Scam Alert!

[LenT]

I’m sure most of us are fairly scam savvy.

If I can waste a scammer’s time and have them hang up on me in fury, then I feel my day has not been in vain.  But this week I was reminded how easily anyone can fall prey.

We have a lovely lady who gardens for us.  I noticed that instead of working she was standing in our hall using our phone.  I was informed by MrsT that she (our gardener) had just been called by HMRC on her mobile to demand payment of the £900 she owed.

Apparently she had had recent correspondence with them over a similar claimed nonpayment, only to point out at that time that she had in fact paid it some weeks earlier - as indeed proved to be the case.  This caller claimed there was no record of that payment, so she would have to settle it now and it would be refunded if she was correct.

So she downloaded some software onto her cellphone so that she could be guided through the process!  The caller suggested that she could use her phone now to check with her Bank (for some reason) and gave her a number she recognised as being her Bank’s.

Having finally completed her call, she then reflected on what had happened and used our phone to call her Bank.  They confirmed that the sum had left her account - and that it was a scam!  They are looking into it to see if they are willing to refund her loss.

I am furious because had I heard what was going on, I would have intervened immediately.  Our lady is not especially gullible, but she was caught at a time when she had had (written) dealings with the HMRC over alleged nonpayment.  It seems that it is not widely enough known that:

a) HMRC will rarely call anyone direct.  They invariably prefer to write.

b) They will NEVER demand immediate settlement of anything over the phone.

c). They will NEVER demand Bank Account details or passwords - or insist on the downloading of software.

d)  These rules also apply to all Banks and financial institutions that most people deal with.

If you know anyone who you think might be vulnerable to this sort of pressured scam, make sure they’re clear about these simple facts.  Because it seems that these kind of scams are on the increase.

[dutchie01]

Correct Len, the scammers are getting more professional. The scam you describe is well known, they pretend to be your bank and likely have your name, full address and bank account nr already. This likely from a dataleak these details are sold in the bucketloads. They then call with a civilized educated bankvoice asking, are you Mr X living on XYZ? You say yes, they then ask to verify if accountnr is yours which you acknowledge. Then follows some story to draw you into their systems. Thing to do is to tell it does not suit for the moment can i call back. They will politely say yes of course and give you a number.  Google your bank and contact details if you dont have them and call that number and tell what happened. If you use thesame phone and call the number the scammers gave you you will be connected with one of the scammers pretending to be your bank and the second chapter starts with another person you likely trust as he or she tells thesame story. 

Banks dont call. Never. 

[LenT]

1 hour ago, dutchie01 said:

Banks dont call. Never. 

Precisely so, Bernard.

If even this simple fact was universally known, the majority of these scams would be dead in the water.

This particular caller claimed to represent HMRC, but the principle and process is exactly as you describe.  I am particularly infuriated because had I heard even a scrap of the conversation, I would have intervened.

Let’s hope that even this modest exchange makes someone just a little more suspicious in the future.

[Phil xxkr]

10 hours ago, LenT said:

Precisely so, Bernard.

If even this simple fact was universally known, the majority of these scams would be dead in the water.

This particular caller claimed to represent HMRC, but the principle and process is exactly as you describe.  I am particularly infuriated because had I heard even a scrap of the conversation, I would have intervened.

Let’s hope that even this modest exchange makes someone just a little more suspicious in the future.

As I understand it the world is awash with one scam or another but I have not yet read a single article that explains the money trail? In your case Len the money was transferred to another bank and as all banks operate in a Global framework where is the reciprocal agreement in such situations? 🤔

[peniole]

Given that the scammers knew about her recent correspondence with HMRC, she should secure her email account. Emails are frequently hacked, and left unmolested for such occasions. A big money transfer deal relating to real estate or some other big purchase. They scan the hacked emails and find a money situation where they can insinuate themselves with insider knowledge.

[LenT]

5 minutes ago, Phil xxkr said:

As I understand it the world is awash with one scam or another but I have not yet read a single article that explains the money trail? In your case Len the money was transferred to another bank and as all banks operate in a Global framework where is the reciprocal agreement in such situations? 🤔

A very pertinent question, Phil.

The adage to “Follow the money” should surely apply to all these scams.  I gather that it is made difficult by the rapid redistribution among false accounts which obscures the origin of the money.  I’m not a Banker but I would have thought Police fraud squads would still be able to track the ultimate beneficiaries.

But apparently not.

[LenT]

6 minutes ago, peniole said:

Given that the scammers knew about her recent correspondence with HMRC, she should secure her email account.

From what I gathered - and getting the full story was a little disjointed - they didn’t know!  I think it started as a random call and I’m not even clear how much of her personal details (eg name) the caller knew.

I think it was because of her recent exchange with HMRC that she in effect  volunteered the information.  So just a lucky hit playing the percentages.  Often such scammers do some initial fishing at the start of a call and then replay that back as evidence of their authenticity.

When she mentioned her previous dealings, the well rehearsed response was that it may be an admin error but she had to pay up and it would be refunded.

Which brings us back to the fact that HMRC - or any Bank - will NEVER demand an immediate payment over the phone!

I hope to get more - and hopefully better - news when she returns and can more calmly reflect on what happened.

[dutchie01]

Personal detail are left behind on all sorts of websites. Book something on for instance booking.com. This site is then hacked which gives them name/address/bankdetails and that can be the start of it all. This can also be used to open an account that is used to receive the money. If money in they close account immediately and run. And repeat, and repeat. No need to rob a a bank anymore.  

[Phil xxkr]

42 minutes ago, peniole said:

Given that the scammers knew about her recent correspondence with HMRC, she should secure her email account. Emails are frequently hacked, and left unmolested for such occasions. A big money transfer deal relating to real estate or some other big purchase. They scan the hacked emails and find a money situation where they can insinuate themselves with insider knowledge.

Great advice. Also I never ever delete scam emails or answer calls where I do not know the originator this just proves they have a live account. Even emails from known names if the content is out of the usual pattern call them to confirm. I have had instances where friends entire email address book has been hacked 👍

[Phil xxkr]

8 minutes ago, dutchie01 said:

Personal detail are left behind on all sorts of websites. Book something on for instance booking.com. This site is then hacked which gives them name/address/bankdetails and that can be the start of it all. This can also be used to open an account that is used to receive the money. If money in they close account immediately and run. And repeat, and repeat. No need to rob a a bank anymore.  

👍

[Phil xxkr]

44 minutes ago, LenT said:

A very pertinent question, Phil.

The adage to “Follow the money” should surely apply to all these scams.  I gather that it is made difficult by the rapid redistribution among false accounts which obscures the origin of the money.  I’m not a Banker but I would have thought Police fraud squads would still be able to track the ultimate beneficiaries.

But apparently not.

Exactly my thoughts Len 

[LenT]

32 minutes ago, Phil xxkr said:

Even emails from known names if the content is out of the usual pattern call them to confirm. I have had instances where friends entire email address book has been hacked 👍

This was exactly what happened to MrsT.  An email from a casual acquaintance tapping her for a loan for a transparently ludicrous reason.

But as we knew this particular individual was unlikely to need our assistance to settle any financial embarrassment, a quick email to him from our contact list confirmed that his Address Book had been hacked  - much to the amusement of his contacts who were calling to commiserate on his straitened circumstances!

In this case, he was too financially secure to be a believable target.  But it has proved effective - especially if purporting to come from family members stranded in isolated locations.

[Mr Vlad]

This reminds me of a longish phone call a few years back from the 'HMRC'. 

What I found disconcerting was that this caller knew the exact amount which was owed (thanks to an employer not paying income tax for 3 months, I paid it personally on the 4th month) so I 'played along with the call but then called their bluff when I refused to pay and they'd send the police. I ended the call with Go On Then.

I then phoned HMRC and explained the call and gave them the number that called me.

Oh. Did the police come? I hear you ask. 

I'm still waiting lol

I remember, well over a couple of decades ago, my email being hacked. I was Informed by my provider that they were going to delete my account as "I" had sent thousands of emails in one day and that was against rules. I explained that it wasn't me and being 'thick' I'd no idea how to do that. They looked at my record and suggested I change my password. They explained that my password was probably hacked so from then on I've changed passwords every couple of months. No similar issues since then touch wood.

It's a scary world out there in cyber space. The 'crooks" are as smart as the 'good guys'. It's basically a war out there.

[LenT]

1 hour ago, Mr Vlad said:

I 'played along with the call but then called their bluff when I refused to pay and they'd send the police. I ended the call with Go On Then.

Excellent, Vladimir.  This can be a very entertaining way to handle calls of this nature.

We have a friend for whom this is her regular ploy - and I’ve used it myself to great effect!  Firstly, it demonstrates that the caller is unfamiliar with the activities and interests of our Police!

Secondly, it confirms that they have convinced you that they are genuine and now merely have to explain why it’s better to pay up without going to Court.

From now on, they’re on to a loser.  Ultimately the victim can at any time simple hang up with a ‘See you in Court!’  leaving the scammer with the belief that this was the One That Got Away.

As any salesperson knows, that can be very demoralising!

[Phil xxkr]

7 hours ago, LenT said:

Excellent, Vladimir.  This can be a very entertaining way to handle calls of this nature.

We have a friend for try whom this is her regular ploy - and I’ve used it myself to great effect!  Firstly, it demonstrates that the caller is unfamiliar with the activities and interests of our Police!

Secondly, it confirms that they have convinced you that they are genuine and now merely have to explain why it’s better to pay up without going to Court.

From now on, they’re on to a loser.  Ultimately the victim can at any time simple hang up with a ‘See you in Court!’  leaving the scammer with the belief that this was the One That Got Away.

As any salesperson knows, that can be very demoralising!

Look up, Tom Mabe crime scene, the very best ever 😎

[dutchie01]

 

[Cotswold Pete]

On 7/23/2023 at 8:09 PM, dutchie01 said:

Banks dont call. Never. 

In my case the bank did call me as I had missed a credit card payment, but they would not tell me what it was for, and the number they told me to ring was different to the number presenting on my phone.  So I declined to discuss anything as it smelt like a scam

I then rang my bank and they said they were not trying to get hold of me, then the 'scammer' called back.  Anyway after much faffing about (2 hours of my time wasted) it turned out it was all genuine, and the fact that I had missed a payment for the first time in 15 years seemed to bother  them.

I work in IT & Telecoms and so fairly aware of the tricks of the scammers, so am 110% 'alert', but my bank proved to be the idiotic exception.

 

[dutchie01]

Isnt that typical you pay in time without problem for decades then miss one payment and they come to arrest you with a swat team.

[steve2006]

I’ve just read about another scam which this time involves the “card reader” given out by some banks to customers and used to confirm identities and payments.

Apparently scammers are now sending these out to people then ringing a few days later pretending to be the bank and asking for confirmation of receipt of the reader.

They then ask the customer/victim to put their card into the machine plus their PIN.

Result is an empty account!

[LenT]

8 hours ago, steve2006 said:

I’ve just read about another scam which this time involves the “card reader” given out by some banks to customers and used to confirm identities and payments.

Apparently scammers are now sending these out to people then ringing a few days later pretending to be the bank and asking for confirmation of receipt of the reader.

They then ask the customer/victim to put their card into the machine plus their PIN.

Result is an empty account!

 A particularly convincing scam, Steve, as it involves a substantial investment on the part of the scammer and an apparent knowledge of your banking arrangements..  I see that there was a spate of these about a year ago.

The clue should be that Banks DON’T send out unsolicited Readers.  To get one out of my Bank, you have to first register for Online Banking and then go online to order one.

So again beware of any unsolicited devices that arrive.  At the very least, check with your Bank if it’s a genuine device as it probably isn’t!

Much more concerning to me is the rise of the Contactless Card  - and the battles I’ve had to refuse one.  But that’s another story!

[Brian R]

On 7/25/2023 at 7:36 PM, dutchie01 said:

 

Hilarious and one to remember.😂

It's one thing to be scammed but believe me it's another to try and report a scam. A (sadly) known to me individual who lives on another continent opened two accounts with a well known UK bank using an address to which I have a connection. He deposited a 6-figure sum by effectively using a false address. I wrote to said bank by e and snail mail upwards of 6 times, and phoned them on 2 or 3 occasions to report this "scam". Each time I was promised they would be in contact "within 24 hours", but I never heard from them, not once. Even their head of complaints department couldn't be bothered to reply to my letters and my entirely justified concerns.

In practice, I suspect the individual was trying to fool various authorities by suggesting he lived in the UK and milk the tax/benefit system for all he could. All duly reported to the HMRC and the DWP, given the bank simply didn't want to know. Now, call me old-fashioned, but perhaps the bank had north of £100K on account and simply didn't want to know its origins? Just a thought........

[Phil xxkr]

12 hours ago, LenT said:

 A particularly convincing scam, Steve, as it involves a substantial investment on the part of the scammer and an apparent knowledge of your banking arrangements..  I see that there was a spate of these about a year ago.

The clue should be that Banks DON’T send out unsolicited Readers.  To get one out of my Bank, you have to first register for Online Banking and then go online to order one.

So again beware of any unsolicited devices that arrive.  At the very least, check with your Bank if it’s a genuine device as it probably isn’t!

Much more concerning to me is the rise of the Contactless Card  - and the battles I’ve had to refuse one.  But that’s another story!

I forgot to mention one very clever one is ; scammers call on your landline  pretending to be from your bank. You are naturally suspicious, they say, no problem just call me back on our head office number. You then call on a number you know to be correct, and they answer, the  trap is sprung. You see when they call you they do not disconnect the line when they say call us back. You then call not knowing it's an open connection to the original call 😱

[LenT]

4 hours ago, Phil xxkr said:

I forgot to mention one very clever one is ; scammers call on your landline  pretending to be from your bank. You are naturally suspicious, they say, no problem just call me back on our head office number. You then call on a number you know to be correct, and they answer, the  trap is sprung. You see when they call you they do not disconnect the line when they say call us back. You then call not knowing it's an open connection to the original call 😱

Absolutely right, Phil.

In fact it didn’t take long for our lady to start to think she’d been scammed.  Which is why she was using our phone to call her Bank.

As you say, the scammer had given her the correct number to call, while hoping she would use the same phone.  So despite making the call but minutes later, the sum involved had already been transferred.

Why the Bank and account to which it was moved cannot be frozen and those who set it up cannot be traced, is another matter which Banks could be addressing rather than, say, trawling through social media to see what the likes of  Nigel Farage have been up to!

 

[Phil xxkr]

6 hours ago, LenT said:

Absolutely right, Phil.

In fact it didn’t take long for our lady to start to think she’d been scammed.  Which is why she was using our phone to call her Bank.

As you say, the scammer had given her the correct number to call, while hoping she would use the same phone.  So despite making the call but minutes later, the sum involved had already been transferred.

Why the Bank and account to which it was moved cannot be frozen and those who set it up cannot be traced, is another matter which Banks could be addressing rather than, say, trawling through social media to see what the likes of  Nigel Farage have been up to!

 

Could not agree with you more Len. 😎

[Winston]

On 7/24/2023 at 10:10 AM, peniole said:

Given that the scammers knew about her recent correspondence with HMRC, she should secure her email account. Emails are frequently hacked, and left unmolested for such occasions. A big money transfer deal relating to real estate or some other big purchase. They scan the hacked emails and find a money situation where they can insinuate themselves with insider knowledge.

I don’t think that they necessarily knew, it’s a scatter gun approach, if they call enough people, some will have current dealings with HMRC.

pits like if you get an email from the bank and you don’t bank with them you know it’s a scam and ignore it, but if you happen to bank with them and have current dealings you can get drawn in.

the answer is never respond to anything, but call or email on a different device to contact details looked up separately, and still take care