Fraud alert! Is your bank doing enough to beat the scammers?

31 August 2017

Fraudsters are doing their best to separate you from your money. Here, we look at the best ways to protect yourself and ask whether banks should be working harder to keep customers safe.

It is something we hope we will never fall victim to. Yet the number of fraud cases in the UK is rising.

Data published by independent fraud prevention service Cifas (formerly known as the Credit Industry Fraud Avoidance System) shows there were around 325,000 cases of fraud reported in 2016 – 90,000 more cases than it received in 2011.

From identity fraud to card cloning, these frauds can take many forms and are becoming increasingly complex.

Knowing who to trust

Anyone can become a victim of fraud, and sometimes the perpetrators are not easy to spot. This was demonstrated in the recent BBC One drama Trust Me, in which a nurse commits identity fraud to get a job as a doctor.


In the programme, Cath Hardacre, played by Jodie Whittaker (pictured above), uses a friend’s legitimate CV to steal her identity and get work at a struggling hospital. While the story in Trust Me is fictional, the risk of identity fraud is very real.

It is often assumed that older or vulnerable people are the only people who become fraud victims. Yet younger people are also showing great naivety by openly publishing their personal data online.

Lisa Hardstaff, identity fraud expert at Equifax, says: “Fraudsters only need a few key pieces of information to steal someone’s identity and open fraudulent accounts in their name. Consumers should take great care where and how they share their personal information.”

The firm says in some cases people have shared their full name, phone number and home address on social media. These people have left themselves particularly vulnerable.

Supporting victims

Most cases of fraud involve a bank in some way. Scammers may pretend to be from a financial provider or they may simply use a bank account to house their ill-gotten gains. But do banks take customer tip-offs seriously enough?

Moneywise has been contacted by many fraud victims who felt let down with the response given to them by financial institutions.

Marcus Richardson* became a victim of fraud when he used an online auction website to buy a car for his son. He was told the car was in good order and ready to be shipped from its current location.

Mr Richardson even confirmed his order over the phone with ‘a member of staff’. However, a few hours after he transferred £5,000 to the company’s bank account he realised he had been the victim of fraud and the car did not exist.

He says: “Unfortunately too late, I reflected on the circumstances and the full implications of my actions and realised I had fallen victim to what appeared to be little more than an elaborate scam.”

He contacted his own bank, the Co-operative Bank, the following day and it was able to recover the £5,000 after six weeks. He also phoned HSBC – the bank that held the fraudsters’ account – but was angry with the response he received.

“Although HSBC held the transfer recipient’s account, it was totally unwilling to even check – let alone investigate – the matter. “I stated that it had a moral duty to investigate all reports of money laundering and banking fraud, but I was kept on hold for over 30 minutes.”

He adds: “If my experience is typical, then, regrettably, it is little wonder that fraud is now one of the world’s fastest-growing industries.”

Other Moneywise readers have been critical of the ways banks have handled their reports of fraud.

Lloyd Jones, 75, is retired and lives in Bala, North Wales. He realised he was a victim of fraud when he checked his HSBC bank statement and saw payments for travel bookings, which he had not made.

He tried to phone his bank immediately, but it was the weekend and he was told the fraud investigation department was closed until the following Monday. This caused him considerable stress and he believes the bank should have acted sooner.

When he finally spoke to the fraud department, he was disappointed that HSBC would not confirm how the fraud had taken place. So he was unable to take steps to protect himself from future attempts.

“I was told it was in the hands of the fraud department and I could not get any confirmation about what happened,” he says.

We asked HSBC for its response to these cases. A spokesperson says: “HSBC takes fraud and other financial crimes very seriously. Should a customer notify us of fraudulent activity, all claims are reviewed at the point of notification and refunds applied, unless a case requires further investigation.”

Meanwhile, Francis O’Neill (pictured left), aged 76, a retired doctor who lives in Lancaster, was also frustrated in his attempts to report fraud. He received unsolicited phone calls and text messages about a credit card, purporting to be from Halifax. As he holds no accounts with the bank, he decided to

report the attempted fraud to Halifax but was left frustrated by its response.

“When I received the messages, I rang Halifax on its customer service number,” he says. “What annoyed me was that as soon as I admitted that I was not a Halifax account holder, the person I spoke to lost interest and advised me to ring the Halifax fraud number.

“On ringing that number, I was not able to speak to a human being, but was presented with an automated menu of options, none of which applied because I was not a Halifax account holder.”

Dr O’Neill was unable to get through to a real person in the fraud team, meaning this fraudulent activity went unreported.

A spokesperson for Halifax told Moneywise: “We treat all reports of fraud extremely seriously regardless if they are a customer or not. It appears that our correct procedure was not followed, and we are taking action to ensure colleagues know what to do in such cases.”

Are banks doing enough?

Are these cases one-off incidents or are they symptomatic of the banking industry’s lax attitude to fraud?

In many instances, customers have attempted to highlight cases of fraud, yet the response from banks has been inadequate.

Julian Dixon, chief executive of transaction monitoring and anti-money laundering specialist Fortytwo Data, says banks must do more to investigate these first-hand customer complaints.

“It is vital that every bank takes complaints of fraud seriously because even relatively small offences can be the work of organised crime gangs whose agents then need to launder the proceeds,” he says.

“Calls from customers targeted by criminals are valuable early warnings. Proper identification and intelligence gathering on fraudsters can aid in the identification of new patterns of criminal behaviour that, if used and shared correctly, can spare others from falling victim to these types of crimes.”

Specialist fraud investigator Richard Emery of 4Keys International believes that banks need to devote more resources to fraud prevention.

“The regulator needs to step in,” he argues. “Banks are simply not investing. They are resistant because of the amount of development time and money it will take. Failure to invest is a big issue.”

UK Finance – the trade body representing banks – says the industry is working hard to reduce fraud and points to the recent Take Five anti-fraud initiative as an example of cross-industry collaboration.

Katy Worobec, UK Finance’s head of fraud and financial crime prevention, says: “Banks take fraud extremely seriously and invest millions in advanced security systems and training for frontline staff every year, along with regularly sharing intelligence with law enforcement to protect customers.”

However, Mr Emery thinks banks simply do not have enough checks in place to protect their customers.

“It is a lot of lip service from banks,” he says. “Customers can do more and sometimes are careless. But the real issue in the banking industry is that there is no sense of commitment to investing in frontline staff.”

He wants the introduction of a 24-hour cooling-off period when a customer tries to make a large transfer to a new payee. This would give the bank enough time to properly check the recipient is legitimate.

“Today the speed of a payment is instant, and fraudsters can simply transfer the cash across multiple banks and accounts,” he says.

“The banks themselves take 24 to 48 hours to investigate and notify each other of each transaction. By that time, the money has long gone.”

*Name has been changed.

Three most common scams

Using data published by Action Fraud, Moneywise has compiled three of the most common scams in the UK and explains how to stay safe.

Identity fraud

This occurs when a fraudster acquires information about an individual – including name, date of birth and address – often so they can make financial transactions on their behalf.

Cifas says it recorded 172,919 identity frauds in 2016, representing more than half of all fraud cases.

Moneywise reader Linda Libetta, 57, (left) became the victim of identity fraud when her house in north London was burgled.

As well as stealing some valuables, the criminals also stole her passport and bank statements.

But it wasn’t until two years later that Linda, a commercial manager, realised they’d stolen her identity, when she received a call from the police informing her that criminals had attempted to commit fraud and buy a house under her name.

“I had changed all my account details years before and I didn’t think any more of it,” she says. “Then I got a call from a police station telling me they had tried to buy a house. I was gobsmacked.”

HOW TO STAY SAFE: Shred any letters and documents that contain personal information. When online, make sure you use strong passwords, avoid using unsecured wi-fi networks and install antivirus software on your devices.

Cash machine cons

This fraud occurs when a replica of your credit or debit card is created without your knowledge. Criminals can do this by tampering with a cash machine so that they can record your details and clone your card.

HOW TO STAY SAFE: Take a moment to double-check the machine. If the card slot looks loose, then it may have been tampered with.

Consider using a cash machine inside a bank branch as it is more difficult for scammers to access, and always cover the keypad when inputting your PIN.

Advance fee fraud

Here, fraudsters try to get their hands on your cash by asking for an upfront fee to facilitate a payment or bank transfer. This could be a fake letter, email or text message and often looks as if it has come from your bank.

Other criminals claim to be from HM Revenue and Customs (HMRC) and offer the recipient a tax rebate if they pay a fee.

But it is not only names of financial institutions and government bodies that are used by fraudsters. With the World Cup 2018 on the horizon, Moneywise has been contacted by readers who received letters claiming they have won the ‘International FIFA World Cup Online Lottery’. These letters claim the recipient has won a £500,000 prize in a lottery designed to promote the football tournament. The fraudsters then ask for an upfront fee to process the prize payment.

Readers Malcolm Baron, Wayne Hindle and Nick Wilby all alerted Moneywise to this advance fee fraud. Mr Wilby says: “An elderly lady, aged 93, whom I take shopping received one of these. Fortunately, she asked me to check it out. She is very angry about being a target of a scam.” FIFA says recipients of the letter should contact their local trading standards.

A spokesperson for FIFA says: “FIFA confirms that the lottery has no connection whatsoever with, or authorisation from, FIFA and should be considered a scam.”.

HOW TO STAY SAFE: Remember that HMRC will never use a text or email to inform you of a tax rebate or penalty. FIFA advises fans not to respond or provide any personal information to the contacts listed in emails or letters.

If you get a message and you’re unsure if it’s from your bank, always look up the bank’s contact details separately – never ring a number or reply to an email if you’re not certain it’s legitimate.

What to do if you’re a victim

• Report any stolen or copied documents – including bank statements, credit and debit cards, driving licences, invoices and passports – to the relevant organisation. Banks will be able to put a hold on your accounts to make sure no further money is taken and should use this information to prevent other people from being scammed.

• In most cases, the bank will report the fraud to the police, but you can also do this yourself by contacting the non-emergency department of your local police force.

• If you believe you have been a victim of cash machine fraud, alert your bank or card provider immediately. Your bank is then responsible for reporting the fraud to the police.

Moneywise verdict

Banks have taken steps to stop fraud, and in some cases Moneywise heard – such as the Co-operative Bank and Mr Richardson case detailed on pages 30 and 31 – they have acted speedily to help victims.

But while cross-industry collaboration should be welcomed, there is always more banks can do to take the threat seriously, and the regulator must act if they fail to do so.

For consumers, it is important to remain vigilant in the fight against fraud. Keep a watchful eye for any suspicious payments and always report these to your bank.

In reply to by anonymous_stub (not verified)

I found your article of fraud very interesting. I currently do my online banking with "First Direct" . They supplied a key pad, which I have to use every time I logon. It generates a new code every time. If I accidentally enter a wrong digit, I am asked to start again. Personally, I find this method very reassuring, but non of the other banks seem to have followed suit.

In reply to by anonymous_stub (not verified)

I got fraudulent copy of a bank remittance that never occurred, issued by the Texas Trust Bank. My attempt to report it was ignored al the way. The fraud used their bank logo, even falsified a clerk's signature to betray me. I sent the file to the FBI 5 weeks ago, no response! Either banks don't care at all (its not their money after all), or there are too many internet fraud cases.

In reply to by anonymous_stub (not verified)

Isn't it. about time companies took more care with peoples personal details especially as we are all being forced to move online. Ordering an item or making enquiries doesn't give them a right to hold onto your information or if they are they should be as liable for all fraud make against you.

In reply to by anonymous_stub (not verified)

On July 5th, I received a secure message in response to a complaint I had made to Nationwide through online banking. I was alarmed to see that it was addressed to a Mr Molnar. I immediately sent back a message commenting on this and asking who Mr Molnar was; I was concerned that he might have my name and account details. To my astonishment, I received an apology addressed to ... Mr Molnar! By this time I was seriously concerned and although I'd logged off, I decided to login again. This time my current account had completely disappeared from the screen even though my credit card account was entirely visible. By now I was distressed and suspicious; I had over £10000 in the account. I immediately phoned the bank to transfer the money out only to find out that it couldn't be done over the phone, only through a branch but I was at my holiday home in Spain.Shortly after my phone call, my account miraculously re-appeared but the bank is unable to give any explanation except to say that it's 'coincidence'. I suspect that my account was tampered with by someone within the bank but Nationwide denies this. However, they really don't know and don't seem very interested in finding out.I have now transferred my account to a different bank having completely lost confidence in Nationwide. I find their poetic advertising campaign laughable. Here's my contribution:-Don't talk to meAbout loyaltyUnless you mean it just one way;Your way or the highway.Don't hand me Crumbs of compensationTo try and coolMy indignationTreat me with considerationAnd respect my consternationEtc... Fraud may not be confined to outside agencies. Many years ago £25000 disappeared from an offshore account of mine on a Friday and mysteriously reappeared on the following Monday.

In reply to by anonymous_stub (not verified)

Surely the bank has the prime responsibility for redress (after the fraudster themselves) as it is they that have opened up a bank account without undertaking the necessary identity checks ?I would sue them personally if this happened to me?

In reply to by Ronald Bailey (not verified)

Ronald - I'm an FD customer - you don't need to use the key pad to log on - but you do if you wish to create new payees for exampleThus once set up the key pad is not required - but of course is there, should you prefer to use it

Add new comment