This is an extract from Uncovered with Sam McBride, a subscriber-only weekly newsletter from the Belfast Telegraph’s Northern Ireland Editor, sent directly to email inboxes on Wednesday evenings. To become a subscriber and receive Sam’s weekly updates, sign up here.
A few days ago, my own stupidity and the ingenuity of those trying to steal my money combined to mean that I fell victim to a scam.
Checking my emails on Sunday afternoon, there was a message from a delivery company saying that we’d not been at home and I needed to reschedule a delivery.
At this point, some of you are rolling your eyes – “how did you not spot it?” Well, superficially, it made sense: I’d ordered something on eBay, and we’d been out for a few hours so hadn’t been at home.
I clicked a link to get the parcel redelivered and wasn’t thrilled when I saw they wanted £1.50 to do so. But beyond muttering darkly, the sum was so small that I went ahead and paid it.
Only shortly afterwards did I realise what was going on.
After calling my bank who helpfully stopped anyone using the card details I’d entered, I thought that was that. But the scam didn’t stop there.
On Monday night, I got a call from an unknown number. A man with an English accent said he was calling from my bank’s anti-fraud team.
If he’d asked for my card details, by this stage I would of course have realised immediately that it wasn’t the bank.
But instead he spent time building a rapport with me. He relayed things which I either knew to be right or which sounded plausible: I’d called the bank yesterday to have my card blocked and the bank had noticed a spate of these incidents over recent days.
He said they’d noticed suspicious transactions on my card: £90 for Just Eat in Newcastle, £900 for car hire somewhere, some other big sum for Coinbase.
It was only when he asked me to forward him the original scam email that I became really suspicious and asked if there was a number on which I could call him back. He said he’d check with his manager and then the line went dead.
After ringing my bank, they confirmed that they’d not tried to call me and that the scammers hadn’t managed to extract any money from my account.
I’ve grown up with the internet and have had training in how to spot scams and yet I fell for something which ultimately wasn’t terribly sophisticated.
When the second call came, I’d some suspicion that the number was withheld. But I was on deadline for filing a court report on the criminals behind the Mobuoy superdump and was partly distracted, while also wondering if it was right that someone had taken more than £1,000 from me.
However much we educate ourselves or seek to protect ourselves from our own vulnerability to exploitation, human frailty is such that there’ll be times when the scammers win.
The story up to this point was recounted in my weekly email newsletter to subscribers which goes out every Wednesday evening. But after I’d written that, I got another call.
This time, the number wasn’t withheld but was cleverly made to look almost identical to the real number of my bank. It was only the fact that I was now intensely suspicious which meant that I looked at it closely and saw it wasn’t from an 0800 number at all, but from a mobile phone.
I didn’t answer, but it didn’t stop there. An even more sophisticated text message arrived in the name of my bank. I don’t have the bank’s number saved into my phone so it must utilise some service whereby it pays phone operators to have its name automatically come up as a security precaution.
Here, that didn’t work. The scam message infiltrated the thread of past genuine messages from my bank and stated it was from the bank.
I was told to call urgently…and the message even had ‘BE SCAM AWARE’ in block capitals.
I’ve suffered nothing out of this beyond the inconvenience of having my bank card reissued and some wasted time. The Government says that every year one in 17 adults falls victim to fraud, some of it life-altering.
It’s easy to see how these techniques could trick people out of huge sums of money, where they’ve done very little wrong.
Read more
Several people got in touch in response to the email to say this had happened to them. My favourite was the man who said: “Personally, when I receive one these calls, I like to try and turn the tables by wasting as much of their precious money-making time as possible. In one case, I kept up the charade for three hours.”
He noted that this is, however, “a pleasure that only retired folk can indulge”. A lot more education is needed to help people learn how to spot these horrible scammers.
With the growing power of artificial intelligence and the hoovering up of our data online, these scams will become more sophisticated by building an accurate picture of us to the extent that it will increasingly sound like only our bank could know this information about us.
As in so many areas, we’re going to be left struggling to trust anyone unless we’re physically standing in front of them.
Scams are ultimately a type of theft and theft has existed since the dawn of time. We’ll never be able to stop it all, but how is it that government can’t prevent crooks from being able to use a bank’s name to send text messages over a public network?