1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Fraud Advice

Discussion in 'GD Archive' started by The Halk, 27 Jun 2005.

  1. The Halk

    Capodecina

    Joined: 13 May 2003

    Posts: 11,862

    Location: Hamilton

    Ok, since there's a lot of posts about bank cards and bank account I thought I'd write something here for you folks.

    If you have a bank account, I strongly suggest you read this in full. If you have any comments, things I've missed out, corrections, please post them and I'll edit this post. I am not trying to create a list of everything that could cause money to be stolen from you. I'm trying to create something somewhere between complete, and short. :)

    Bank Account Security Numbers -

    You will only use this when you contact the bank. Never, ever, ever when they contact you. Under no circumstances will your bank ask for your security number unless you have contacted them, or you are using their internet service.

    Outbound Security -


    Outbound means when they contact you. They will not ask you for specifics about your bank account. They will ask you security questions, but not bank account specifics. If at any point you are unsure about who it really is calling you, ask them to put a note on your account that you were unwilling to continue for safety reasons, and ask them for the department name you need to speak to. And for Gods sakes don't phone the number they give you. Look up your banks number yourself. If I'm going to phone you and scam you, and you ask for a number to call to make sure, just who do you think is going to answer the phone? Me!

    An alternative is once you've answered the security questions, i.e. your DOB, your post code, your overdraft/credit card limit. Then ask them security questions. It's perfectly acceptable to ask them for the amount of money you last took from an ATM.

    Emails -


    If you receive an email from the bank, never, ever, ever follow any links on it. Never ever go to the address they specify. If a box appears asking for your details close it. By all means act on the information - if they contact you to say there is a problem with your account, for example, or that you qualify for a discount on x y or z. Thats' fine. But go to the site manually.

    Internet Banking -

    Never, ever follow a link to get to your internet banking. Never ever. Before you go to your internet banking, close every single browser window you have open. Next go to your banks page, by typing in the URL yourself. hsbc.co.uk halifax.co.uk natwest.co.uk. Whatever it is. Always make sure you've typed it in yourself. Always check that the address displayed in the navigation bar on your browser is your banks before typing anything in. And always check it's the domain. hsbc.internetbanking.server1351.com is NOT your bank. The part before the .com or .co.uk or .net should always be the name of your bank. And it should not be hsbc-internetbanking or hsbc-server1351. If in doubt close the window and start again.

    Chip and Pin, Debit card and credit card use -


    Insist on putting the card into the machine yourself, or, make sure the card does not leave your sight between moving from your hand, to the tellers, to the machine. The machine should be nearer you than the teller. If you're unsure about which way to put it in, ask them before you insert it. Don't worry too much if they put it in for you, they can't do anything by just touching it. If you're at a petrol station and they say the pin machine is inside and you need to tell them the pin - don't. Refuse point blank and do not do it. In circumstances like that, it is currently acceptable for them to process it as a signed for transaction, i.e. you don't use the machine. If you cannot type in the digits then do not reveal them. If you hand over a card to anyone, and they write down any numbers, once out of sight phone your bank, ask for lost and stolen and state that you think someone wrote down your card details, and that your card has to be cancelled, and a new one sent out to you. You will not be liable for any fraudulent transactions. Under no circumstances EVER let someone take a note of the 3 security digits on the back of your card. That is for you to use on the internet/telephone only. If by doing any of this a shop gives you a hard time then that is their problem.

    Computer Security -


    Keep your computer spyware and virus free. Not just protection software is required. Common sense too. Don't run programs you downloaded on peer to peer software. Don't open email attachments. Don't run dodgy pirated cracks or whatever. It's only a matter of time before a piece of spyware is released (perhaps there already has been) which will redirect your browser to a fake site when you type in the name of your banks site. To you there will be no way to tell you've logged on to someone's site only placed on the internet to steal your details. And before you know it, you'll have given them your passnumber, account number, been told internet banking has a fault and to try tomorrow... bang, account emptied. Never ever use a public computer, your work computer, your friends computer to access your bank details.

    Cash Machines ATMs-

    Don't use cash machines often and for small amounts. Use them infrequently for large amounts. Withdraw cash on your lunch hour, on the high street where it's busy. Not late at night where it's deserted. Take out enough to last you two weeks or a month. Don't take out 20 quid every time you need it. Use 2 or 3 cash machines only. That will 1) Make sure if you see an ATM usage on your statement you'll know if it was you or not. 2) You'll get used to it, and spot if someone modifies it. A modified cash machine does not look dodgy, it doesn't look stupid or out of place. I've seen pictures of them where it looks perfectly ordinary. Watch for anything that looks "after market" on the card slot. If it looks like something has been added on, no matter how legitimate it appears, do not use the cash machine.

    [​IMG]

    That cash machine has been altered. You won't know it when you use it. But someone will make a card, with their name, their signature and your bank details on it, and go shopping with it.

    This is it unmodified.

    [​IMG]

    A Big Warning -


    Right now banks are refunding customers who make elementary errors like the ones above. They are NOT obligated to do so. If you give a conman who knocks on your front door your credit card then you would not expect your bank to pay. Yet, right now when a conman sends you an email, and you give them your bank details, your bank is paying for your mistake. This will not continue forever. Sooner or later banks are going to stop paying out for customer errors. It might sound unfair, but banks give interest, charge interest, make charges etc all to pay for staff, costs and fraud. Fraud is on the increase, banks are extremely competitive. It's going to become the norm for banks to tell customers "We've cancelled your cards, that will stop any more money being stolen. We will now lock your security details, you'll need to visit a branch with two forms of ID to reset it. But you are liable for the money" Banks will continue to pay out for some forms of fraud. But "phishing" which refers to people pretending to be your bank to get your details, will, sooner or later, be the bank customers problem.

    A Disclaimer -


    I'm an employee of a bank. But this is not information from a bank, it's information from me, not as part of my job. I don't take any responsibility for anything that happens to you as a result of this. None of this is sensitive information, and none is information I am releasing that is confidential bank information.
     
    Last edited: 27 Jun 2005
  2. yak.h'cir

    Mobster

    Joined: 26 Aug 2003

    Posts: 4,484

    Location: The North

    Very informative!! Thank you for the effort. It all seems very obvious but then why oh why do so many fall for it?!?
     
  3. The Halk

    Capodecina

    Joined: 13 May 2003

    Posts: 11,862

    Location: Hamilton

    You're not concentrating, the bank phones. They ask you for digit 2 and 3 of your security number, they say they may have misheard you, and ask for the first and last digit. They then tell you that you've been selected for a special rate on life insurance. You say you're not interested, hang up. It wasn't your bank. They empty your account.

    You get an email, asking you to check your details. You click the link, your banks homepage loads, and a box appears asking for your pass number. You type it in. Someone else empties your account.

    You walk into a small shop, ask to pay by card, sure they say, write down your card number on the back of the slip. Plus your 3 digit security number. Later on that same card number is used in the casino.

    Etc etc.

    Unless you read something like this and give it some thought, when you aren't concentrating you'll slip up.

    Now you've read it, hopefully, if it does happen to you, something will fire, a bulb will light up and you'll say "no".
     
  4. MisChief

    Sgarrista

    Joined: 8 Mar 2005

    Posts: 9,173

    :eek: I have such a bad memory, I'd most probably forget which digits they asked for and end up giving my whole pin number... Cheers for the advice :)
     
  5. Harley

    Man of Honour

    Joined: 1 Sep 2003

    Posts: 2,358

    There's a few other steps you can take to avoid many of these problems.


    1) Don't use internet banking
    2) Don't EVER put any banking details on a PC that is connected to the net
    3) Don't mail order via the internet.
    4) Don't give your bank an email address for you. Then, anything that arrives purporting to be from your bank is fraudulent.

    Of course, that involves sacrificing a level of convenience, but it sure increases your level of security. :D
     
  6. Killerkebab

    Sgarrista

    Joined: 27 Mar 2004

    Posts: 8,436

    Location: Kent

    Here's a hint for anyone who may or may not fall for scam emails:

    You have NOT won anything.
    You have NOT been chosen to take part in a new business venture.
    NO ONE wants you to hold their money for a certain amount of time.
    NO ONE wants to sell you anything.
    Western Union is NOT to be trusted.
    People from a certain country in Africa most likely WILL scam you.
    Your bank DOES NOT want to know your details.
     
  7. The Halk

    Capodecina

    Joined: 13 May 2003

    Posts: 11,862

    Location: Hamilton

    If you're going to that level...

    Then scratch off the 3 digit security number on the back of your bank/credit cards. It'll technically invalidate your cards. But you won't be using them in shops anyway. Cash machines don't need that.

    A step further is to take some alcohol/something and a cotton bud and rub off the signature strip completely.

    Tell your bank you don't want a security number, and ask them to remove it.

    Tell your bank to use a fake date of birth as your identification date of birth.

    Tell them your address has changed and make up a name for your house. Insist that they post everything to that address.

    The Hilton
    8, Anystreet Avenue
    Wherevertown

    Will get to you just the same as -
    8 Anystreet Avenue
    Whereevertown.

    But you'll know the letter is from your bank.

    Make sure that they do not have your permission to pass your address to anyone else outside the actual bank, even the group.
     
  8. Pixel

    Sgarrista

    Joined: 13 Apr 2003

    Posts: 7,618

    Location: Lincolnshire

    Excellent thread, gets 5 stars from me. You can never be too safe with your money these days, there are so many people out to rip you off, especially online.
     
  9. The Halk

    Capodecina

    Joined: 13 May 2003

    Posts: 11,862

    Location: Hamilton

    Added a cash machine section. Finally found some pictures to do it justice :)
     
  10. Harley

    Man of Honour

    Joined: 1 Sep 2003

    Posts: 2,358

    I must admit to not having gone that far.

    Done that, though.

    And that. Though I didn't change the details - I started out like that.

    Yup, check. Have that confirmed in writing.

    Hmmm. Sneeeeaky. I like it. :D
     
  11. Killerkebab

    Sgarrista

    Joined: 27 Mar 2004

    Posts: 8,436

    Location: Kent

    By security number, you mean chip/pin of the CVV2 ?
     
  12. The Halk

    Capodecina

    Joined: 13 May 2003

    Posts: 11,862

    Location: Hamilton

    For HSBC customers anyway you can request that we do that. We'll be more than happy to do it. Just don't forget you did it, or your account could get locked very easily :p

    It's done for people where their family (son, daughter, ex-wife, etc) has tried to gain access.

    It's a beautiful little thing in my opinion.

    The bank can only tell you "Some of the information you have given has not been correct" and the fraudster will in no way suspect it was the date of birth.
     
  13. The Halk

    Capodecina

    Joined: 13 May 2003

    Posts: 11,862

    Location: Hamilton

    [​IMG]

    Edit : I do NOT recommend removing those 3 digits, or the whole security strip. That's a very extreme measure, and any retailer presented with a card like that should refuse it (but most won't).
     
  14. Killerkebab

    Sgarrista

    Joined: 27 Mar 2004

    Posts: 8,436

    Location: Kent

    Can it be different information? Can I request that the bank call me Superman?

    That would be CVV2 then :)
     
  15. Harley

    Man of Honour

    Joined: 1 Sep 2003

    Posts: 2,358

    Agreed. I really like it.

    I think I sense a small bank-contacting session coming on next time I go home.
     
  16. The Halk

    Capodecina

    Joined: 13 May 2003

    Posts: 11,862

    Location: Hamilton

    Yes. But banks don't ask you to do that when you identify youself to them. If you like though, your cards can have "Superman" and letters will be addressed "Dear Superman" Any time you speak to the bank though, they'll be thinking "Well, I'm a banker. And he's something that rhymes with it"
     
  17. Killerkebab

    Sgarrista

    Joined: 27 Mar 2004

    Posts: 8,436

    Location: Kent

    A tanker? Must the bank know I am in the army? :D
    Also, what does removing the CVV2 number do? Is it just that now I can't use it online/by telephone?
     
  18. The Halk

    Capodecina

    Joined: 13 May 2003

    Posts: 11,862

    Location: Hamilton

    Right. It means that if you're in a shop and someone takes a note of your card number and that 3 digit number they can order online or on the phone using it.

    Up where I live there was a syndicate of people doing it. They got people working in shops to collect the numbers, and 6 weeks after it was collected they'd then go and use the card details.
     
  19. Raymond Lin

    Capo Crimine

    Joined: 20 Oct 2002

    Posts: 65,911

    Location: Wish i was in .Lethal's house

    Well, i've always ignore Emails from bank, and phonecalls from them. If they want to ask me something, i always ask them to post it to me. You guess it, i never get those letters.
     
  20. -Mike-

    Capodecina

    Joined: 22 Dec 2002

    Posts: 10,166

    Location: Minehead

    Very interesting read indeed, can this be put in a sticky or the archive at some point so that others will have access to it? 5*'s