, , ,

Google Predicts AI Will Be An Issue For Regulators

“It’s going to be a big issue,” Geoffrey Hinton said at a Reuters Newsmaker event in Toronto on Monday (Dec. 4).

Hinton should know: He led a group of scientists at the University of Toronto who developed some of the key algorithms that neural networks (programs that mimic the way humans learn to perform complex tasks) use to crunch massive quantities of data and train themselves to identify patterns to mimic the way the human brain would perform tasks, such as driving a car, analyzing potential financial trades or using medical images to diagnose diseases.

Those advances enabled Google to add voice recognition to Android mobile devices, and researchers also used it to cut error rates in optical recognition compared with earlier technology, said the Google executive.

And since neural networks teach themselves to perform complex operations, it is impossible for their developers to tell government regulators exactly how those systems work.

“All you need is lots and lots of data and lots of information about what the right answer is, and you’ll be able to train a big neural net to do what you want,” he said.

Hinton believes that deep learning is close to revolutionizing the way certain diseases are treated, including making more accurate diagnoses. In fact, he expects mobile apps to be created that use neural networks to examine images of skin lesions, advising users when to see a doctor for a possible biopsy.

“We’d like to make medicine better,” Hinton said.

 

Source: (Pymnts, 2017)

, ,

PCI DSS: Secure Your Security

In 2014, there were 62,264 reported cases of credit card fraud. When customers come to your business to purchase items, they are trusting you with their security information and it is your responsibility to ensure that the appropriate security measures are in place so their financial information is safe.

PCI DSS is the Payment Card Industry Data Security Standard. What this means, is that your customers are protected from any fraud that may happen as a result of their transaction. If you refuse to use PCI DSS, you’ll be fined and may even be forced to remove payments by card at your business – leading to less profit.

There are 12 high level requirements, and they fall into the six categories:

Build and Maintain a Secure Network

1. Install and maintain a firewall configuration to protect data
2. Do not use vendor-supplied defaults for system passwords and other security parameters.
Protect Cardholder Data
3. Protect stored data (use encryption)
4. Encrypt transmission of cardholder data and sensitive information across public networks

Maintain a Vulnerability Management Program

5. Use and regularly update anti-virus software
6. Develop and maintain secure systems and applications

Implement Strong Access Control Measures

7. Restrict access to data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data

Regularly Monitor and Test Networks
10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes

Maintain an Information Security Policy
12. Maintain a policy that addresses Information Security

By paying for PCI DSS you’re actively helping to ensure that not only your customers are protected, but your business is too. You’ll also avoid fines and addition fees that can tally up without PCI DSS.

, , , , ,

Could you be the next victim of identity fraud?

We explain the different types, how they are committed and ways to keep your money safe.

  • ID fraud claimed more than 148k victims last year – a 57% annual rise
  • One couple had £8k stolen from their joint account by criminals
  • We explain all of the ways you can fall victim – and how to prevent it

The rate at which individuals’ personal details are being stolen by criminals is rising fast. Fraud experts say the public need to be more vigilant than ever.

Laura Shannon explains the different fraud types, how they are committed, and explains ways to keep your money safe.

Identity fraud claimed more than 148,000 victims last year – a 57 per cent rise compared to the year before. Cifas, the financial crime prevention service, says every demographic is being targeted – with fraud affecting all age groups.

But how it happens remains a mystery to many victims.

This was the case for retired couple Mike and Sheila Fairholm, both 67, who had £8,000 looted from their joint account with NatWest while they were on holiday in Berlin last December – and where they had not used their cards and only took cash.

When they returned to their home in Wallsend, Newcastle upon Tyne, they found Mike’s log-in password for online banking had been changed.

After using Sheila’s log-in, which was unaffected, they discovered £8,000 had been spent at a spread-betting company. Curiously the sum was returned to them in three instalments – all while they were still away.

The Fairholms also noticed £1,000 had been transferred from their savings account to their current account.

Despite not having lost any money, the couple are concerned about how this could happen and keen to get answers. Sheila says: ‘The bank cancelled my husband’s debit card, which had been compromised.

Mystery: Mike and Sheila Fairholm had £8,000 ¿looted¿ from their joint account while they were on holiday

Mystery: Mike and Sheila Fairholm had £8,000 ‘looted’ from their joint account while they were on holiday

‘But it seemed unconcerned that someone had been able to access our online banking details, change passwords and spend a huge amount of money leaving us overdrawn for a couple of days. We were astonished at its reaction and worried it was not taking the fraud seriously.’

It was suggested to the couple there was a virus or malware on their home computer. But they took it to PC World to be checked over, at a cost to themselves, only to be told the device was secure.

The Fairholms also use F-Secure software to help keep their information protected.

 Mike visited his local NatWest branch to discuss the fraud with a manager, only to discover the couple also had a £10,000 overdraft on their account, which they weren’t aware of and did not ask for. This has now been reduced.

The manager suggested Mike’s card had been compromised in the run-up to Christmas when he had bought items online, but Sheila says this does not explain how someone could access their account and change passwords.

NatWest says: ‘We take fraud extremely seriously. We are working with the Fairholms to ensure their accounts are kept secure.’

The couple took the computer to PC World to be checked over only to be told the device was secure

The couple took the computer to PC World to be checked over only to be told the device was secure

The different types of fraud: 

Identity fraud 

Criminals glean personal information about an individual to open accounts in their name, order a mobile phone contract, request other goods in their name or empty their current account.

Investment fraud 

Sometimes known as ‘boiler room’ fraud.

Savers are convinced by phone or email to invest in ‘unbeatable opportunities’ and with high yields ‘guaranteed’.

The fraudsters will try to build a rapport with their victims over time, and may even produce sham brochures and make false claims about how the company is regulated.

The investment itself will often be a high-risk unregulated product – such as wine, art or diamonds – if it exists at all.

Scams 

This is a general term covering a broad number of rip-offs affecting people in the UK on a daily basis.

They range from bookings for holiday homes advertised by fake landlords, a sham adviser promising to unlock money from a pension before the age of 55, or demands for payment by doorstep tradesmen for ‘urgent’ property repairs.

Scams can include demands for payment by doorstep tradesmen for 'urgent' property repairs

Scams can include demands for payment by doorstep tradesmen for ‘urgent’ property repairs

All scams and frauds combined are thought to cost individuals nearly £10billion a year – the equivalent of £202 for every UK adult and more than £300 per second.

This figure comes from the UK Fraud Costs Measurement Committee, and is based on academic research by the University of Portsmouth’s Centre for Counter Fraud Studies.

Consumer group Citizens Advice is running Scams Awareness Month throughout July to help people learn more about common scams and how to spot them.

For more information visit citizensadvice.org.uk or call the charity’s consumer helpline on 03454 040506.

The methods used 

Social engineering 

Specific details about victims are taken from information freely available online, such as addresses and ages posted on social media.

Often this will be all that is needed to open an account in that person’s name or to tease more information needed from an account holder.

Phishing/smishing 

People are tricked into clicking on links in emails or texts – perhaps because it looks to be from an official source, such as Revenue & Customs, a popular shop or someone they know.

Clicking on the link downloads ‘malware’ on to a computer or phone. This is software that lets crooks see account numbers and passwords that have been used on that device.

Pressing issue: Clicking on a dodgy link downloads 'malware' on to a computer or phone, which is software that lets crooks see account numbers and passwords that have been used on that device

Pressing issue: Clicking on a dodgy link downloads ‘malware’ on to a computer or phone, which is software that lets crooks see account numbers and passwords that have been used on that device

Phone fraud 

Skilled scammers impersonate bank employees or police to find out a person’s account PIN or password.

The caller will suggest there is evidence of fraud on an account and recommend the person phones their bank’s fraud department.

When the account holder hangs up and dials the number, the original call is never disconnected.

The fraudster then plays out a script pretending to be a bank employee and once they have the householder’s trust, will ask for a PIN or password.

Hacking

Customer data, such as debit or credit card details, are traded by criminals in hidden corners of the internet not visible to the average computer user.

This information is available because of data breaches by companies or hackers targeting businesses – such as what happened with TalkTalk last October.

Hackers can also tap into public wi-fi hotspots.

Wi-fi hotspots are not secure and a fraudster would be able to see whatever other users are looking at

Wi-fi hotspots are not secure and a fraudster would be able to see whatever other users are looking at

Stephen Proffitt, deputy head of Action Fraud, the UK’s national reporting centre for fraud and cybercrime, says: ‘These internet connections are not secure and a fraudster would be able to see whatever other users are looking at – such as internet banking and passwords. It is better to use your mobile phone’s data allowance for this as it is more secure.’ 

A flaw in NatWest’s security was highlighted earlier this year by BBC Radio 4 programme You And Yours, which found it was possible to hack into a person’s account using a stolen mobile phone, with no need for log-in or password information.

The programme demonstrated how a criminal could take a victim’s phone, contact their bank claiming to have lost log-in details, and then be sent a unique activation code that gives access to the account.

The fraudster was then free to change the account password and PIN so only he or she could access it. NatWest consequently made changes to its security to address these concerns.

Card skimming and shoulder surfing 

Cloning technology on debit and credit card terminals or on cashpoints copy a user’s card details. A camera or someone hovering over a customer’s shoulder at a till or ATM will then pick up what PIN is entered – giving them easy access to the account and its contents.

Proffitt says: ‘There may be a device on a cash machine that you are unaware of. Always cover your hand when entering your PIN.’

Customer fraud and failure

Customers are often blamed for fraud as a result of being careless about their details. But sometimes the bank’s lax security and crooked employees are responsible.

The Mail on Sunday has been told privately by a bank employee that staff need to be trained about the dangers of ‘phishing’ just as keenly as their customers.

In other words, customer details have been or could be compromised just as easily by bank employees falling for fraudsters’ tricks.

Insider fraud is another problem, where rogue employees drain customer accounts.

Less than a fortnight ago a Barclays apprentice cashier working at the Kensington branch of the bank in London was sentenced to 33 months in prison at the Old Bailey for using details of 25 customer accounts to open new accounts, take out loans and request new cards and PINs.

He intercepted the post and used these new cards to empty customer accounts. Victims all received refunds but the loss to Barclays was £167,370.

Meanwhile, two bank insiders at Halifax and Lloyds were jailed on June 8 after working with a wider gang on a series of frauds to steal more than £400,000 from customers.


Shannon, L. and Laura+Shannon+For+The+Mail+On+Sunday (2016) How to spot an ID thief. Available at: http://www.thisismoney.co.uk/money/guides/article-3682199/Could-victim-identity-fraud-ways-spotting-ID-thief.html (Accessed: 11 July 2016).

 

, , , , , ,

New criminal gadget can clone up to 15 contactless bank cards a second from victims who are simply standing nearby

 

  • Hi-tech device steals info such as the card number and name and address 
  • Details then written onto a blank card which is used on for speeding spree 
  • Ready-made con kits sell for £500 on London and south east black market
  • Device first to target contactless, which is becoming increasingly popular

 

A new gadget can be used by criminals to clone up to 15 contactless bank cards a second – from victims who are simply standing nearby.

The hi-tech device steals details such as the card number and the person’s name and address contained on the credit or debit card.

The scanner – called the Contactless Infusion X5 – extracts the information where it can be written onto blank cards, which can then be used by thieves to go on spending sprees.

Ready-made con kits, including the device, special software and 20 blank cards, are being sold on the streets of London and the south east for £500, according to the Daily Star Sunday.

The device is thought to be the first sold on the black market to specifically target the increasingly-popular contactless bank card.

The technology enables customers to pay for goods with a single tap of their card on a reader, without the need to provide a signature or enter their PIN number.

Card use is being boosted by the rising popularity of contactless ‘tap and go’ payments, with mobile payment services such as Apple Pay making payments ever more convenient.

Industry experts predict that by 2025, notes and coins will be used for just one in four payments, while credit, debit and charge cards will account for more than half of all payments made.

The tipping point at which cash will no longer be king is expected to come in 2021, when it is predicted 14.5 billion debit card payments will be made, overtaking the 13 billion cash payments forecast for the first time.

The device is thought to be the first sold on the black market to specifically target the increasingly-popular contactless bank card (stock image)

The device is thought to be the first sold on the black market to specifically target the increasingly-popular contactless bank card (stock image)

 

Looking specifically at consumer payments, the average UK adult made 20 card payments per month in 2015, with around two payments per month being contactless.

By 2025 people are predicted to use a debit, credit or charge card virtually every day – at 30 times per month.

The UK Cards Association has said that contactless card spending topped £1.5 billion in the space of a month for the first time in March.

The milestone was reached just four months after contactless spending reached £1 billion for the first time in November 2015.

 


Mail Online. 2016. New criminal gadget can clone up to 15 contactless bank cards a second nearby | Daily Mail Online. [ONLINE] Available at: http://www.dailymail.co.uk/news/article-3637553/New-criminal-gadget-clone-15-contactless-bank-cards-second-victims-simply-standing-nearby.html. [Accessed 24 June 2016].

, , , , ,

Card fraud up 20% – you’re at risk without even leaving the house

How fraudsters take your money without touching your cards.

You may think you’re taking all the right steps to protect yourself from card fraud. You might guard your PIN at the cashpoint, keep your wallet in a bag worn across your body, and never let your card out of your sight. However, while these are sensible steps, they are only protecting you from the risk of having your card stolen, and a new study has highlighted that thieves don’t need to snatch your card from you in order to take your money.

It’s not just the theft of your card you need to guard against – it’s stolen phones and tablets too. Matt Sanders, from Gocompare.com Money explains: “Fraudsters continually seek new ways to scam unsuspecting people. Our increasing use of technology to do everything from holding our address book and diary to online shopping and banking means that criminals are also logging-on to find new ways to steal our personal information and raid bank accounts. To thieves, the personal data held on a smartphone or tablet can be more valuable than the device itself.”

This means we need to protect our devices, not only by keeping them close when we’re out and about, but also by PIN protecting them – to make them less useful to thieves who steal them.

The other theft risk to be aware of is your documents. If you have thrown out statements, letters or receipts without shredding them, or have a driving licence taken from your wallet, then a thief can use this information to apply for cards and loans in your name.

Alternatively, they might steal your card while it is transit, and spend before you even know you card is missing.

Reaching into your home

Fraudsters also have a number of ways of reaching into your home. One common approach is to use a number of tricks to get you to reveal your card details. This includes phone and email scams where they contact you, pretending to be from a legitimate organisation, and asking you to ‘verify your details’.

In some instances they will cut straight to the chase and get you to reveal your account number, password and PIN. In other cases, they will ask for personal information, and use this to take over control of your account or card.

Your computer use can also open you up to risks. Fraudsters may send an email with a link in it – this contains a virus, which downloads to your computer and will recognise whenever you access internet banking. It will then automatically send back any information it gleans to the fraudsters, who can raid your account.

Sanders says: “Social media sites can also provide a rich seam of personal information which can be used for identity theft and financial fraud. Social media platforms encourage users to provide as much personal information as possible, including users’ full names, birth dates, relationship status – even pet names. Crooks can use this information to build up a personal profile and guess the answer to bank and payment card provider security questions. So, we would recommend users of these sites to use privacy settings to protect their personal information.”

Protect yourself

Sanders suggests five vital steps to protecting yourself.

1. Protect your personal information
Never provide personal information in response to an unsolicited email, online or telephone request. Genuine banks and card providers never request information in this way.
Protect your personal information on social media, use privacy settings and don’t accept friend requests from people you don’t know.
Don’t use the same passwords for social media sites and online banking.
Buy a shredder to dispose of card statements and other documents containing personal or financial information you no longer need.
Always PIN protect smartphones and other mobile devices.

2. Protect your PIN
Choose a strong PIN. Don’t use obvious numbers, for example, the year you were born, your wedding anniversary, telephone or house number.
Memorise your PIN – don’t write it down or disclose it to anyone else.
Don’t use the same PIN for all your payment cards.
When using an ATM or other card reader always shield your PIN with your hand.

3. Take online safety measures
Regularly update your computer’s firewall or antivirus software.
When shopping online, always look carefully at the site for secure transaction symbols. The web address should start ‘https’ and the page should display the secure payment ‘lock’ logo.
Always log-off from a site once you’ve completed a transaction.

4. Regularly review card and bank statements
Check statements on a regular basis and look out for unusual or unauthorised transactions, and contact your card provider immediately if you suspect fraud.

5. Pay attention to card delivery
Note when you should be receiving a new payment card. If it doesn’t arrive when you expect it, contact the card provider as soon as possible.

 


Coles, S. (2016) Card fraud up 20% – you’re at risk without even leaving the house. Available at: http://money.aol.co.uk/2016/06/20/card-fraud-up-20-you-re-at-risk-without-even-leaving-the-hous/ (Accessed: 21 June 2016).

, , , , , , ,

How to avoid being scammed in the UK 2016

Expert advice on scams to avoid including HMRC, Royal Mail, Microsoft, WhatsApp Gold, contactless payments, expired Apple ID, fake Olympics tickets and more…

If you get a phone call from “Microsoft” or an email offering millions if you just hand over your bank details, you should be suspicious. We’ve rounded up some of the most frequently used scams in the UK at the moment, with advice on how to avoid them and keep your hard-earned cash – and privacy.

Scams are a huge issue in the UK, especially with the introduction of more technically advanced scams on our devices that can even hold our files to ransom (see below for more information). So how can we protect ourselves, and more importantly, how can we protect our private information offline and online? We’ve rounded up some of the most frequently used scams in the UK at the moment, with advice on how to avoid them and keep your hard-earned cash. Also see: How to avoid the latest Netflix scam.

WhatsApp Gold

The latest WhatsApp scam being circulated among users is an exclusive invitation to upgrade to a premium version of the app, known as WhatsApp Gold. There is no such app.

“The invitation reads: “Hey Finally Secret Whatsapp golden version has been leaked, This version is used only by big celebrities. Now we can use it too.”

Fake tickets to the Rio Olympics 2016

Kaspersky has warned that scammers are selling fake tickets to the Olympic Games in Rio de Janeiro online. It first started seeing spam emails selling these fakes in early 2015, but they are becoming more common as we get closer to the games.

“It’s no surprise that cybercriminals are using the Olympic Games as a ploy to extort money and personal information from unsuspecting recipients. What’s more, beyond phishing emails, cybercriminals are creating fake sites, disguised as legitimate ones… We recommend that fans everywhere be very cautious when purchasing tickets or souvenirs. Users need to make sure that they are only trusting authorised resellers, despite how appealing the low prices may be from alternate resources,” warns David Mole, Head of Retail, UK at Kaspersky Lab.

 


Painter, L. (2016) Don’t get caught out by these new (and old) scams in the UK. Here’s how to avoid becoming a victim. Available at: http://www.pcadvisor.co.uk/feature/internet/how-avoid-being-scammed-uk-online-olympics-gold-3620081/ (Accessed: 26 May 2016).

, , , ,

Call centre fraud spikes 45 percent as payment card security improves

Global call centre fraud has increased more than 45 percent in the past three years as attackers use social engineering to steal data and turn profits, according to a recent Pindrop study.

The “2016 Call Centre Fraud Report,” which defines call centre fraud as any interaction between a criminal and a call centre agent, noted that recent data breaches, the rollout of chip cards in the US and increased security in other channels have all contributed to the boost in fraud, according to the report.

As a result, phone fraud losses have risen 14 percent since 2013, and in 2015 enterprises lost an average of 65 cents (£0.40) per fraudulent call.

“This means a call centre that receives 40 million calls per year should expect to see somewhere between $17 million (£12m) to $27 million (£19m) in fraudulent transaction losses annually,” researchers said in the report.

To make matters worse, 72 percent of contact centre executives expected the fraud loss trend will only continue upward, as already evidenced in the UK where the use of chip card technology has thwarted efforts to produce phoney payment cards.

As a result, criminals have switched gears, plying their social engineering skills at call centres, where fraud rates have consequently doubled.

Director of Pindrop Labs, David Dewey, told SCMagazine.com that a subset of fraudsters – when they obtain stolen data – print phoney payment cards using the stolen information, but improvements in security have forced them to “pivot” their strategies.

“Chip-and-PIN makes it harder” for them to reproduce phoney cards using the stolen data, so the bad guys are crafting social engineering attacks that target call centres of banks, retailers, credit unions and other firms to make malicious transactions, he said.

Data stolen from breaches and phishing attacks may be used to carry out social engineering attacks used to commit call centre fraud.

The report found that criminals might make up to five calls to a centre, pretending to be the victim, before completing a fraudulent transaction. During the calls, the thief may attempt to identify accounts, trick agents into revealing more of the victim’s information, change contact information and conduct other malicious deeds.

Call centres are easy targets because, Dewey said, most of the “call centre agents are trained to provide a delightful experience” and not to spot suspicious behaviour.

In addition, agents are also measured on the amount of time the calls take, which conflicts with taking the time needed to assess security risks.

Dewey said he has documented cases in which agents allowed criminals to guess birth dates, maiden names and other information that should have raised red flags.

 


Abel, R. (2016) Call centre fraud spikes 45 percent as payment card security improves. Available at: http://www.scmagazineuk.com/cybercriminals-use-stolen-data-for-call-centre-fraud-study/article/496256/ (Accessed: 25 May 2016).

, , , , , , , ,

Could this £5.95 card protect your wallet from fraudsters trying to ‘skim’ your contactless payment details?

Defender Note, a £5.95 wallet-sized shielding card, promises to block fraudsters from being able to swipe your contactless card details.

Scammers can use sneaky devices that read the signal your contactless debit or credit card sends to take payments of up to £30 from your account or steal the information to use for online purchases.

The new gadget claims to be 100 per cent effective at blocking the radio waves your cards give out to stop the radio frequency identification (RFID) chip they contain being ‘skimmed’ by prowling thieves.

Last year alone there were £7.75 billion contactless card payments in the UK showing shoppers are increasingly waiving their debit and credit cards at check outs.

But as the technology surges in popularity and more and more people opt for a contactless bank card so have the opportunities for fraudsters looking to steal your card details.

Figures from Financial Fraud Action show that in 2015 contactless fraud numbers multiplied by 16 compared to the year before.

Losses are still relatively low at £2.8 million during 2015 but the increase from 2014’s £153,000 figure shows that fraudsters are becoming more effective.

Morgan Rothwell, director of Defender Note, said: ‘Contactless card fraud is rising fast and official figures are only the tip of the iceberg. The impact of fraud-related crime affects both businesses and consumers and is costing millions of pounds every year.

‘Responding to consumer and business anxieties and concerns around contactless theft, we’ve decided to launch the Defender Note – a cost-effective way of protecting consumers against this increasingly common type of fraud, which ensures they can continue using contactless technology with ease and peace of mind.’

Shield your wallet: Protective cards from Defender Note can be bought in a range of sizes and cut to size

Shield your wallet: Protective cards from Defender Note can be bought in a range of sizes and cut to size

How does ‘skimming work’? 

If your card is stolen, thieves can use the contactless technology to make up to ten payments under £30 in a short timeframe before being required to enter a PIN.

But even more concerning, scammers can use devices to lift information from your credit or debit card’s RFID, which transmits the details via its own radio signal simply by standing in close proximity to you.

The same technology can be used to harvest e-passport details, loyalty cards, Oyster cards, access cards to accommodation and even smartphone wallets.

Once armed with these details they typically use them to make purchases on websites where retailers don’t require you to enter extra CVV security codes.

Another scam, although perhaps less common, involves thieves setting themselves up as a retailer in order to buy a card-reading device to use to covertly process payments from unsuspecting victim’s bank cards.

How does Defender Note help?

The Defender Note claims to be 100 per cent effective at shielding your contactless payment cards, e-passports, and other accessories that utilise contactless technology from these fraudsters.

The technology simply looks like a piece of card, coming in a range of sizes to fit inside wallets and purses which can all be cut to size.

A single wallet-sized shielding card can be bought online for as little as £5.95 but it is recommended you shield both sides of your payment card so you would need two to be safe. But a larger A5 size costs £7.99 and can be cut to fit both sides of your card and wallet. A family pack including two of each size is also available at a cost of £26.50.

For a handbag or briefcase this could mean using multiple larger protective cards.

Remember this will also mean you will have to remove your contactless card from the wallet or purse to swipe it in shops or on busses and tubes.

If you would rather not hand over the cash wrapping your cards in tin foil has also been said to be effective at blocking the radio signals, but wrapping your whole wallet or handbag in foil might not be as convenient.

 


Could this £5.95 card protect your wallet from fraudsters trying to ‘skim’ your contactless payment details? | This is Money. 2016. Could this £5.95 card protect your wallet from fraudsters trying to ‘skim’ your contactless payment details? | This is Money. [ONLINE] Available at: http://www.thisismoney.co.uk/money/cardsloans/article-3537787/Could-5-95-card-protect-wallet-fraudsters-trying-skim-contactless-payment-details.html. [Accessed 15 April 2016].

, , , , , ,

Banking scams push up UK financial fraud ‘by more than 25%’

Remote banking fraud increased the most in 2015, costing consumers more than £168m, according to Financial Fraud Action UK.

Fraudsters managed to steal £755m from British consumers and financial institutions during 2015 – a 26% increase on the year before.

Financial Fraud Action UK said the biggest growth area was remote banking fraud, which typically sees fraudsters posing as bank staff in a bid to con people into sending them money via online banking.

The figures published on Thursday show this type of fraud leapt by 72% in 2015 and more than £168m was stolen from unsuspecting consumers.

In most cases the banks involved would have refused to refund the customer on the basis that they had made the payment voluntarily. Victims of such fraud have told the Guardian that the police have not been interested in investigating such cases even though the losses have been as much as £25,000.

Internet banking fraud rose 64% to £133m during 2015, while losses due to telephone banking fraud rose 92% to £32.3m, Financial Fraud Action UK said.

In recent years, Guardian Money has highlighted the increasingly sophisticated tactics being adopted by scammers to steal consumers’ cash. As security systems have improved in other areas of banking, fraudsters have opted to target consumers directly by phoning them up, or using online vulnerabilities.

Scammers have pretended to be bank staff, police and from firms such as TalkTalk, and persuaded consumers to send money to their bank accounts, aided by the faster payments system and previously lax account opening requirements at banks.

Fraudsters have also increasing been hacking emails and then posing as builders, for example, to ask for deposits to be sent to them.

Katy Worobec, director of Financial Fraud Action UK, which represents all the major banks and bank card issuers, said: “With the continued rise in impersonation scams and data breaches it’s vital that all customers are alert to the dangers. Everyone should be cautious about giving out personal or financial information, and organisations holding data need to do all they can to protect people’s private details.”

She said fraud losses on UK payment cards remain the biggest area of fraud. Losses in 2015 totalled £567.5m, an 18% increase on the previous year. A total of £843.6m of attempted card fraud was prevented by banks and card companies, equivalent to £6 out of every £10 of fraud being stopped, it said.

The figures showed bank and card company security systems detected and prevented a total of £1.76bn worth of fraud from occurring in 2015 – equivalent to £7 in every £10 of potential fraud being stopped.

Overall, cheque fraud losses totalled £18.9m , a 6% fall on the 2014 figure as cheque usage declined. Just over £2.8m were lost to mobile banking fraud last year.

Last month, the home secretary, Theresa May, announced the creation of a new taskforce to crack down on fraud in the UK, saying that “fraud shames our financial system”.

The Joint Fraud Taskforce will be comprise key representatives from government, law enforcement and the banking sector, but has a long way to go to restore confidence among victims, who have repeatedly been told by the banks and police that there is nothing they can do to help them.

Detective chief superintendent Dave Clark, who heads the City of London police’s economic crime unit, said: “Criminals are continually looking to exploit old and new technology alike to deceive both individuals and organisations into revealing private information that will enable them to commit fraud, sometimes on an industrial level. The only way this problem can be fully addressed is by having a multi-sector response focusing on prosecution, prevention and protection.”

 


Banking scams push up UK financial fraud ‘by more than 25%’ | Money | The Guardian. 2016. Banking scams push up UK financial fraud ‘by more than 25%’ | Money | The Guardian. [ONLINE] Available at:http://www.theguardian.com/money/2016/mar/17/banking-scams-uk-financial-fraud. [Accessed 18 March 2016].

 

 

, , , ,

Online break-in forces bank to tighten security

Two major high street banks will change security procedures after journalists from BBC Radio 4’s You and Yours programme broke into an account online and removed money.

Recently bank customers accounts have been successfully attacked by criminals who divert mobile phone accounts.

Criminals persuade phone providers to divert mobile phone numbers in what is sometimes called “SIM swap fraud”.

Some banks text security details when customers forget their details.

The activation codes sent by text to mobile phones also allow payments to be made from an account.

The scam works by blocking the genuine phone. The owner is unaware of why the phone has been blocked and allows the criminal – who now has control of their phone – to syphon money from their bank account.

You and Yours has been contacted by dozens of people affected by the scam. All say they have never revealed their security details to anyone, and the that first they knew something was wrong was their mobile phone going dead.

Locked out

We decided to investigate. You and Yours producer Natalie Ms Donovan is a NatWest customer, so I used her bank account as an experiment. I was able to break to her account without knowing her banking customer number, PIN or any passwords.

I did not know her mother’s maiden name, her pet’s name or her first school, and yet I was still able to change her PIN and password to lock her out of her own account.

That allowed me to transfer £1.50 to my own bank account, all because I had control of Natalie’s mobile phone.

NatWest, owned by Royal Bank of Scotland, said that its systems for both banks would be changed as a direct result of the You and Yours investigation.

Chris Popple, managing director of NatWest Digital, said: “This is a cross-industry problem, particularly with us, and the telecom companies. We working with Financial Fraud Action UK to make sure we’re communicating with each other … to make sure mobile phone security is as strong as it possibly can be.”

 

 

, , , , ,

Unpicking the current account banking ‘con-trick’

The model of day-to-day banking used by most Uk consumers is a “con-trick” and unnecessarily expensive for many, experts say.

“Free” current accounts – described by one academic as a “brilliant marketing ploy” – are often the most expensive option.

One consumer group has called for banks to be fined over the complexity of charges.

However, an inquiry has given the sector a relatively clean bill of health.

Many banks are engaged in financial charm offensive with potential customers, offering upfront cash incentives with new accounts which are more generous than the annual interest paid on many savings accounts.

Consumers appear to be giving them the cold-shoulder in return and sticking with “free” accounts. A switching rate of less than 2% last year was even lower than the previous 12 months.

So why are customers unwilling to move their money and what is the benefit for the banks? How can customers understand and make the most of their banking services? Will new technology offer banking at better value for money?

Ahead of the UK competition authority’s final plan to fix frailties in the market, the BBC News website is examining the personal current account sector in a series of articles to be published over the next few days.

There are 68 million current accounts which are active in the UK. They are being used by 97% of adults in the country – a bigger proportion, for example, than have a gas supply.

Of these, three-quarters have a so-called “free-if-in-credit” account.

Customers pay no monthly or annual fee, but they forgo a chunk of interest payments and may face a host of charges ranging from fees for going overdrawn to making purchases in foreign currency.

Current accounts are “essential for modern life”, according to John Ashton, professor of banking at Bangor University Business School, but the effect of this “free” model is that those with the lowest and highest amounts in accounts subsidise those in the middle.

The poorest “bore the burden of overdraft costs”. Middle income customers occasionally went into the red, but also tended to hold larger deposits in current accounts, for which they were missing out on interest payments they could have won elsewhere, he said.

Overdraft fees have been overhauled by banks since this research – in which Prof Ashton analysed 17 years of current account data to 2011 with Professor Robert Hudson, of the University of Hull. Yet, the fundamental issue was unchanged, Prof Ashton told the BBC.

“Over the long-term [free-if-in-credit] has not been a cheap way of getting banking services,” he said.

“As a marketing ploy, it is brilliant.”

‘Myth’

Piggy bank

Andrew Tyrie, chairman of the influential Treasury select committee of MPs, went further – describing free banking as “not just misleading, it is a con-trick”.

“There is no such thing as free banking. The consumer, in my view, should have an opportunity to find out how much they are paying, as they expect to do with any other good and service,” he told the BBC News website.

A recent report into the retail banking market by the Competition and Markets Authority (CMA) revealed that the banks’ average revenue from each current account customer was £177 in a year.

To the obvious frustration of the Treasury committee, the CMA failed to unearth the average cost per customer of providing these current accounts.

“They [the banks] think about the value of customers over their lifetime, rather than the profitability of individual customers,” Alasdair Smith, chairman of the CMA, told the committee at a recent hearing.

Mr Tyrie and his committee told the CMA that they should have delved deeper during their investigation.

“If banks do not know who they are making money from, this only serves to reinforce the fact that there is not enough competition in the market,” Mr Tyrie told the BBC.

“In other industries, businesses which do not know where they are making money do not last very long. [Bank account price] is not as straightforward as a can of soup, but it is not beyond the wit of man.

“Customers are not given the opportunity to choose [between accounts] on the basis of price.”

 

Cash and wallet

 

Jargon-busting

An account’s value for money – if this is possible to calculate – depends on which services a customer uses and how much he or she is charged for those services.

For example, a list of current account fees provided to the BBC by financial information service Moneyfacts reveals the type of charges often ignored by customers choosing an account.

For example, the Clearing House Automated Payment System (Chaps) is used for high-value payments made within a day. The fee for making a £100 payment through this system ranges from £12 to £40 with different accounts.

James Daley, managing director of consumer website Fairer Finance, said the most common charges for going into the red were almost impossible to compare.

“One of the main problems for bank customers today is that every bank has a different way of charging for overdrafts. Some have daily fees, some charge interest rates, some have buffers – and so it goes on,” he said.

“If you are unlucky enough to go beyond your overdraft limit, things can be worse still. Some banks have ‘returned item fees’, some have ‘unplanned borrowing charges’, some have ‘unpaid transaction fees’. Most of this means nothing to the average customer.

“Outside of overdrafts, jargon is at its worst. There are ‘load’ fees and ‘non-sterling transaction charges’ for using your card abroad, as well as fees for Chaps, Swift, Target and Sepa payments.

“Banks seem to revel in blinding their customers with complex language and jargon. Given that the FCA’s rulebook already stipulates that customer communications need to be ‘clear, fair and not misleading’, we think most banks are in breach of the regulations.

“It is time for the regulator to start making an example of the worst offenders and even fining them.”

The British Bankers’ Association (BBA), which represents the UK’s major High Street banks, said: “The industry has clear guidelines that covers the need for banks to communicate in a way which is clear, fair and not misleading.

“The banking industry is very much in favour of competition and actively encourages customers to shop around to get the best deals. Over the past five years, banks have introduced a number of different services to help customers keep on top of their money and compare offers so they can make informed choices and switch if appropriate.

“To give just a few examples of this commitment, customers can now see itemised charges on bank statements, over 1.3 million text alerts from banks are sent to customers each week. Customers are also provided with annual summaries and breakdowns of charges taken to help comparisons.”

 


Unpicking the current account banking ‘con-trick’ – BBC News. 2016. Unpicking the current account banking ‘con-trick’ – BBC News. [ONLINE] Available at: http://www.bbc.co.uk/news/business-35373929. [Accessed 04 March 2016].

, , , , ,

Stolen debit and credit card details of almost 85,000 Britons available on ‘brazen’ online database

Debit and credit card details stolen from almost 85,000 unsuspecting Brits are available to buy online in a “brazen” criminal database.

For a $20 (£14) registration fee, anyone can access the numbers, expiration dates and names on more than a million cards around the world, alongside the names, addresses and even phone numbers of their owners.

The existence of Bestvalid.cc was first revealed by The Times, who alerted the National Crime Agency and MPs, but it was still online on Saturday.

 

Bestvalid-3.jpg

Anyone can create an account to access stolen personal details.

After registering with a gibberish username and password, theIndependent was able to access the database within minutes.

The website looks like any other business, complete with a FAQs page, rules, terms of service and “news”, although its products are far from normal.

Users can choose cards by country, bank, name, expiration date, city and even postcode for miniscule prices that “correspond to the material quality” (sic) according to the website.

A quick scan of the countries on offer included nations as diverse as the US, China, Greece, Argentina, India, Taiwan, Denmark, the Bahamas, Australia and Zimbabwe.

A search for the United Kingdom revealed 84,570 results – 78,318 debit, 6,239 credit and a handful of charge cards.

 

Bestvalid-2.jpg

Redacted results returned for a search of UK card details on Bestvalid’s criminal database

Barclays, Nationwide and Natwest were among the popular banks listed in packages of stolen information mostly costing between $7 (£5) and $9 (£6) each.

The Times found details belonging to a former senior adviser to the Queen as well as from doctors, lawyers, bankers and other professionals on the database.

With the permission of one of the victims, Laia Humbert-Vidan, the newspaper purchased her stolen information using bitcoin.

The radiotherapy physicist, from London, said that she felt violated after seeing her private details appear on Bestvalid.

“I don’t feel like the police are able to protect anyone from online fraud,” she added. “If they were, these types of sites would not exist in the first place.”

 

web-talktalk-hack-getty.jpg

Five people have been arrested in connection with October’s attack on Talktalk, which saw the personal details of 157,000 customers accessed

The website is believed to have been operating since June last year, despite the Government’s continuing fight against online fraud and investigations into the Carphone Warehouse and TalkTalk hacks, which have seen five suspects arrested so far.

The .cc domain is the country code for the Cocos Islands, an Australian territory in the Indian Ocean with just 600 inhabitants. It is reportedly used by several cycling clubs, Catholic and Christian churches because of the letters’ associations, as well as in contested “Turkish Republic of Northern Cyprus”.

Daniel Cuthbert, the chief operating officer of information security firm Sensepost, told The Times that Bestvalid was one of the biggest sites of its kind.

“Most illegal card emporiums are on the dark web, or they require a customer to be vetted or pay a fee to enter,” he added.

“What’s interesting about Bestvalid is that they’ve decided to operate on the open web…It’s completely brazen.”

A spokesperson for the NCA, which is responsible for fighting cyber crime and fraud in the UK, told the Independent he could not confirm whether the site was under investigation.

“The NCA, alongside UK and international law enforcement partners and the private sector, are working to identify and as appropriate disrupt websites selling compromised card data,” he said.

“We will work closely with partners of the newly established Home Office Joint Fraud Task Force to strengthen the response.

“This may include the provision of information to the appropriate authorities of countries hosting the server.

“As part of a prevention approach, alerts to financial institutions providing the details of compromised cards will be considered.”

 


Stolen debit and credit card details of almost 85,000 Britons available on ‘brazen’ online database | Home News | News | The Independent. 2016. Stolen debit and credit card details of almost 85,000 Britons available on ‘brazen’ online database | Home News | News | The Independent. [ONLINE] Available at: http://www.independent.co.uk/news/uk/home-news/stolen-debit-and-credit-card-details-of-almost-85000-britons-available-on-brazen-online-database-a6871856.html. [Accessed 04 March 2016].

, , , ,

Former Co-op Bank executives banned from senior financial roles

The Bank of England has banned two former Co-operative Bank executives from holding senior banking positions.

The BoE’s Prudential Regulation Authority said former chief executive Barry Tootell had been banned for “breaches” in the running of the bank.

Keith Alderson, a former managing director of the Co-op Bank’s corporate and business banking division, was also hit with a ban.

The Co-op Bank came close to collapse in 2013.

In addition to the bans, the PRA fined Mr Tootell £173,802 and Mr Alderson was fined £88,890.

The PRA said Mr Tootell “did not exercise due skill, care and diligence in carrying out his role as chief financial officer and later chief executive”.

PRA chief executive Andrew Bailey said: “This action makes clear that there are serious consequences for senior individuals who fall short of the PRA’s expectations.”

Between July 2009 and May 2013 Mr Tootell “was centrally involved in a culture within the Co-op Bank which encouraged prioritising the short-term financial position of the firm at the cost of taking prudent and sustainable actions to secure the firm’s longer-term capital position,” the PRA added.

Mr Alderson “did not take reasonable steps to ensure that Co-op Bank adequately assessed risk arising across the Britannia Corporate Loan Book”.

‘Woeful’

Co-operative Bank merged with the Britannia building society in 2009. The deal was later held responsible for the near collapse of the bank.

In 2013, the bank revealed a £1.5bn black hole in its accounts.

Co-op Bank chairman Paul Flowers also stepped down over concerns about expenses in 2013, before pleading guilty to drug possession in 2014.

Simon Walker, director general of the Institute of Directors, said: “This is further proof that the leadership of the Co-operative Bank in the run up to its spectacular failure was woefully lacking in the skills, knowledge, and decision-making needed for a major financial institution.”

, , , , , , ,

Police warning after card skimming devices discovered on Warrington cash points

THREE suspected card skimming devices have been seized by officers after the technology was uncovered on cash points in the town this weekend.

This is not the first time similar devices have had to be removed from ATM machines in the town this year.

Police have released a photograph of the latest devices seized so members of the public are aware of what to look out for.

One devices was found at the Natwest Bank on Warrington Road in Culcheth at 8.15pm on Sunday.

Other devices have been found in the town centre including at Barclays Bank in Golden Square.

A spokesman for Cheshire Police has issued a reminder to shoppers to always cover the pin pad when entering details.

He added: “Please use your eyes around the cash point and check for anything out of place on the machine or anyone acting in a suspicious manner such as paying close attention to the cash point.”

The design of the device used by the thieves is simple but effective.

A false cover, which is often made in a similar colour and material of the cash machine, is inserted into the card slot.

This is connected to an iPod which is installed above the keypad and captures the customer entering their pin via a camera.

The iPod is hidden by a case which again is often made in a similar colour and material as the cash machine.

The card becomes lodged in the machine leaving the customer with no choice but to walk away without the card.

The skimming device is quickly retrieved then by the fraudster who now has the means to go on a shopping spree at the customer’s expense and can potentially run up staggering bills.

The spokesman for Cheshire Police thanked the ‘observant members of the public’ who spotted the devices and have ‘frustrated the efforts of the alleged offenders’.

 

 

– Via Warrington Guardian

http://www.warringtonguardian.co.uk/news/14033610.UPDATED__Police_warning_after_card_skimming_devices_discovered_on_Warrington_cash_points/?ref=rss