Jump to content
House Price Crash Forum

Archived

This topic is now archived and is closed to further replies.

sleepwello'nights

Online Fraud

Recommended Posts

Online Bank Fraud

Cyber criminals managed to swipe £19.6k from a small bakery business after hijacking its NatWest online banking system. But to the horror of the business owner, the bank is blaming it for the fraud and will not refund the cash

I don't understand why the bank involved cannot trace the fraudulently acquired funds and recover them. Can anyone explain the legal position.

Share this post


Link to post
Share on other sites

Online Bank Fraud

I don't understand why the bank involved cannot trace the fraudulently acquired funds and recover them. Can anyone explain the legal position.

Funds may have left these shores and could be abroad. The bank also has no way of knowing if the transfer was legal or not, they only have the word of the small firm that it was fraudulent.

I have a business account with Nat West and often get emails from what purports to be from HMRC. I usually bin them unless I am expecting something then I may query it. I will never under any circumstances allow an attachment with a exe extension to run.

I suspect someone naive at the bakery has allowed one of these .exe files to run and a keylogger + some sort of teamviewer program has been installed.

Rapport would normally pick up on this immediately and stop it in its tracks (we use it) clearly whatever this bakery used as protection did not.

Strictly speaking the bank are not at fault and will not act without recourse from the police.

They can of course trace the account it has gone too and if it can be proved the computer concerned had malware upon it may be able to retrieve the funds (provided they are still there).

Share this post


Link to post
Share on other sites

I read this earlier, bakery owner didn't seem to be at fault other than having opened an email which appeared to be from HMRC, the money was transferred to a Lloyds account, either the baker's own bank or Lloyds should bear the cost but of course they won't because bankers are richer than bakers and they didn't get that way by having a sense of fair play.

Share this post


Link to post
Share on other sites

Online Bank Fraud

I don't understand why the bank involved cannot trace the fraudulently acquired funds and recover them. Can anyone explain the legal position.

A very good question . There must be an electronic trail at least part of the way

I personally will not touch any online banking system , particularly because some companies such as Lloyds and Halifax have woefully inadequate online security systems (they do not even use three factor authentication which should be the minimum requirement for all such transactions).

Personally I would recommend people to use Puppy Linux loaded to memory from a read only CD to carry out their online financial transactions

http://krebsonsecurity.com/2012/07/banking-on-a-live-cd/

As long as you use a ' frozen' version of the OS the online session purely for banking and dont p*ss about visiting other web sites while logged on etc then your chances of getting hacked are pretty small

You could also use a dedicated chromebook but that would be more expensive

The truth is banks should provide users with security hardened OS for banking that can be run from a USB just like the US Airforce provides its staff

Share this post


Link to post
Share on other sites

Difficult one really, can see both sides. I do find more and more that some of these scams seem less blindingly obvious, in fairness to the victims.

I often wonder if with emails you're better protected with services like hotmail and gmail which seem a lot more efficient at putting the scam/spam emails in junk.

Share this post


Link to post
Share on other sites

Tongue *half* in cheek...

Why would anyone leave £19K in a bank these days?

(Yes, I know businesses need liquid funds for cash flow, etc., but I would be more worried about a bank stealing it than some hacker.)

Share this post


Link to post
Share on other sites

Tongue *half* in cheek...

Why would anyone leave £19K in a bank these days?

(Yes, I know businesses need liquid funds for cash flow, etc., but I would be more worried about a bank stealing it than some hacker.)

Well, any business would need that much in the bank to pay employees, suppliers etc.

Share this post


Link to post
Share on other sites

Well, any business would need that much in the bank to pay employees, suppliers etc.

Exactly Harry! Are you sure you are not an accountant, and Frank Hovis really is the trucker? ;)

Share this post


Link to post
Share on other sites

Well, any business would need that much in the bank to pay employees, suppliers etc.

Yeah, yeah, I know. I was just having a jibe at the banks considering the risk of bail-ins.

But seriously, I would not keep more corporate cash in a bank than I needed to. Especially at the low interest rates.

I suspect some UK banks are in greater trouble than we are told, and global problems (like the possibility of a US default) could cascade quickly through the banking system.

Share this post


Link to post
Share on other sites

Yeah, yeah, I know. I was just having a jibe at the banks considering the risk of bail-ins.

But seriously, I would not keep more corporate cash in a bank than I needed to. Especially at the low interest rates.

I suspect some UK banks are in greater trouble than we are told, and global problems (like the possibility of a US default) could cascade quickly through the banking system.

It has been said many times before but worth reiterating.

If there is a global problem which cascades to all banks then whether your money was safe under the mattress or in nice shiny stuff would be the least of your problems.

The JIT supply system would mean supermarket shelves would be empty in hours. Your only concern then would be what you are going to eat and protecting what supplies you have managed to source.

Share this post


Link to post
Share on other sites

Back to the OP - the question to focus on is the liabilities of the bank that set up the account which received the stolen money. Did they comply with the identification requirements under AMl regulations, and did they have appropriate monitoring in place? If not, thats where you get your money back from. If that bank is overseas, little chance of restitution.

The bank that the baker has their account at are blameless if the instruction is made with the correct protocols. If I was running a business account, I would list a range of countries that I would NEVER send money too or from, and make sure the bank is made aware. That closes down one vulnerability.

Share this post


Link to post
Share on other sites

Back to the OP - the question to focus on is the liabilities of the bank that set up the account which received the stolen money. Did they comply with the identification requirements under AMl regulations, and did they have appropriate monitoring in place? If not, thats where you get your money back from. If that bank is overseas, little chance of restitution.

The bank that the baker has their account at are blameless if the instruction is made with the correct protocols. If I was running a business account, I would list a range of countries that I would NEVER send money too or from, and make sure the bank is made aware. That closes down one vulnerability.

Do you think so? You are probably right legally but I would think if a person who is not authorised to do so, requests a fund transfer, the bank is wrong to comply.

Imagine a rape court case where the victim said nothing but an imposter gave consent, the accused did not know it was an imposter and went ahead anyway. Guilty or innocent?

Share this post


Link to post
Share on other sites

Do you think so? You are probably right legally but I would think if a person who is not authorised to do so, requests a fund transfer, the bank is wrong to comply.

Imagine a rape court case where the victim said nothing but an imposter gave consent, the accused did not know it was an imposter and went ahead anyway. Guilty or innocent?

There have been cases in the past ten years in the UK where a woman has been raped (usually a wife) where her partner tells strangers that she has rape fantasies and no matter how much she screams and fights she wants it. In such cases the attackers get off if they can prove that their mens rea was not there. The partner, of course, is guilty.

Can't be arsed to find the case law right now.

Think of it this way - if a client issues legal instructions and the bank does NOT comply, they can sue for loss. That can get massive - think of a deposit for a property not going through so a purchase falls through. What bank would second guess a transaction if all the log-in instructions etc were correct?

Share this post


Link to post
Share on other sites

Tongue *half* in cheek...

Why would anyone leave £19K in a bank these days?

because it's convenient to have it available on instant-access, and 3% interest isn't so bad in today's market.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • The Prime Minister stated that there were three Brexit options available to the UK:   218 members have voted

    1. 1. Which of the Prime Minister's options would you choose?


      • Leave with the negotiated deal
      • Remain
      • Leave with no deal

    Please sign in or register to vote in this poll. View topic


×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.