Posts Tagged ‘fraud’
We wouldn’t be doing our civic duty if we didn’t inform you of it, but if you’re one of those lazy people who can’t be bothered reading an article, then the solution we offer is to never, ever answer a phone call, just to be on the safe side.
For those who insist on answering phonecalls or, indeed, want to learn about doing some fraud for some extra beer money, here’s the low down.
This scam has been dubbed ‘number spoofing’, where ne’er-do-wells clone a telephone number of an organisation and basically impersonate them so that, on your caller ID, you’ll think it is all legit and above board. The people at Financial Fraud Action UK reckon that this has become a bit of a problem in recent weeks.
Of course, this type of scam has been knocking around for years, but it is on the increase and criminals are using it to steal your money. At the moment, according to FFA UK, the main targets are businesses, but personal banking customers are also finding themselves being contacted by these snide gits.
Basically, fraudsters are posing as bank staff or police officers and ask you for your personal and financial details. They usually tell you that fraudulent activity has been detected on your account, which is a bit rich seeing as the scam ends up with fraudulent activity all up in your business.
If the scam artists don’t get your details, they’ll try and get you to send money to another account for ’safe-keeping’. Frankly, if you’re going to fall for that, then you need to start worrying. Remember though – no organisation, including your bank, will ever, ever ask for your password and PIN number in whole. Anyone doing so is absolutely trying it on with you.
Craig Jones, spokesperson for FFA UK, said: “Number spoofing is becoming increasingly common and it’s not difficult for the criminals to fake a caller ID. So if a number appears on your phone’s caller ID display, you shouldn’t assume you know where the call is being made from.”
“Remember that if a caller is trying to draw your attention to the number on your phone display, it’s very unlikely the call is genuine as there is no legitimate reason to point it out.”
The SFO has, according to reports, told Tesco that they’ll be launching a formal criminal investigation into the scandal and to expect a statement on the whole thing this week.
As we know, the Financial Conduct Authority are already investigating the retailer – soon, Tesco will have to open a new aisle just for people in business suits tutting at spreadsheets and mainlining instant coffee.
Deloitte, the accountancy lot, have completed their enquiries into this wretched mess, and Tesco are declining to comment on it all, apart from saying that the practices at the centre of the scandal had been going on for longer than they’d originally thought. That’s what resulted in a missing £263m.
It has been said that a ‘small group’ of employees were behind it all, and Deloitte’s investigation unearthed “inappropriate behaviour” and the fact that there’s been “deliberate intention” to pull a fast one on auditors.
Tesco shares are plummeting as a result of all this, so if you think Tesco are big and ugly enough to sort all this out and win everyone’s trust again, it might be worth buying some stock and making hay while the sun shines.
Industry body the British Bankers Association (BBA) has teamed up with the police to launch a campaign which they hope will raise the public’s awareness on all things fraud, looking at the most common scams that will happen online or down the phone.
Based on the results of a YouGov poll, the BBA said that eight million people are vulnerable to voice phishing scams, four million may transfer money to fraudsters, three million could potentially carry out “test transactions” and 1.7 million would hand their bank cards to couriers on their doorstep if they had a convincing form of ID.
Best not to answer the phone or door to anyone, ever.
Anthony Browne, chief executive of the BBA, said: “Being defrauded is a devastating experience for anyone which is why we are launching this campaign. The more people know about fraud, the less likely they are to become victims.”
“Our Know Fraud, No Fraud campaign will help you spot some of the tactics used by scammers. Your bank would never send someone to your home to collect your cash or ask you to transfer funds to a new account.”
So, for your records to be printed out and stapled to grandma’s forehead as a reminder to her and everyone else, here’s the BBA’s List of Things That Your Bank Will Never Ask For.
- Ask for your full PIN number or any online banking password over the phone or via email
- Send someone to your home to collect cash, bank cards or anything else
- Ask you to email or text personal or banking information
- Send an email with a link to a page that asks you to enter your online banking log-in details
- Ask you to authorise the transfer of funds to a new account or hand over cash
- Call to advise you to buy diamonds or land or other commodities
- Ask you to carry out a test transaction online
And this time the Attorney General of New York State has weighed in on the bank. Eric Schneiderman and the state of NY have filed a lawsuit against them for giving an unfair advantage to high frequency, ‘predatory’ trading clients in the US – despite telling everyone else that they were trying to protect other customers against such traders.
‘Dark pool’ trading allows investors to trade without influencing the market.
Barclay’s dark pool system was called LX Liquidity Cross, and was supposedly set up to get customers the best possible prices for their shares. Instead, they – whaddya know? – maximised their own profits. Nearly all trading was done through LX, rather than through other exchanges that would have offered a better price.
‘Barclays grew its dark pool by telling investors they were diving into safe waters,’ Schneiderman said. ‘Barclays’ dark pool was full of predators – there at Barclays’ invitation.’
*cue theme from Jaws*
From taking bulbs out of tail lights so that people crash into you, to simply railroading pregnant women in cars on purpose: there’s a myriad of choices for the petty criminal about town.
And now the Association of British Insurers (ABI) is saying that detected insurance fraud reached record heights in 2013 an 18% increase on the previous year. £1.3bn was paid out in dodgy claims involving fake car crashes and car insurance scams last year.
Crash for cash scams are rife all around the country, and that causes everyone’s wallets to suffer from whiplash, too. It’s been estimated that fraudsters are costing households £50 extra a year on their insurance premiums.
As well as professional crash for cash scammers, fake car insurance claims rose by 34%, with people claiming they had injuries and later being filmed playing golf and dancing the pasa doble.
But although attempted fraud has gone up, the ABI added that overall the number of successful fraudulent cases has gone down, thanks to better reporting and investigation.
Malcolm Tarling of the ABI said: ‘The number of detected frauds is rising; that’s because we are getting better at detecting staged accidents. We are going to continue to tackle fraud – that’s what our honest customers expect us to do.’
Hmmm. So if actual fraudulent claims are down, why are our premiums still up?
In a world that favours labels and ridiculous designer handbags that look like a jailer’s crotch, the counterfeit goods industry is booming. But not any more. A specialist police unit has shut down over 2,500 websites offering knock off GBH hair straighteners, Fugg boots and Hollista clothing, amongst other bare-faced designer fakery.
The unit, called Pipcu, (which might sound like an animated penguin, but is short for the Police Intellectual Property Crime Unit) was launched last year to crack down on fake goods. These websites have been leaving customers in the lurch, offering bad quality or often not bothering to deliver goods at all.
While most of us may cry, ‘Well what did you EXPECT?’, these websites hoodwink people by coming up under Google shopping searches, and look like the real deal. One customer ordered Ugg boots for her daughter, thinking they were legitimate.
Unfortunately, she then found that not only were the boots fake, but the website owner had used her credit card details to do a spot of shopping himself.
DCI Andy Fyfe of Pipcu (if indeed that is his real name) said that often the sites are a front for organised crime and can also contain viruses.
‘Consumers also need to be aware that by accessing websites like this they are running the risk of their personal details being compromised and being used for other fraudulent scams, as well as exposing their computer to malicious malware.’
So be warned. In future, always buy your ugly designer crap from a reputable online retailer.
Before you book your summer holiday, it might be a good idea to acquaint yourself with the latest online travel scams – of which there are many.
According to a new report from the National Fraud Intelligence Bureau, travel-related internet scams are diddling customers out of about £7 million a year, and last year there were 5000 reported cases of holiday fraud.
So what should we be looking out for? Well, fake ads for apartments and villas are very popular amongst Internet fraudsters. 3 out of 10 victims fell for imaginary accommodation advertised on Facebook, so before you get the credit card out, it’s a good idea to check that your dream destination actually exists, and isn’t just a stock photo of some random guy’s house in Tenerife.
21% of cases involve people falling for airline ticket fraud, where people pay for tickets in advance, with the promise of a booking, and the booking is never made. And because these ‘companies’ rely on paperless ticketing, fraud is rife – particularly on flights to Africa.
The solution? Check, check and double check. ABTA says you should do a thorough background check of any holiday company before you book, and read all customer reviews in case there are any grievances or evidence that other victims that have been scammed.
Anyway. HAPPY HOLIDAYS!
You would think that if someone hacks into your mobile phone account, and then unlocks a (possibly stolen) iphone and starts charging their bill to you, that your mobile provider might do something about it. You’d think that they would be FALLING OVER THEMSELVES to fix your compromised account.
But no. When this happened to one customer, avid Bitterwallet reader Mr Confused in November, Vodafone’s response was lukewarm to say the least. When he found out about it early in December, Vodaphone promised to open a fraud case and said they would call back in a few days.
Days passed. Weeks passed. Christmas came and went. On December 31st Mr Confused called them, only to be told that the fraud case had been deemed ‘invalid’. When he got (understandably) upset that they didn’t bother to tell him, Vodafone’s Twitter support team advised Joe to send them an email, so he did.
On January 2nd, Vodafone called back to tell him he would get a call back in two weeks.
On January 15th, having not received a call back, Mr Confused called them again, and the call centre lackey got his name wrong, calling him ‘Mr Bains’ and giving him details of Mr Bains’ account – which obviously wasn’t his account. After happily imparting someone else’s sensitive information over the phone, the call centre guy told him to call the fraud team. When he contacted the fraud team, they had no idea what he was talking about. AAAAAAAARRRRGH.
So essentially, a customer’s account was compromised, nobody really did anything about it, and then Vodafone compromised another customer’s personal details in the process of not really doing anything about it. Mr Confused is now Mr Furious, and despite contacting Vodafone over Twitter and Facebook several times, he is -as far as we know – still waiting for an explanation and an apology.
Over to you, Vodafone.
We regularly delete that Paypal email addressed to ‘dear costumer’, and we can spot a Nigerian inheritance scam at fifty paces. But what email dodginess can we look forward to in 2014?
Well, this year, email scams are getting more creative than ever. Rugby fans should be aware of the Rugby World Cup 2015 scam, where unscrupulous websites are selling fake tickets in exchange for your hard earned cash. The advice is only to buy from the official site.
Then there are fake Royal Mail emails, from an address called ‘Royal Mail Group.’ These bogus emails try to convince you that you’ve missed a package or something has got lost in the post. If you click on the attachment to retrieve your parcel, it installs malware, so don’t click, and delete the email immediately.
It’s doubtful that you’ll invest in graphene after receiving a junk email, but if you’re tempted, don’t. Graphene is a new kind of carbon substitute and won’t be used commercially for another 6 years, so if someone tries to sell you it, it’s impossible to tell if it’s the real thing.
Then of course, there are the phone scams you’re probably more likely to fall for, like ‘vishing’, where people pretending to be the bank say your account has been compromised and then put you through to a fake bank representative.
But although these scams have new guises, it’s still the same old story – don’t give anyone your information unless you’re 100% sure it’s a trusted site or caller. And for God’s sake don’t open random zipfiles from people called Eugenia Pontes Pontes or Maximus Gloryhole.
If you’ve been getting into waving your credit card around near the machine, rather than having to type in that timewastingly long 4 digit pin number, be warned – engineers from the University of Surrey have found that contactless payments are relatively easy for others to intercept.
According to them, they managed to ‘successfully receive contactless transmission from distances of 45-80cm using inconspicuous equipment.’
The banking industry, who have issued millions of contactless cards, insists that’s not true. They say: “The technology is extremely robust, has been thoroughly tested and is working as expected. Payments can only take place where the card is placed within 5cm (2 inches) of the terminal.’
But the researchers have proved them wrong. Using easily available shop bought electronics, the researchers rigged up a looped antenna, which successfully swiped the information from a contactless card from 45cm away. The device, which could easily be concealed in a backpack, was mainly made of cheap components. The most expensive part was a computer card costing £1500, but they said it could be easily replaced with a lower cost version.
(Way to go University of Surrey, giving people ideas.)
The UK Cards association said that contactless fraud card was still extremely rare. But with this and the Marks and Spencer’s debacle, where customers recently paid for things by mistake, contactless payments might just prove to be more trouble than they’re worth…
It’s no yolk, a pensioner couple in Dorset have been fined £300 each and ordered to pay costs of £1,178 after buying a loads of battery farmed eggs and selling them as if they were free-range eggs from their back garden. A member of the public noticed the couple suddenly had a lot more eggs for sale but had no more hens. This concerned citizen put two and two together and reported them to Trading Standards, who decided to prosecute.
Stephen and Anne Hobbs, aged 65 and 66 respectively, poached bought 12,000 eggs from a battery farm, removed the producer code stamped on the eggs, and the resold them as free-range garden hen’s eggs. They were charging £2.20 a dozen for the eggs, which had cost them £1.30 to buy.
The couple originally claimed they had done no wrong as they did not specifically advertise the eggs as free range; however the court ruled this was implied by the fact that they sold the eggs next to free-roaming hens and that they deliberately removed the battery producers-code.
The pensioners pleaded guilty to the charges at Bournemouth Crown court, claiming that they had only done it as a last resort after their hens stopped laying, and they hadn’t even made any money, as the £9,000 profit was spent on chicken feed. That’s a lot of chicken feed.
Ivan Hancock, of Dorset County Council’s trading standards department, said in a statement that the reason this case was worth prosecuting is the importance of people knowing the provenance of their food – which has been at the forefront of consumers’ minds since the horse meat scandal.
He said: “Many consumers choose to buy from local outlets to support local producers or particular methods of farming or production. Anyone misleading customers undermines that choice and abuses the trust consumers place on local food suppliers.”
What a cracking result.
Sealing their reputation as a caring, sharing payday lender, Wonga has raided the account of an innocent 15 year old boy whose bank details were used by fraudsters to take out a loan.
Obviously, you have to be 18 to borrow cash, but greedy Wonga didn’t check the details closely enough, and failed to spot that the account actually belonged to Simon Oliver, now 16, from East Sussex.
The poor lad tried to take money out on a school trip, only to find that Wonga had drained it of £260. Not only that, but IT WAS HIS BIRTHDAY AND CHRISTMAS MONEY THAT HE’D SAVED UP. (Let’s just take a moment here to well up with indignant tears).
Simon’s bank refunded the money, but the trouble won’t be over for Wonga. According to Watchdog, which will be getting its teeth into the story on tonight’s show, there have been 386 reported fraudulent loans granted by the company – some amounting to thousands of pounds.
The Office of Fair Trading are currently investigating the whole payday loan industry – and MPs are calling for much stricter measures, including real time credit checks. Let’s hope these shabby shysters get their arses kicked soon.
In fact according to the European ATM Security Team (who we hope are a gang of Mission Impossible types in black catsuits hanging around outside The Royal Bank of Scotland with Kalashnikovs) it’s becoming the norm.
Criminals use Bluetooth to get your card details and pin number, then before you know it you no longer exist and you’re running through Waterloo station with a sniper on your tail.
It’s becoming a widespread problem, so make sure you take the same precautions as you might with a cash machine – check for any suspicious devices, and don’t use if you’re in doubt.
The good news is they have yet to crack Chip and Pin devices, which are widely used in the UK and Europe, but be on your guard. Meanwhile, there’s always less subtle methods of snaffling cash from ATMs, like this…
Security researchers have found a dastardly botnet that is stealing millions per month from advertisers by simulating click-throughs on ads.
It has been called the “Chameleon” botnet by analytics botherers spider.io thanks to its ability to display adverts that make money for fraudsters and hoodwink advertisers’ behaviour-tracking algorithms.
It is estimated that Chameleon is responsible for at least nine billion fraudulent ad impressions, which means that the botnet causes $6.2 million per month in advertising losses.
There’s a phishing scam knocking around that behaves like a nightclub bouncer, according to reports. Does that mean it wears a black overcoat with a luminous yellow armband and barks at you to take your drinks back inside?
Either way, phishing attacks aimed at getting your personal information out of you were 59% higher in 2012 than the previous year and researchers reckon that it is costing the global economy over $1.5bn in fraud damages.
And there’s been a rise in the phishing scam that has been called “bouncer list phishing” because, ostensibly, it acts like “if your name is not on the list, you’re staying out.” according to Limor Kessem, cyber intelligence expert at RSA.
The bouncer phishing kit targets a list of email recipients and a user ID value is generated for the target, sending them a unique url for access to the attack. Any outsider attempting to access the phishing page is redirected to a 404 page.
“Unlike the usual IP-restricted entry that many older [phishing] kits used, this is a true – depending on how you look at it – black hat whitelist,” Kessem said.
When victims access the link, their name has to be on the list and their “D value is verified on-the-fly as soon as they attempt to browse to the url.” And then, validated users find that the kit generates an attack page designed to steal their information.
“These kits, used to target corporate email recipients, can easily be used as part of spear phishing campaigns to gain a foothold for a looming APT-style attack,” wrote Kessem. “Unfortunately, it is entirely up to the webmasters to become more aware of security and ensure that their websites don’t get exploited.”