Student scammed out of £5,400 by a TEXT, but here’s how to avoid getting stung
Fraudsters are targeting young people in scams which use texts and phone calls to reach their victims.
Has a text message ever cost you £5,400? For one unlucky student, this nightmare became her reality when she responded to a text message that she believed had come from her bank.
Biology student Alison Dean received a text that seemed to be from her bank, the Co-operative, which asked whether she had just made a £999 transaction. It said that if she hadn’t, she should call the number given in the text message to speak to her bank.
The text appeared in the same conversation as previous legitimate texts that Alison had received from the Co-op, and as she was used to getting them, she felt she had no reason to smell a rat.
However, fraudsters had somehow inserted their scam message into the run of authentic texts from the bank, and ended up taking £5,400 out of Alison’s account.
How did it happen?
As many people would do when they think money has been incorrectly taken out of their account, Alison rang the number sent in the text message. She was conned into giving her bank details and the crucial card-reader-generated code.
Speaking to The Guardian, Alison described what happened:
I gave them my card details and used my card reader over the phone. Looking back it seems rather stupid but it was all done so expertly.
I genuinely thought I was talking to bank staff who were helping me deal with a fraud.
Similarly, Bristol student Ben Bowman thought he might have to leave university after just three weeks when he was attacked by fraudsters.
The crooks knew all his details and previous transactions, so as far as he was concerned they really were his bank. £1,713 was taken from his account, and a £20,000 loan was applied for in his name.
Unlike Alison, who was asked to ring the bank herself, Ben was called directly by someone pretending to be NatWest’s fraud department. The caller listed his transactions, and asked Ben to confirm his genuine ones.
Ben explained:
The caller knew I had bought a Domino’s pizza two days ago and all my other purchases. I had never been called up by a fraud department but he sounded exactly as I would have expected.
All the account details he quoted were right. I was 1,000% convinced that the guy worked for NatWest and was genuine.
How did the banks respond?
As soon as Alison realised something was wrong, she called the Co-op to explain what had happened.
Five transactions had already been made from her online banking account, and although the Co-op cancelled two of them, three had already gone through. Alison didn't manage to retrieve the stolen £5,400, and the Co-op refused to reimburse her.
As for Ben, he was told by NatWest that they would shut down his online banking and that he should delete his mobile app.
Fortunately for him, he was also going home for the weekend, so was able to immediately open the letter addressed to him approving a £20,000 loan under his name.
- Best student bank accounts 2018 (including customer service scores!)
- Head over to our student discounts directory and save yourself a bundle
Ben then visited his local branch, only to find out that scammers had been removing £500 a day from his account for the last five days.
NatWest staff spent three minutes analysing what had happened before sending the now-penniless student on his way.
Ben said:
They were quite happy to send me out of the branch knowing that I had absolutely no money in the world.
Following The Guardian’s intervention, Natwest refunded Ben the £2,500 he lost as a one-off gesture.
The Co-op, however, refused to refund Alison. A spokesman for the bank said:
She responded to the fraudulent message and disclosed her full security details, which is something we explicitly advise customers not to do.
How can you avoid getting scammed?
If this scam tells us anything, it's that con artists are more cunning than ever. Getting a fake text to appear in the same conversation as some legit messages is frighteningly impressive, and it means you've got to be even more vigilant with your banking.
A NatWest spokesman commented:
We know how distressing being a victim of fraud can be and would encourage customers to remain vigilant in response to unexpected phone calls from individuals acting as their bank and if requested to provide security details, hang up immediately and phone the bank on a trusted number.
Ben admitted that he probably won’t be using online banking again: “It will be a pain but this episode says to me that it’s just not worth the risk.”
Interestingly, both Alison and Ben had registered their debit cards with Uber, who recently admitted to concealing a huge data breach last year that saw hackers grab the details of 57 million drivers and passengers.
Uber claimed that no card details were stolen. However, Uber is far from being the only company that's fallen victim to a hack, so it's entirely possible that the fraudsters got their details from elsewhere.
If a fraudster is able to obtain the first few digits of a card number, they can usually work out what bank the card came from. From there, it’s much easier for them to pose as the bank and pull off a scam.
What's more, legit banks do use cutomers’ mobile numbers as a way to contact them, meaning the scammers' behaviour is all the more convincing. They can even take total contrik over a victim’s mobile phone account, so if your phone inexplicably stops working, be wary of fraud.
Like Ben, getting rid of online and mobile banking is one way to prevent this from happening to you. However, we understand that there are so many benefits of online banking too, and you can stay safe while still using it if you take the necessary precautions.
If you'rre going to use these methods to bank, it’s also important to treat with caution any texts or emails which claim to be from your bank. If you need to speak to them, only call the phone number on the back of your card or displayed in official documentation.
If you’re worried about what you should and shouldn’t do online, check out these tips and tricks on avoiding cyber attacks.