How Toby nearly lost £3,000 after fraudsters sent his money to a florist

A father-of-one was tricked into handing over more than £3,000 by a fraudster exploiting security checks banks use when customers make payments online.

Toby Proctor, 32, was duped by a crook posing as his bank who got him to reveal key details that would allow him to transfer money out of his account.

Mr Proctor, of Epsom, Surrey, was contacted by what he thought was Natwest to query some suspicious transactions.

He immediately feared he was the victim of fraud and didn’t hesitate to follow their instructions.

Close call: Toby with his wife Jodie and 18-month old son Lucas

Close call: Toby with his wife Jodie and 18-month old son Lucas

He was first asked to confirm his name, address and mobile phone number — which the caller already knew.

He was then told he would be sent a code to his mobile from a NatWest number to verify it was really him. The text appeared to come from the same NatWest number as his weekly balance updates.

But after reading out the code to the man on the phone, Toby, 32, started to feel uneasy.

He quickly hung up and called NatWest back using the number on the back of his debit card. But it was too late — he was told that £3,108 had already been transferred out of his account.

Jodie Proctor and her husband Toby, who had over £3,000 stolen from their account

Jodie Proctor and her husband Toby, who had over £3,000 stolen from their account

According to NatWest, the fraudster sent the money to a florist based in Longfield, Kent. Toby was baffled. The last time he had used that florist was when he and his wife Jodie, 32, who got married two years ago.

He called the shop owner, Rebecca Franklin, as soon as the store opened the next day. Rebecca said she had already received two calls from someone claiming to be Toby Proctor.

The man had told her that he’d accidentally paid £3,108 into her account when trying to move cash to his savings. He then asked if she would transfer the money back into what he claimed was his savings account.

Fortunately for Toby, Rebecca immediately smelt a rat.

The fraudster was then able to make the £3,108 payment without detection because the florist, Floral Explosion in Kent (pictured) was already saved as a payee on Toby’s account

The fraudster was then able to make the £3,108 payment without detection because the florist, Floral Explosion in Kent (pictured) was already saved as a payee on Toby’s account

She says: ‘I was suspicious straight away. He didn’t sound like one of our customers. He sounded a bit like a “wheeler dealer.”

When she then quizzed the bogus groom on the details of his wedding so she could match the name of the bride, the date and the venue against her database, his answers didn’t stack up.

scam

‘He told me he’d got married somewhere I’d never heard of in London, which he said was in Surrey. He clearly had no idea.

‘I remember every groom and every venue and what he said made no sense.’

When Rebecca told him she didn’t believe his story he hung up. Had she transferred the money it would likely have been lost for good.

How the scam works: 

  • The fraudster would first need to have access to a victim’s online bank account.
  • After downloading the banking app, they need a six digit code to register it.
  • To do this they pose as the victim’s bank, call them and trick them into handing over the code.
  • They then have access to the victim’s account, and can see list if previous payees.
  • Because they have already been paid, money can be transferred without any other security measures.
  • The conman then contacts the payee, poses as the victim, and dupes them into transferring the money back – but this time into their account.

Experts say that this new way of scamming people means that fraudsters are able to bypass the security checks banks use when you are making payments online.

To carry out this type of scam, the fraudster will have to have access to the victim’s online bank account.

In this case, the crook downloaded the Natwest banking app, and hacked into Mr Proctor’s account because he knew his mobile phone number and passcode.

He then needs another six digit code to register the app. This is the code the fraudster tricked Mr Proctor into revealing over the phone when he posed as his bank.

They conman then has access to all transactions, and is able to search previous payees. When paying someone new, you need a new code for the payment to go through. But you can pay a previous payee without this.

In this case, the fraudster saw the florists had been paid before, so he transferred over £3,000. 

All the crook then had to do was search for Floral Explosion’s telephone number on Google — which is easily found. 

He then posed as Mr Proctor, contacted the florists, and tried to claim he had accidentally transferred them money instead of putting it into savings.

He would also have known the name of Toby’s wife — which would have helped him when trying to convince the florist he was Toby — because the reference for the payment was ‘Jodie Toby Wedding’.

Luckily in this case the fraud didn’t work, because the florist realised something was wrong, and Mr Proctor realised he had been tricked after the phone call.

He contacted his bank and the money was soon returned to him. It was able to request that the florist’s bank, Barclays, return the funds to the couple, who have an 18-month-old son called Lucas.

Richard Emery, of fraud consultancy 4Keys International, says that for some fraudsters this ruse will be easier than trying to intercept the one-time passcode needed to transfer money to a new account.

He said: ‘This type of scam is convoluted, but could have high levels of success. In this case the fraudster tried to be too clever by posing as an existing customer without knowing all of the information.

Scammed: In Toby's case, the crook had downloaded the NatWest banking app on his mobile phone and logged in to Toby’s account

Scammed: In Toby’s case, the crook had downloaded the NatWest banking app on his mobile phone and logged in to Toby’s account

‘This should be a warning to everyone to be more vague with payee names and references.’

Toby, an account manager, says what is most worrying is how the fraudster already had so much information about him.

He says: ‘I don’t know whether they had hacked the systems of someone that had a lot of my details about him, such as an online retailer or employer, and then used that information. 

‘I’ve had to change all my details.’

A spokesman for NatWest says: ‘We sympathise with Mr and Mrs Proctor and appreciate that this has been a very distressing experience for them.

‘We take our responsibilities to preventing scams very seriously, and always support the victim of a scam in the recovery of their funds on a best endeavours basis.

‘On this occasion, full funds have been recovered from the beneficiary bank and have been returned to Mr and Mrs Proctor.’

a.murray@dailymail.co.uk

Read more at DailyMail.co.uk