Tom received a call from someone pretending to work for his telephone provider saying he was due a refund. He gave over his card details so he could receive the payment.
After the call ended Tom felt uneasy about how much information he’d given to the caller and on reflection wasn’t sure if the call had been genuine. He called his bank and explained what happened. Tom felt uneasy and asked his bank several times if he was safe and if anyone could do anything else with the information he’d given away. The bank member of staff cancelled his card, but reassured him that no one could do anything with the information he had given away in the previous call and that he would be safe.
Shortly after the genuine call with the bank, Tom received another call from someone pretending to be from his bank. The fraudsters had been able to manipulate the technology to make it appear on Tom’s phone that they were calling from his bank. They also had various details about him and his account which convinced Tom he was speaking with his genuine bank.
The fraudsters explained his account was under threat and he needed to move his money to a safe account. He then made one online transfer for £2,500k (which included all of the money in his account and took his overdraft to its maximum limit) to an account with the details he’d been given by the fraudsters.
A few hours after that Tom felt something wasn’t right and called the bank - they told him he’d been scammed. The bank said it wasn’t responsible though, as Tom had knowingly sent the money from his account although they appreciated he didn’t know it was going to fraudsters.
What we said
We listened to the call Tom had with the bank when they cancelled his card. We felt the bank had missed a key warning sign that Tom had just been phished for information (which is a known common tactic used by fraudsters to gain information before going on to scam them).
We thought that the bank staff didn’t really listen to what Tom was telling them. It didn’t act upon this or warn Tom about the different types of scams and how fraudsters can use information they’ve “phished” from customers to convince them they are speaking to their bank when in fact they aren’t. If it had, we were persuaded this would’ve prevented the scam when Tom was called just shortly after by fraudsters. We told the bank to refund all the money Tom lost in this scam – together with interest a payment for trouble and upset.