I thought it was ironic, in a sick sorta way, that they’re stealing money from Northern Ireland, which has its own terrorist problem, to send it to a place like that. The police are aware of what happened, though.
I’m still waiting for that call that I’ve been promised [twice] from the bank manager though - I don’t know what I’m going to do if they won’t let me set up another account to collect my disability cheques and pay my direct debits. The ass-hole I spoke to yesterday wouldn’t hear of it - and it seems logical to me - in fact the CID man I spoke to yesterday said that that was what would happen when I went down to the bank - but they were no help at all.
I think they might have targeted me though - I had a Halifax account until recently to pay my mortgage - and I got a similar notification from the Halifax this morning. Or maybe that’s just paranoid.
I still don’t understand how I could click a link that took me to my banks real e-mail address and still get ripped off - the e-mail address on the link was correct, or I woulda caught on.
It’s quite possible to display a link in a Microsoft email program so that it looks like one address, but the link actually goes somewhere very different.
Usually the URL of their fake site is very close to the real address so that even if you are suspicious, a quick glance at the Address box wouldn’t always tip you off.
Bottom line, never, ever for any reason click a link in an email to any site that has your credit card details.
Oh, and make sure your email program is set to show all messages in plain text only. Makes it harder to fool you.
I wouldn’t pit the Abbey for what happened as regards the scam - it happens equally to all financial institutions (I got 5 spoof emails yeaterday alone, none of which were “from” institutions I bank with, although occasionally a relevant-looking one will turn up). It isn’t their fault you were unaware of this particular type of scam … it’s been very much in the news of late.
But I certainly would pit the Abbey for their unhelpful attitude towards helping you out of this predicament. Maybe you could contact the Benefits Office and ask them to send you giros until it’s all sorted out?
I had one of my accounts drained through ATM fraud (someone duped my card and recorded my PIN somehow), and it’s a terrible feeling. The bank was very nice to us so all we had to do was sign a waiver stating that the money was stolen, and within 2 days the money was back in our account.
Here’s hoping that everything works out well for you.
Thank you so much, everybody who has given me info [and sympathetic letters] about this. I told my solicitor about it this morning - and he thought Abbey were negligent in writing instead of phoning when these eejits first tried to access my account. [its a bit like seeing someone breaking into a house and then writing to the police to come and deal with it, rather than lifting the phone.]
He said there was nothing really he could do immediately, but to go back to the bank today and mention that I’d spoken to him if they were still unhelpful. It worked like a charm - they’re setting up a new account for me tomorrow, they’re transferring all the direct debits, pension and disability payments for me, and now they’re talking about days, rather than weeks or months, before I get the money back. And they were much more polite too!!
Have you seen this article DIY phishing kits hit the Net • The Register
about how you can download a free kit with everything you need to run this scam. It amazes me that this sorta thing isn’t a target for the homeland security guys, here and in the USA - but maybe they’re having too much fun reading people’s private e-mails to be bothered much about crooks/terrorists in Kazakhstan ripping off their bank accounts.
I agree that it’s a mean and nasty scam, but seriously – how can anyone that uses internet banking not be aware of the phishing scam? It’s like, lesson 101. I don’t know about Abbey, but my bank (NatWest) displays a warning about this scam every single time I log in. I’ve had plenty of phishing emails, I either bin them, or, if I’m feeling vindictive and have a few minutes to spare, go and spam their phoney log-in page with all manner of fake details and passwords such as “Fuckoffanddiemorons”. That gives me a teeny bit of satisfaction.
Anyway, I hope you get your money back. I know that my bank has a clause whereby if you give your login details to someone else, even inadvertently in the way you did, you are liable for the loss. I sincerely hope your bank doesn’t hold you to this.
Anyone else that uses internet banking, please note: YOUR BANK WILL NOT ASK YOU TO LOG INTO A PAGE BY EMAIL.
Sorry, but all banks arn’t the same - I’ve never seen a warning from Abbey - and you can only find it on their website if you specifically go looking for it - it’s not on the front page, but just 4 lines at the very bottom of their [very long] security page - most of which would bore you silly before you got to the relevant part - its a lot of self-praise about how great their security is - blah, blah!
So I don’t think it’s fair for you to say “It’s like lesson 101” when you have no experience of how my bank works. Maybe now that so many of their customers have been caught this time round they’ll upgrade their security. I’m far from being the only victim - it’s impossible to get through to their fraud office at the moment - all lines are permanently engaged.
I didn’t follow their link though. I clicked on my own bookmark.
And I pit the bank for something else too. Well I pit my shitty maths first, for not calculating that when I transferred money to savings, I would be $5 short on rent to pay. So I log in, it tells me, it’ll try again the next day, or I could cancel the transaction. So I do. And I transfer money into my account, set up a new transaction. But the money doesn’t go into my account in time, my new transaction doesn’t get set-up somehow, and the old one tries to go ahead again… but oh no! that $100 I transferred from my sub-account to my main account hasn’t made it yet. So it fails again. I delete it again, and set up a new transaction. I hope it works this time.
What I dont understand is how they can actually collect.
One con doing the rounds is when you sell a major item like a car.
What happens is that you are given a cheque, to pay for ti, and the buyer collects when it has cleared, except that it isnt properly cleared at first, even if it appears on your bank balance.
A couple of days later the bank informs you that there was not enough money to cover the transaction and you are screwed.
Now if they can hold back payment to you like this, why cant they do the same to the phishers.
It should work its way down the line, the money appears to be transferred, the bank suspect something and the electronic movement of money stops before it gets cleared for cash payment.
It cannot be hard to track down where the final payment was made, and given the cameras in banks it shouldnt be hard to identify the perps.
A friend of mine in Japan nearly got caught by the Citibank scam this week - he was saved by the fact that the page took so long to open that he got bored and gave up. And then he got my e-mail and realised he’d nearly been had.
This is where I have the problem of understanding how they get their hands on the money.
In the example con I gave, the bank ensures that the funds physically exist, they might put the numbers on your balance temporarily, but they have a means of checking it.
If I wish to draw on funds that have been paid in to my account, the bank will not let me until it has cleared, and dpending upon th institution, this can take up to 8 days - yikes.The bank in this case noticed well within that time and yet it would appear that the money has been withdrawn.
If financial insitutions actually abided themselves to the rules they impose on us ordinary proles, this wouldn’t have happened, they obviously cleared it way ahead of what they allow you and me to access money, so it appears from the outside that actually they just impose these rules on us, not to protect us, but to hang on to our money a little longer, which is what consumer groups have been saying for years.
That relates to cheques, but they also do the same on electronic transfers, ordinary consumers cant get to their cash even if they are online banker until the cash has cleared.
Actually Abbey is one of those institutions that have a long clearing time for balance transfers, it used to be 11 days but its slightly shorter now.
That’s not quite what the article says, although what it does say is scary enough.
Although the cross-site scripting attacks are possible, there’s no evidence there that this is the method most phishers actually use. i think it would a be a lot more complicated for them to hack the real website than to cook up a fake version of their own.
