Recent Financial Ombudsman Service decisions demonstrate that bank account holders can still recover compensation after falling victim to unauthorised transaction fraud.
What is unauthorised transaction fraud?
Unauthorised transaction fraud happens when scammers convince unsuspecting victims to part with confidential information relating to their bank or financial services accounts – such as PINs, one-time-passcodes (OTPs), or passwords – which the fraudsters then use to access, and sometimes move, the victims’ money.
This type of fraud often involves an element of impersonation, during which the scammer pretends to be calling or emailing from an organisation familiar to – and trusted by – the victim, such as a utility company, bank, or building society, to gain access to their details. In many cases, the scammers also have access to small amounts of the victim’s information which they use to further back up their story, making it seem like they already have approved access to these details. Often, the victim will be led to believe that, by cooperating with the scammer, they are securing their accounts when they are actually doing the opposite.
Once the scammer has access to the victim’s bank accounts or cards, they will start to make payments or apply for loans or bank cards in the victim’s name, at which point the account holder realises they have been the victim of fraud.
Usually, the process of recovering funds after unauthorised transaction fraud is immediate unless the bank claims that the customer has been grossly negligent, for example they haven’t taken sufficient care of their security information. When banks refuse to refund losses due to gross negligence, customers can take their complaints to the Financial Ombudsman Service (FOS) for independent investigation. The FOS is an independent, Government-backed body responsible for adjudicating disputes between financial institutions, such as banks, and their customers. Keep reading for recent FOS decisions involving unauthorised transaction fraud.
Case study one: Monzo
+ −Ms G, a Monzo customer, was contacted by an unknown number claiming to be from the bank and explaining that she had clicked on a phishing link. Phishing links are usually contained in fake emails from banks or other institutions, designed to harvest personal details. Ms G had, in fact, clicked on such a link and the caller had details of her recent transactions and some personal information, making her believe they were legitimately calling from Monzo.
Over the course of the call, Ms G gave the caller her PIN – she was told that, to secure her account, she needed to provide it to verify her identity – and forwarded them a legitimate email from Monzo. These two pieces of information allowed the caller to authorise a new device on Ms G’s Monzo account, and the scammer went on to make 12 payments from the account in under 30 minutes.
Ms G alerted Monzo of the unauthorised transactions, but the bank refused to refund her, arguing that she had been grossly negligent and had not taken sufficient steps to protect her personal information. As a result, the complaint was escalated to FOS.
The FOS investigator found in Ms G’s favour, stating that “the pressure she was placed under and her belief she was talking with her trusted bank to protect her account – I’m not persuaded that Ms G seriously disregarded an obvious risk”.
Monzo was instructed to refund Ms G the £5,381.70 she lost due to fraud, plus 8% interest and £250 for distress and inconvenience.
Case study two: Santander
+ −Mrs S was similarly contacted by someone out of the blue claiming to be from her telecoms company relating to issues with her internet router. As she had, in fact, reported problems with her router in recent weeks, she believed she had no reason to think that the caller was not legitimate.
The caller told Mrs S that a hacker from California was trying to access her router, and they needed to ‘perform a scan’ to secure her networks. The scammer convinced her to download a type of remote access software that allowed them to take over and control her computer. She was then shown ‘errors’ relating to a number of her online accounts, including shopping websites. The scammer told her that he knew she banked with Santander, which she says also convinced her that he was genuine.
Mrs S was convinced by the scammer to log in to her Santander online banking account and was told by the scammer to relay three One Time Passcodes (OTPs) to the scammer, which they said were a result of Santander authorising the activity. The scammer used these codes to change the names, account numbers and sort codes of three payees on the account and transfer over £18,000 to these accounts.
This activity prompted a genuine call from Santander’s fraud department, at which time the fraud was uncovered and an attempt to block the payments was made. However, Santander refused to refund the money that could not be recovered, claiming that Mrs S was grossly negligent by allowing the scammers access to her computer and online banking.
Mrs S disagreed and raised a complaint with FOS. The complaint was initially rejected by the FOS investigator on the grounds that Mrs S had – unwillingly – allowed the fraudsters access to her bank accounts and OTPs; Mrs S disagreed and the case was reviewed by an Ombudsman. The review found in favour of Mrs S, citing that it is reasonable to believe that another customer in her position would have taken the same action, so she was not ‘grossly negligent’ in allowing the fraudsters access to her account.
Santander was instructed to refund Mrs S the £9,760 she lost, plus interest and £300 compensation for inconvenience and distress.
TLW Solicitors’ view
+ −Sarah Spruce, Head of TLW Solicitors’ specialist fraud claims team, commented on the decisions:
“Fraudsters and scammers are clearly keeping up to date with banks’ security measures and are using this information to trick unsuspecting victims into willingly handing over their personal details. It is not clear how these scammers already had information about the victims, but they were able to use it to establish trust and convince the victims to believe their stories.
Ms G and Mrs S’ upheld complaints demonstrate that, even if a bank refuses refunds relating to unauthorised transactions on the grounds of ‘gross negligence’, then it is still worth persevering and making a complaint to the Financial Ombudsman Service. If you, a loved one or colleague have been the victim of similar scams, get in touch with a member of my experienced team. We can go through your case and explore whether you have a valid refund claim.”
How can TLW Solicitors help?
+ −If you, a loved one, or even your business has lost money due to unauthorised transaction fraud, and your bank refuses to charge back the funds, speak to TLW Solicitors about making a compensation claim.
We offer a free, no-obligation assessment of your case and will decide whether to bring your claim. If we take on your case, we work on a ‘no win, no fee’ basis, meaning you do not pay us anything if your refund claim is unsuccessful.
Please get in touch with our specialist team for a confidential, no-obligation conversation.
You can call us on 0800 169 5925, email info@tlwsolicitors.co.uk or complete either the make a claim online or callback forms below.
Getting advice as soon as possible is essential as strict time limits can apply.
Minimum case values apply.
Meet Our Team
Meet Sarah, who heads up our experienced Fraud Claims team.
Sarah and her colleagues are on hand to help with your claim.