The message I received from a victim of Britain’s fraud pandemic was as distressing as they come.
“I am a 26 year old working hard in London, saving for a better flat and life, and now it has all gone,” Alina Portnova told me.
She was a victim of authorised push payment fraud, where crooks impersonate trusted organisations such as banks to trick people into transferring money to them.
Last year £479million was stolen in this way, according
to the banking industry group UK Finance.
Alina had received what looked like a text from her bank, Barclays, saying that it wanted to verify a transaction she had made with Argos.
She replied saying that she hadn’t bought anything from the retailer.
The next day she received a call apparently from the Barclays fraud department, which made sense in light of the text the previous day.
The caller said Alina could confirm he was ringing from the bank by checking the number – a common ploy of crooks who use software to make it appear that they’re calling from a different number.
Alina said the caller was even able to tell her the details of her last five bank transactions.
“After the security check he said that he could see someone from Manchester was logged into my banking app and also into my Revolut mobile app,” she said.
“He said in order to save my money we needed to act fast and create a new safe account where we should transfer it.”
Convinced the call must be genuine, Alina followed the instructions to move her savings from Barclays to her Revolut account, and from there back to Barclays and the supposed new safe account which had been opened in her name.
Which might have been fine if the money really had been going to Barclays, because it operates the “confirmation of payee” safeguard, meaning that it would check that the account receiving her funds was in her name.
But the sort code was for the lesser known ClearBank for an account serviced by its partner, e-money provider Tide, which does not carry out confirmation of payee checks.
It was more than just an awful shock when Alina realised she’d been defrauded of £5,672. She was also bewildered the caller had so much financial information about her.
“I had not given him any pin codes or clicked any links but he was in my mobile banking app, I have no idea how,” she said. “I lost all my savings in a few hours.”
The banking industry reimbursement code states that victims of frauds such as this should be refunded unless they have acted negligently, for instance by ignoring advice from a bank.
Revolut initially refused a refund, saying it gave warnings before Alina transferred the money.
“Unfortunately this means that your request falls into a category in which we cannot assist and therefore we will be unable to refund you,” it texted her, tactlessly adding: “Have a good day”.
I asked it to have another look at her case, pointing out that Alina said that the only warning she received was a message saying she was transferring money to a new account.
Now she’s been fully reimbursed.
“I can’t express how grateful I am for your involvement,” she told me.
Revolut said it takes customer protection extremely seriously.
“We are very sympathetic to Ms Portnova’s case, and after a full investigation we have refunded the money that she lost as a result of the scam,” said a spokesman.
“We are fully aware of the industry-wide risk of customers being coerced by organised criminals and our sophisticated and comprehensive anti-fraud systems have a strong track record of spotting, stopping and reporting criminal activity.
"We will continue to invest heavily in anti-fraud technology and to evaluate fraud cases on an individual basis, supporting customers who have fallen victim to scams.”
ClearBank said it was introducing confirmation of payee checks from the end of this month.