bloggs but then plenty of paranoid people probably setup a 2nd account just for buying/selling/perving.
IANABE
Is there not someway that banks can ‘flag’ dodgy receiving accounts? Surely some kind of system, like on social media, of banks staff going ‘this account is dodgy’ to be investigated more? Any payment to that account is temporarily blocked until checks are made…?
IAABSE 😉
If a receiving account is dodgy enough to, well, look dodgy to someone at the bank it's held with, or a bank that's had fraudulent funds sent to it, it'll very probably be blocked from receiving funds anyway.
However, for a bank it's held with, how would you know or detect that one of your accountsis dodgy? Because it receives money? Because it receives lots of payments? Because it receives big payments? All of these things are perfectly 'normal' bank account behaviour.
This is done now, and has been for the past few years. it’s called Confirmation of Payee and it’s industry wide. If you set up a payment to an account and the names don’t match, you will be asked “are you sure, the names don’t match”. You can then double check and correct the details or cancel the payment, or, if you want, carry on. If you do the latter it’s, reasonably IMO, on you.
And bizarrely when i was paying off my mortgage, they can't even be bothered to set the correct name on their own accounts 🙁 The name they tell you to use fails this check!
Just got home and my parents have just messaged to say the bank have refunded half of the loss (money is already back in their account).
Full refund refused as my dad made x3 payments to three separate accounts. So bank have classed as major error on my fathers behalf.
My parents don't want to take it further, and they feel very lucky to get half of it back.
I'm interested to know what those talking about LPAs think they achieve beyond extending the right to operate the account to the attorney?
They don't stop the person who the power concerns also operating individually, and don't introduce a '2 signature' authorisation process.
Is it that the banks themselves can add security checks if an LPA is in place?
I don't think LPA would have helped in this case, but we haven't looked into it closely yet. It's just wise for us to get it in place before they fully lose their marbles!
Sorry to hear about your parents. Scammers are getting v good at what they do. I nearly fell for it when I advertised on marketplace, I get scam messages almost daily now so have wised up.
They must feel awful, at least they told you, apparently most are too ashamed.
Which brings, for me, an interesting ethical question – should banks be compelled to give people their money back when those people have given it away of their own volition (even if that may have been a result of a scam).
See @mert first comment about bank security in UK being a bit rubbish as to why they refund. Getting the banks to update their IT estate would be very costly and it's cheaper to refund than spend the money on 'proper' security. Before the banking types get onto me, can you honestly say that your employer does not have 80's to 00's iron running some off the internal processes with modern stuff tacked on? (See also TSB locking their customers out of their accounts for a weekend due to a piss-poor shift of IT).
how would you know or detect that one of your accountsis dodgy? Because it receives money? Because it receives lots of payments? Because it receives big payments? All of these things are perfectly ‘normal’ bank account behaviour.
(no axe to grind here)
I assume that, once "my" bank receives a fraud report from me it reports the receiving account to some sort of alert system so that it can be locked down ?
Presumably then, these accounts are emptied frequently in case of being rumbled, so how about:
new a/c, multiple receipts, very frequent withdrawals to somewhere close to empty. I have no idea but how many genuine accounts would look like that ?
Or better still, delay between times an account can be drained ?
I've had loads of phishing emails of late, c.10 a day all the same style after I accidentally clicked on the picture link in the email. It took about 2 months of reporting the emails as phishing.
I've had texts from my bank stating the fraud team would call only for them to call from a mobile number. Admittedly their fraud systems worked but my suspicions and reluctance to answer or engage with a random number meant my account was frozen, until I called from their app.
Presumably then, these accounts are emptied frequently in case of being rumbled, so how about:
new a/c, multiple receipts, very frequent withdrawals to somewhere close to empty. I have no idea but how many genuine accounts would look like that ?
The other half of the scam is persuadig poor hard up folk to take an incoming payment as a favour, they can keep 10% or whatver and just transfer the reaminder to another account.
The chances are that the accounts that the money goes to are both real acounts, and nothing to do with the scammer.
I assume that, once “my” bank receives a fraud report from me it reports the receiving account to some alert system
They'll report it to the bank holding that potentially dodgy account, who will probably lock it down so it can't receive or make any payments.
I have no idea but how many genuine accounts would look like that ?
Loads of them, business accounts for example, sole trader accounts, even normal
personal current accounts.
Or better still, delay between times an account can be drained ?
So you'd be happy if your bank said to you "I know you've had some money paid into your account, but you can't take it out for three days in case it's dodgy"?
See @mert first comment about bank security in UK being a bit rubbish as to why they refund. Getting the banks to update their IT estate would be very costly and it’s cheaper to refund than spend the money on ‘proper’ security. Before the banking types get onto me, can you honestly say that your employer does not have 80’s to 00’s iron running some off the internal processes with modern stuff tacked on?
I think your mixing up different issues there to be honest.
Do banks have legacy IT systems? Absolutely they do, although they are being replaced as they cost a fortune to maintain. However, that has little to do with how 'secure' your account is from fraud. In fact, some of the biggest fraud issues are with the new 'challenger' banks who, whilst they have brand spanking IT kit, do not have the same level of anti-fraud business process and control as the 'old' banks, much of it learned through bitter experience.
my suspicions and reluctance to answer or engage with a random number meant my account was frozen
This does worry me. I still get calls where the caller wants to "go through security". If they phone me, I expect them to prove who they are, and I'm not giving my DoB etc until they do, but they don't like it. If I'm not expecting the call I tell them I'll call back to the number I have on their documentation.
I don’t think LPA would have helped in this case, but we haven’t looked into it closely yet. It’s just wise for us to get it in place before they fully lose their marbles!
LPA has nothing to do with fraud as such, it's simply a legal system for the account owner to delegate responsibility to a friend or relative to look after their affairs if they are no longer able to do so.
If anything, you'd become responsible for any fraud committed on that account if (eg) your parents are no longer of sound mind to use it and all financial decisions are delegated to you.
It's not just the genuine fraud either - when my Mum finally got LPA over her Dad's accounts, she found about 4 direct debits set up to various boiler insurance schemes - it wasn't a "scam" as such but the (genuine) utilities companies had taken him for a ride, offered him all sorts of "well as an old man living on your own, you probably need boiler cover, wouldn't want the heating to break in the middle of winter now would you...?" type stuff which he'd naively accepted. Oh yes, here's my DD details. She went mental at them and eventually got a few thousand ££ back via the ombudsman.
As soon as you get LPA, go through all the payments with a fine tooth comb, there's no telling what some people have set up. Even "free trial period" things where the trial has expired and automatically moved them onto the £8.99 a month subscription. That's just as much of a scam - half a dozen charity donations, unused subscriptions, worthless "insurance" crap etc can add up to a lot of money going out every month.
A friend's elderly Mum was an absolute nightmare for those "text DONKEY to 12345 to give £2 a month to save these poor creatures..." and had about £70 a month going out to charities... 😳
I’ve had texts from my bank stating the fraud team would call only for them to call from a mobile number. Admittedly their fraud systems worked but my suspicions and reluctance to answer or engage with a random number meant my account was frozen, until I called from their app.
Fraud depts seem to be universally manned with complete idiots who cant follow their own advice 🙁 For some reason they think their random number is trustworthy as compared to someone elses random number!
Fraud depts seem to be universally manned with complete idiots who cant follow their own advice
I know a number of those people, and what they're generally doing is working hard to stop people being scammed out of their money. But, ya know, stay classy.
I know a number of those people, and what they’re generally doing is working hard to stop people being scammed out of their money. But, ya know, stay classy.
Depends what bank, I had Santander once lock me out my account because I tried to withdraw cash in Glasgow. I could see the point but it's literally 40 minutes up the road. When I phoned up their response was basically 'tough titties' and I was told to wait 12h until the account was unfrozen. Which was really bloody helpful.
I know a number of those people, and what they’re generally doing is working hard to stop people being scammed out of their money. But, ya know, stay classy.
Well then you can tell that to stop being angry assholes when they phone from a random number and start asking details which would be ideal for breaking into your bank account and I quite sensibly refuse to do as per their own guidance 😉
What you need is parents like mine who have no online banking and getting them to move money is a three day process that involves a trip to the actual bank!
@muffinman - personally I wouldn’t broach the LPA discussion right now. They’ll be feeling bruised right now and possibly doubting themselves. The LPA conversation is much better had when they are feeling in control and confident. I’m sure if my parents got scammed and then soon after I was having the LPA conversation they would interpret it as “he thinks we are losing our marbles”. In fact these sort of scams work quite well on far younger folk than your parents.
Sorry to hear about this OP.
Unfortunately a family member was conned out of a few thousand over a 2-3 year period, unfortunately too late for us to do anything about it. But it was/is gut wrenching that these scum prey on the vunerable like that and probably pass on their details to other scum. Makes my blood boil.
Hope you get it sorted OP.
Full refund refused as my dad made x3 payments to three separate accounts. So bank have classed as major error on my fathers behalf.
Hmmm. Depends on the amounts being sent out to each one, but surely the bank should be looking at odd payments in a short amount of time from a (vulnerable?) customer's account?
Might be worth looking towards the ombudsman (FOS) now. Might be worth looking on their website at case studies or calling them.
My dad fell for that text scam at the weekend, he even queried which daughter, the response was guess, so he did ?
I am still shocked by the clear decline in his mental acuity, esp as mum has dementia and he is looking after her. It has been a big wake up call.
Big thanks to HSBC who blocked it.
I am still shocked by the clear decline in his mental acuity,
I am with my dad, but I still maintain the issue is the cleverness of the scammers. They have worked out what psychologically works to elicit a response - there are whole teams out there planning all this. Even 'switched on' folk are getting caught out.
We had an incident at work where 'the boss' emailed an admin team member and asked them to use my company credit card to purchase some supermarket vouchers for the team as a gif - £1k worth. The admin team member has a daughter who is cyber security in banks expert - and yet still our admin fell for it... The scammers had worked out the company structure, worked out email addresses and then placed an enquiry so that they had our email footer and logo to copy.
Well then you can tell that to stop being angry assholes when they phone from a random number and start asking details which would be ideal for breaking into your bank account and I quite sensibly refuse to do as per their own guidance
Sounds like there was more than one arsehole involved in that conversation if I'm honest.
In a previous job my wife came very close to doing a BACS transfer to "the lawyers" to the tune of around £10k. The thing was, they tended to be very ad-hoc in their billing arrangements and it didn't seem odd until the last moment where she spotted some minor detail that wasn't quite right. She was in accounts payable and whoever was on the other end had them sussed right out.
