PHISHING E-MAIL FRAUD – WHAT YOU NEED TO KNOW
I received an e-mail purporting to be from PayPal earlier in December asking me to update my card details that were registered on my PayPal account. I didn’t think too much of as I never use my PayPal account and the card details were probably obsolete. The e-mail and link to what appeared to be a genuine PayPal site gave no inkling at the time that it was anything other than legitimate.
Suffice to say, I got a text message at 10.10pm on Christmas Eve when I was on holiday in Spain to say that I needed to pay money in to my account to avoid going overdrawn. Over £2,100 was taken by virtue of dozens of small transactions in Malaysian Ringgits. I rang HSBC fraud in India and my card was cancelled with the fraudulent transactions reversed and that was that, or so I thought.
Fast forward to 28th December 2018 when I checked my account balance on my phone in Spain, only to find another £720 had been taken from my account with dozens of the same transactions dated 27th December.
This led me to ring HSBC fraud in India who couldn’t see what I could see and insisted that all of the money I was owed had been repaid to me. The Fraud and Investigations Team and 3 staff members couldn’t find the ‘Display More Transactions’ button on their screens that would enable them to see that only a partial refund had been made. I was told that I would have to visit my branch on my return to the UK to resolve it.
I was returning to the UK that day and I went in to my local branch at 9am on the Saturday morning to speak to the Branch Manager. Even she had difficulty getting traction on this with the same idiots in India who are the only ones who can resolve these matters. It took 45 minutes to cut through it and after being asked a series of questions towards the end, it transpired that the transactions had been authorised with a password given by me. It was at that point it dawned on me that I had fallen victim to what is probably one of the oldest scams in the world now (albeit one that didn’t look at all suspicious).
I was offered £50 as a goodwill gesture to compensate me for the inconvenience and stress, which I was happy with as it was partly my fault in falling for it in the first place. Nevertheless, it’s worrying to think that I could have been away on holiday for much longer and out of pocket with nobody to assist me until I returned to the UK.
In all fairness to HSBC, they will always try and do the right thing but invariably it’s too little, too late. This is a Bank that is literally too big to fail that treats colossal fines like parking tickets.
The moral of the story here is to never respond to e-mails asking for your card details and deal with a Bank that does not have its Fraud and Investigations Department in India.
Whilst I don’t explicitly cover scams in my book, I certainly cover problematic and fraudulent scenarios with templates based on real-life test cases that work in my consumer book.
Have you been caught out by phishing e-mail fraud?