Urban75 Home About Offline BrixtonBuzz Contact

Look out for bank scam text messages...

editor

editor

hiraethified
Interesting how the crims can insert the text into an existing text conversation with the bank...?

I got a message from Barclays but I guess all banks are affected.

Criminals are becoming more and more sophisticated in the scams they use to steal thousands of pounds from business customers. One of their main methods is sending fake text messages that appear to be from your bank.

This is how they work
You may receive a text message that looks like it’s come from us – or it might even be inserted into a genuine text message conversation with us.

It could ask you to call Barclays ‘urgently’ about a payment that you don’t recognise, or say there’s been fraud on your account.

The number and links are controlled by the criminals, who will then ask for security codes on your PINSentry device so they can access your business bank account – and steal your money.
Three tips to help you stay safe

1. If you receive a text that appears to be from us, stop and think. If it’s out of the blue and looks suspicious, call us straight away to report it, on a number that you know and regularly use.
2. We will never ask for security codes. If you receive a call or text asking for this information, delete the message or hang up straight away.

3. The Barclays Mobile Banking app¹ is a great way to keep in touch with us securely – enabling push notifications allows us to send you secure messages. You can also call us directly from the app, so you can be certain you’re talking to us.

We’re continually working with mobile network operators and service providers to help fight against this type of fraud. But it’s important you’re vigilant, too – make sure you and your staff know about these scams, how to spot them and to report suspicious texts to us.
Want to know about fraud and scams?

Go to barclays.co.uk/business-banking/business-insight/cyber-and-fraud-risk, or speak to your Business team about how we can train you and your staff on what to watch out for.
You can also learn more about online fraud and test your ability to spot scams at
takefive-stopfraud.org.uk.
Click to expand...
 
editor said:
Interesting how the crims can insert the text into an existing text conversation with the bank...?

I got a message from Barclays but I guess all banks are affected.
Click to expand...
There's zero restriction senders phone number. Its ridiculously unsafe.

I first set up a phone system ten years ago and was amazed that it was just a plain text field to set the callers number.

I had a laugh calling and messaging friends from other friends numbers.
 
Can spoof numbers that phone calls are from so I figure this is the same but text innit
 
Tankus said:
I keep getting TV licence DD renewal fails

Please reset it now

With a helpful link
Click to expand...

I very nearly fell for one of those the other day. I noticed a spelling mistake in the website though and that made me realize it was dodgy. I would have realized if I'd clicked on the link and then seen the 'enter bank details' though.

Know 2 people who've lost chunks of money with internet bank scams in the last two years though, both were very cleverly done.
 
editor said:
Interesting how the crims can insert the text into an existing text conversation with the bank...?

I got a message from Barclays but I guess all banks are affected.
Click to expand...
Editor, do you know how long this scam has been around, ie did it appear this week?
 
No but raising attention never hurts - Especially when various industries are trying to hush things.

Expanding on this there are known telecommunications vulnerabilities being exploited to target bank accounts and other 'secure' services by intercepting SMS text messages used as 2-Factor Authentication (2FA). This applies to anything 'secured' by SMS so it is not just limited to bank accounts. In short hackers are misusing the Signaling System 7 (SS7) used to route mobile phone calls and texts and are intercepting SMS text messages used as 2-Factor Authentication for their own use. The issues with the current SS7 system mean that it is possible for messages to be altered, injected or deleted by unauthorised parties using the global SS7 networks.

There was a good write up on motherboard about a recent attack on Metro bank: Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts
 
For security reasons we don't give details here...please give us your bank or credit card details :D
And some people will :eek:
 
Bit of a spike of this in the past few weeks - my ma and three separate colleagues at work all got done, or attempts were made to rip them off ... and yes, the initial texts / calls did appear to be from their respective banks' proper 'fraud detection' departments. The bitter twist is that if you ring them back, the scam teams are helpful, patient, kind and seem to know what they're doing - while if you call your own bank's fraud action team on a 100% legit number to let them know about the scammers, the (real) bank staff are often confused, unhelpful, rude and don't seem to know what is going on with the rest of their bank or how to communicate with it.

PS the giveaway in the Revenue one is surely the phrase "valued HMRC taxpayer?" AFAIK the Revenue does not value individual payers in any way, they're doing their national duty and no more ...
 
I don't trust any emails from my bank.

I occasionally get an email from PayPal which confuses me slightly. I log in separately check my last transactions are legit and delete the email.
 
equationgirl said:
But the email address is clearly wrong, the £ is in the wrong place and so on. There's so much wrong with it.
Click to expand...

Absoutly right, but many would miss those things, the elderly, those with poor sight, learning difficulties of simply pick up on key things like money coming their way....even those too old on low income who certainly don't pay tax.
 
equationgirl said:
Looks real but clearly isn't though.

I mean, like the HMRC would ever refer to someone as a valued taxpayer for starters.
Click to expand...

Heh.

Yeah I've been getting those HMRC ones for couple years on and off. Had to tell the wife it was a scam last week as well.

Perhaps the biggest red flag is expecting the government to not send you an 3 page form letter with two lines of actual content.
 
I've just had one of the credit card scams ...

very obviously recorded & edited message (a bit like some of the stitched together metal micky railway station announcements)
telling me that my card had just been used for a large transaction and to key 1 to authorise it or 5 to talk to them if it wasn't me ...

(I don't normally pick up unknown numbers, but I was expecting a call about some insurance)
 
I just had another hmrc scam email again. Presumably, if I followed their instructions they would clear out my bank account. Does this mean that if I had my usual overdraft, they would clear that :confused::D
 
There's supposedly one clever scam at the moment which is to get a call purporting to be from your bank, and then to verify your identity, they say you'll be sent a text message, which you get, and they ask you for the code within it.

Trouble is, that's a real verification text from your bank and it allows them to authorise a payment or whatever else it is.
 
There does seem to be a lot of scam emails about at the mo, particularly the HMRC one and the TV license one. The only time I've ever followed a scam link (but didn't put any info in) was for HMRC, a few years back. I had been in communication with the real HMRC regarding a refund, and a fortnight later this scam email came though. The same thing happened to some family members and friends, at different times of the year, so I have slight feeling that was something dodgy going on at HMRC itself, or at least that regional office.

The volume of info avaliable online for a person is pretty overwhelming as well. Last year I received an email that contained my full name (including my middle name which I very rarely use online), a full prior address and another email address I used that was in no way linked to the one the spam email came to. It was a strange scam though, a friendly person was pretending to be warning me about being scammed, was nearly a full A4 page long, with very good spelling and grammer even though the 'concerned person' was a native Italian speaker. It offered me a download which I declined, preferring to send it to the trash. I am always cautious online and don't use social media, so I still can't work out how they could tie those different things together. With social media now the sheer amount of data a determined scammer could get and compile with other, more official, info is pretty shocking.
 
Last edited:
mum-tat had a phone call one today asking for her by name which is a bit dodgy - claiming to be someone from hammersmith police station saying that one of her cards had been cloned and 3K had been spent on it.

she stonewalled them and said she'd check online. and on later research found that hammersmith nick is currently closed
 
mauvais said:
There's supposedly one clever scam at the moment which is to get a call purporting to be from your bank, and then to verify your identity, they say you'll be sent a text message, which you get, and they ask you for the code within it.

Trouble is, that's a real verification text from your bank and it allows them to authorise a payment or whatever else it is.
Click to expand...

My bank get all shouty-caps about this.
stahp.jpg
 
You must log in or register to reply here.

Similar threads

Humberto
Online Scams and Fraud (theft)
Replies
5
Views
239
bcuster
bcuster
hash tag
Veganism going out of fashion
2 3
Replies
70
Views
3K
Mrs Miggins
Mrs Miggins
savoloysam
  • Poll
The creeping roll out of facial recognition. Are you for or against?
2
Replies
55
Views
2K
8ball
8ball
R
Postal vote issues look like being a big deal
Replies
21
Views
1K
rasputin
R
l'Otters
Joint Enterprise case in Manchester - Life sentences for text messages?
Replies
16
Views
935
hitmouse
hitmouse
Back
Top Bottom