In early February, I was scammed by someone claiming to be my bank. They said fraudulent transactions had been made on my credit card, and I believed this to be genuine as this person had my card number, expiry date and CVC number.
They said they would send a cancellation code to my phone to stop the transactions, which I needed to repeat back to them.
But that code turned out to be a one-time passcode, which allowed the scammers to make a purchase with my card online.
The money was used to purchase flights with the travel agent Flights Guru, costing £3,005.
Flight fraud: Someone booked £3,005 of flights using our reader’s card
I reported this to Flights Guru as soon as I realised, but it hasn’t cancelled the booking and just tells me the legal team is dealing with it.
My bank, First Direct, is refusing to refund me as I gave the scammers the one time passcode which allowed the transaction to go through.
I asked the bank to deal with it as a Section 75, which it says it will not do as I have no evidence of the purchase. Obviously I cannot get this as I did not purchase the flights. M.T, via email
Helen Crane of This is Money replies: Sadly, scams are becoming more convincing all the time – and fraudsters are finding new ways to trick people into handing over their money.
We are in the middle of a scam epidemic, with a total of £4billion lost to scams in 2022 according to comparison site Money.co.uk – up nearly two thirds on the previous year. People from all ages and backgrounds can, and do, fall victim.
Banks are trying to keep one step ahead of fraudsters by introducing ever more rigorous checks when people transfer money or buy things online.
In recent years they have introduced one-time passcodes when buying things online.
These are sent to the customers’ mobile phone as a text message or within their banking app, and the customer needs to key the passcode in to a widget on the website before the money is taken.
It’s supposed to stop scammers in their tracks, as they won’t have access to the customer’s mobile phone – but as your case unfortunately shows, criminals are already getting wise to this tactic and finding ways around it.
Having been told someone was trying to take money from your account, you panicked and handed over the code to the person on the phone who you believed was trying to help you – but ended up with a £3,005 hole in your bank balance.
As the flights were booked on your card, but with other names on the tickets, there would be no issue with them showing a valid passport when they came to board the plane.
You told me that as soon as you hung up the phone, something didn’t feel right. You called First Direct and Flights Guru, but it was too late to stop the transaction.
You couldn’t use section 75, as that protection is reserved for purchases customers have legitimately made – but that don’t meet expectations.
Should First Direct have refunded you straight away? There is an argument that it should.
Like most major banks, First Direct’s parent company HSBC is signed up to a voluntary code of conduct called the CRM code, overseen by the Lending Standards Board, that requires it to refund blameless scam victims in certain scenarios.
But when a customer has handed over a passcode to a fraudster, banks sometimes argue that they are liable for the fraud, and therefore decide not to refund.
In the banks’ defence is the fact that the text messages they send usually tell the recipient not to share the passcode with anyone – even someone claiming to be from the bank itself.
I contacted both First Direct and Flights Guru to try and get your money back.
Fake call: M.T received a call from someone who said they were from her bank – but it turned out to be a fraudster with her card details who needed a one-time passcode to buy flights
Flights Guru was quick to respond, and I spoke to its commercial manager, Liam Brophy.
He said the reason the company had not immediately refunded you was that it is often subject to fraud itself.
He told me that customers sometimes call up and request to cancel a flight booking, and then when their money has been sent back they also request a chargeback from their card company – meaning they get the money twice, at Flights Guru’s expense.
The limit to make a chargeback claim is 120 days, so Flights Guru initially wanted to wait until that time had passed to pay you back.
After I spoke to the firm, you agreed to confirm in writing to the company that you would not be pursuing a chargeback claim, and Flights Guru made the refund within a few days.
It did keep £155 to pay for the charges it would incur for cancelling the flights with the airlines.
Flights Guru said it was also willing to hand over the names on the booked tickets to your bank or the authorities. However, Brophy pointed out there was is a risk it could be a double scam, where the fraudster was also charging another unsuspecting party for the flight booking they had made on your card.
After Flights Guru had refunded you, First Direct got in touch. As you handed over the passcode to the scammer despite warnings in the text message, it is unfortunately holding you liable for the fraud.
However, it has also agreed to refund you the outstanding £155 as a gesture of goodwill, meaning you are now all square.
A spokesperson said: ‘Protecting our customers from fraud is an absolute priority for us and we are sorry to hear that M.T has fallen victim to a fraudster. We fully investigate every case and take guidance from the CRM code to ensure fair and reasonable outcomes for our customers.
‘On this occasion, M.T shared the one-time passcode with a fraudster, which allowed the transaction to be processed. We understand she has now received a refund from the travel company of £2,850, and we have refunded the cancellation fee as a gesture of goodwill.
‘As this case highlights, fraudsters are criminals who use a range of techniques to exploit their victims and convince them they are genuine. We want to remind all customers that First Direct would never ask a customer for their one time passcode. We advise people to remain vigilant and to always take note of fraud warnings.’
Online shoppers urged to call out rip-offs
Trick tactics: The Government is urging online shoppers to report retailers who try and lure them into spending more using fake ‘sales’ and pressure tactics
With the cost of almost everything we buy continuing to rise, people are looking for a bargain more than ever before.
That often means searching around online to make sure you are getting the best deal – but unfortunately these deals are sometimes too good to be true.
The Competition and Markets Authority – a Government body which makes sure businesses are playing fair – wants shoppers to call out rip-offs when they see them, and has set up a new website where they can report them.
It wants shoppers to tip it off about retailers that use heavy-handed sales tactics and other sneaky tricks to get them to part with more cash.
This could include misleading claims about price reductions or discounts, hidden taxes or charges, signing customers up for subscriptions they don’t want, or using made-up customer reviews to make their products sound better than they are.
It also wants them to call out ‘urgency’ tactics, which is when retailers try to close a quick sale by telling shoppers there are only a few items left or having a countdown clock to when an ‘offer’ ends, for example.
I get lots of complaints from readers about this kind of unscrupulous behaviour, and I’m glad to see there’s now a straightforward way to call retailers out.
***
Read more at DailyMail.co.uk