It distresses me to have to write again about victims of the ‘push-payment scam’, but after I helped one reader get £10,000 back from HSBC and Nationwide earlier this year, I was reasonably confident of helping JC of London.
He told me: “My bank account with NatWest was breached by a scammer, who subsequently managed to send £5,000 from my bank account fraudulently. The bank has deemed me responsible and negligent, which I believe is grossly unjust.
“NatWest’s security systems were breached using very little data, allowing the scammer to effectively convince me they were the bank. Then, once all the funds I had, including a £2,000 overdraft, were withdrawn from my account, the bank didn’t raise this as a concern.”
JC reckoned NatWest, which is part of the RBS banking group, failed to protect him and other customers from the scam. “I feel let down that the bank has not done its job effectively, and now I am paying the price. Not only has all my money been taken, I now owe NatWest money for the overdrawn account. NatWest has refused to take any responsibility.”
I contacted the bank with the tale of woe only to end up as disappointed as JC had been.
A NatWest spokesperson told me: “We sympathise with JC and appreciate that this has been a very distressing experience for him.”
But, disappointingly, the bank refused to repay him his cash.
When I told JC the bad news, he replied: “That’s a shame. I totally appreciate that I could have been more vigilant. However, the reason I was put at ease was because the fraudsters were already able to see into my bank account and confirm some of my transactions.
“This was done before I had provided any information, therefore I believe NatWest was breached before the fraudsters had contacted me.”
When crooks are so clever, any of us could fall for their scams
That seems to be a reasonable conclusion, but NatWest felt otherwise and kept to its hard stance.
But the bank did offer some advice for all customers: “We would remind customers to remain vigilant against any type of scam. Customers should never divulge full security credentials at the request of someone over the phone purporting to be from their bank. At NatWest, we would never ask a customer to disclose full security credentials or ask them to move their money to keep it safe from scams or fraud.
“If a customer receives such a request, they should decline this and report it to their bank immediately on a phone number they can trust. We would also recommend that they call back from their mobile phone or wait 30 seconds before calling back from their landline (if they do not have a different device).”
That’s all good advice, which is why I’ve published it in full. But as far as I’m concerned, it’s not good enough to pass the whole responsibility on to customers. Sure, we all need to be aware of scams, but when crooks are so clever, the fact is that any of us could fall for them and could end up losing thousands like JC.
In fact, there were 43,875 cases of push-payment fraud and total losses of £236 million last year, according to banking trade body UK Finance.
But the good news is that the City watchdog, the Financial Conduct Authority, is soon to force banks to provide victims with access to complaints arbitrator the Financial Ombudsman Service. That may seem small beer, but it means that soon victims will have a way to take their grievance further if their bank refuses to play fair with them.
That, sadly, won’t help JC, but it should help future victims. In the meantime, remain vigilant!
OUTCOME: NatWest refuses to help fraud victim