The scammers have gotten incredibly sophisticated - the lesson is never transfer money if you get called or texted without first ringing the bank on a publicly known contact number and initiating contact with them and their fraud squad regardless of how genuine a ‘blind approach’ might appear.
Sounds like exactly the same mojo as experienced by one of our neighbours and as outlined here. Scammers are becoming more sophisticated possibly to respond to many who are becoming more aware of common scams.
Any contact from someone you aren’t expecting should be considered a scam.
1 Like
Also, if you were called then sometimes it is safer to ring the bank from another device.
Probably the scammers are getting smart in making contact late on Friday, as people are less likely to be motivated to contact their bank and may have more difficulty doing so.
Scammers also like to create a fake sense of urgency.
Even though the story is framed as a bank-bashing story, I would like to see mobile network operators forced to address the part of it that relates to them i.e. how the scam text was able to nestle in amongst all the legitimate texts from the bank.
Also, one question that arose in my mind is … how did the transfers not exceed the target’s daily transfer limit? (If I actually had $36k) There’s no way my internet banking would let me transfer that much in one day.
I wonder whether in fact this account was a business account. Or perhaps the scammer was able to talk the target through increasing his daily limit and authorising the change. (That in itself would be a warning sign because banks may not apply a daily limit between accounts with the same owner.)
It also shows the limitations of 2FA. Presumably these transfers could have triggered 2FA but with the target having been tricked into doing the transfer at all, he would have authorised the transaction by supplying the necessary code.
A cross link
1 Like
