Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
The Almighty Buck United Kingdom

An Unprecedented Wave of Online Bank Fraud Is Hitting Britain (reuters.com) 23

An unprecedented wave of online bank fraud has been hitting Britain this year. "The country is the global epicenter for such attacks, according to five of the biggest British banks and more than a dozen security experts who said scammers were buying up batches of consumers' personal details on the dark net to target the record numbers shopping and banking online since the pandemic," reports Reuters. From the report: The country's super-fast payments infrastructure, relatively light policing of fraud-related crime, plus its use of the world's most widely used language English, also made it an ideal global test bed for scams, the banks and specialists added. A British record of 754 million pounds ($1 billion)was stolen in the first six months of this year, up 30% from the same period in 2020, according to data from banking industry body UK Finance, and up more than 60% from 2017, when it began compiling the figures. That represents a per capita fraud rate roughly triple that seen in the United States in 2020 [...].

Unlike simple email-based scams of the past purporting to be from princes or oil barons seeking your help to shift their millions, the modern bank scam can be sophisticated, multi-phased and extremely convincing. "We've seen some cases where the fraudster has been talking to somebody for three or four years as someone else before they actually scam them out of a large amount of money," said Brian Dilley, group director for economic crime prevention at Britain's biggest bank Lloyds.

This discussion has been archived. No new comments can be posted.

An Unprecedented Wave of Online Bank Fraud Is Hitting Britain

Comments Filter:
  • Other reasons too... (Score:5, Interesting)

    by Richard_at_work ( 517087 ) on Thursday October 14, 2021 @06:07PM (#61893443)

    I've seen a bit of an uptick in a certain stance that a lot of people I know seem to have taken when it comes to online fraud - "I dont have to worry about it, its the banks problem", and in the UK that is ever more the case.

    So, we have all seen the case where fraud done through credit cards can be reversed and also the issuing bank has to take responsibility for the fraud as well - this means that stolen, misused/skimmed cards or payments made via dodgy websites rarely result in the actual card holder being out of pocket. This has long been the case in the UK.

    Recently, however, banks have been told to start taking responsibility for fraud done directly through the banks websites - if someone gains access to your online account and transfers money, that bank had to treat that as fraud and refund you. This is again fine, because it forces banks to introduce better online security - one time passwords, secondary passwords, authenticator apps, two factor codes etc have all been introduced as a result.

    But even more recently, banks in the UK have been told they need to start taking responsibility for so called "push payment fraud" - this is where the fraudster convinces the account holder to voluntarily make a payment, or voluntarily hand over an accounts two factor code on demand etc. Basically, the bank can have every security procedure in place and still be on the hook for voluntary payments made by the account holder.

    Hence a growing stance in the UK of "it doesnt matter, I will get my money back". It doesn't always work that way of course (and people still get left with huge debts as a result), but thats the way its pitched to the UK public from a lot of sources - the banks on the hook, not you, don't worry.

    As an aside, in the UK retail banks (banks that hold current or savings accounts for the general public) must be "ring fenced" from their investment or international banking arms - they can't use your money to invest with. So the banks in the UK basically aren't making any money on the general public, so all of this risk is with little reward for them.

    • Hence a growing stance in the UK of "it doesnt matter, I will get my money back". It doesn't always work that way of course (and people still get left with huge debts as a result), but thats the way its pitched to the UK public from a lot of sources - the banks on the hook, not you, don't worry.

      Works well for shoplifting. The idea some big entity will deal with the problem. Customer can still continue paying the usual prices.

    • by AmiMoJo ( 196126 )

      Many banks seem to have given up on their websites, and instead concentrate on apps. The security on the websites is still poor, they haven't figured out how to use OTPs yet for example.

      I have a Lloyds account, and they did give me an OTP device once, battery powered thing with LCD, but gave up and didn't adopt any of the standard protocols for it.

      The Javascript on their site is really heavy. Seems to be trying to prevent key logging. They try to stop you using the keyboard at all, forcing you to pick chara

    • "So the banks in the UK basically aren't making any money on the general public...."

      *citation needed

  • by FeelGood314 ( 2516288 ) on Thursday October 14, 2021 @06:58PM (#61893579)
    And they were terrible in preventing and tracking fraud. In most countries if money goes missing in your bank account it is up to the bank to prove you enabled its withdrawal. In the UK it was up to the victim. The banks lacked many of the sophisticated controls used in North America to detect internal fraud and were outright hostile to anyone who pointed out security flaws in their system. I would not be surprised if much of the fraud in the UK involves at least a little intentionally stolen internal data.
  • by bb_matt ( 5705262 ) on Thursday October 14, 2021 @11:57PM (#61894043)

    I've had my bank account locked twice in the last 6 months and each time, it has taken me hours to get it unlocked and resulted in a number of payment issues, including those embarrassing supermarket checkout moments.

    In both cases, I was sending reasonably, but absolutely not significantly, large sums of money between bank accounts - I have an online only bank account and it's just quicker and easier to use a debit card, near instant, no fees.

    Whatever bank algorithms are in place seem unable to determine the validity of another banks account details - and this is despite the fact I've sent numerous smaller payments to the same account.

    Each time, I phone and exercise my frustration - "It's my money, you don't get to tell me what I can and cannot spend."
    The reply is always: "We are seeing significant amounts of fraud, we are just protecting you."
    My reply to that is always: "Bullshit, you are protecting yourselves due to banking regulations in the UK."

    The last time this happened, I enquired why my transaction had triggered an account lock, the reply was:
    "The transaction didn't fit with your spending habits."

    Oh yeah? Since when are my spending habits any of your business?

    Well, sure, I'm not naive - they have been for a very long time. Every transaction is a data point to be gathered to build up a profile.

    So, it really feels like, the money I hold in the bank isn't mine at all. The bank gets to decide what I can and can't do with my own money.
    Am I surprised about this? Nope, but what can I do?
    I remember some 30 years back, my first job, I was paid in cash. I had no bank account. What a wonderful time that was.

    The level of fraud has effectively made everyones lives a misery, the UK banks are so cautious, due to the regulations in place.

    Sure, if I was ever defrauded, I'd be super glad these regulations are in place, but I'll never buy the line from the banks "We are just protecting your money."
    Bullshit.

    • You missed a shot.

      Your response should have been, "Please close my account."

    • One upside of the USA's outdated bank transfer system is that you are more likely to use credit cards and the banks have a natural incentive to maximize spending as well as minimize fraud. And if your account does get locked "for your protection" you are less irritated because it's not your money
    • by tlhIngan ( 30335 )

      Each time, I phone and exercise my frustration - "It's my money, you don't get to tell me what I can and cannot spend."
      The reply is always: "We are seeing significant amounts of fraud, we are just protecting you."
      My reply to that is always: "Bullshit, you are protecting yourselves due to banking regulations in the UK."

      The last time this happened, I enquired why my transaction had triggered an account lock, the reply was:
      "The transaction didn't fit with your spending habits."

      Oh yeah? Since when are my spendi

  • and they thought "Those Brits, they look pretty easy to defraud..."

    • But some of these scammers have been stringing them along for multiple years. So arguably, they saw Brexit was going to happen and the rest is accurate :D

      Which means, obviously, that the scammers are far smarter than the Brits.

  • Deena Karia, another scam victim, told Reuters how she lost 10,000 pounds in early February after buying a seemingly safe bond purportedly issued by Credit Suisse and apparently listed on price-comparison site MoneySuperMarket.

    Yes, I've seen this. The site was money-supermarket.uk rather than the legitimate www.moneysupermarket.com. I didn't immediately spot it was a phishing domain (after all marketers are always coming up with new website addresses) and gave my details for a "fixed investment bond". T

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...