Posted on 27-05-2010
[The Times] Revealed: the grubby tactics used by Santander to deny fraud refunds
Filed Under (Media, The Times) by admin

Ronnie - SantanderCompensation denied to customer who had £10,000 stolen from her account, after bank wrongly suggested that her fiancé was to blame

Santander, the Spanish banking giant, routinely suggests that fraud victims or their families are criminals in order to avoid refunding disputed transactions, an investigation by Times Money has found.

Emma Woolf, a longstanding customer of the bank, had £10,000 withdrawn from her account without her knowledge, but Santander, formerly known as Abbey, refused to refund the money and instead suggested that her fiancé, Jonathan Groman, had stolen the cash.
The bank relented and returned the money more than a year later only when the police arrested a Santander employee for fraud, after finding financial documents of customers in her home. But the bank agreed to pay back the cash only if Ms Woolf signed a confidentiality agreement. The bank also refused to apologise to Ms Woolf and Mr Groman.
This case, along with others that Times Money has seen, shows how victims of chip-and-PIN fraud often face an impossible battle to recover their money. The number of card fraud victims has leapt by 40 per cent in a year, to 2.4 million people, about one in 20 of the adult population, according to figures published this week.
Andy Bokor, of Trustwave, a company that compiles data on fraud at large companies, including banks, says: “About 5 per cent of our compromise investigations occur from internal threats.”
In some cases, victims are even left “owing” their bank money after fraudsters spend their overdraft or the balance of a fraudulent cheque before it has bounced.
Jilo Katter, a 23-year-old student from Coventry, has been locked in a “horrendous” dispute with Santander for 18 months after the bank held her liable for £14,000 spent by fraudsters on her account. Ms Katter’s problems began when her debit card was stolen. She reported the theft to Abbey two days later, during which time someone deposited a fraudulent cheque for £14,000 into her account and used her card and PIN to withdraw thousands of pounds from cash machines in shops. The cheque bounced a few days later, but by then the money had been spent and Ms Katter was held liable for the debt. “Abbey insists that the card used to withdraw the money was the ‘unique’ card still in my possession — there were two cards for my account and only one was stolen,” Ms Katter says. “Therefore the transactions must have been by me or someone connected to me who knew my PIN.”
The Emma Woolf case shows that fraudsters are able to clone chip-and-PIN cards. Yet, throughout Ms Woolf’s legal battle Santander insisted on the infallibility of chip-and-PIN.
In its defence of Ms Woolf’s compensation claim, Santander stated: “The genuine debit card was used for the withdrawals. This can be ascertained from the unique chip contained within the card . . . the unique chips are not capable of being copied.” But Ms Woolf says her card was in her safe at all times.
Ms Katter, like Ms Woolf, insists that she never wrote down her PIN or divulged it to anyone. She claims: “Santander suggested that the fraud may have been committed by someone close to me but it has not provided a scrap of evidence to substantiate this claim.”
She adds: “Santander has emptied my savings accounts of about £1,500 to repay some of the debt and is charging me £300 interest a month on the outstanding balance. It has ruined my credit rating and I am now being hounded by its debt collection agency.”
The police refused to help Ms Katter, saying that if Abbey has not reported the crime, no crime has been committed.
The Financial Ombudsman Service, the independent body that settles disputes between banks and consumers, also turned down her complaint, agreeing with Santander that she must have been negligent with her PIN.
The Ombudsman’s decision is “final and binding”, so Ms Katter’s only option is to take Santander to a small claims court, which can be expensive and time consuming. Ms Woolf, for example, spent about £3,000 on legal fees pursuing her case through the small claims court. Ms Katter says: “I am convinced that it is an inside job at Abbey, but how can I prove it? I am a student and there’s no way I can afford to take the bank to court.”
Experts say that legislation introduced in April 2007 compelling consumers to report fraud only to their bank and not to the police has allowed banks to treat victims unfairly.
Since 2007 it has been a bank’s responsibility, not the card holder’s, to pass details of the crime on to the police. This means that exasperated victims of fraud who go to the police for help areusually turned away.
Ms Woolf told police in Colindale, northwest London, of her fraud but was astonished to receive a letter saying that her case had been closed because Santander (then Abbey) would not co-operate with the investigation. “Our enquiries to date have centred around disclosure of relevant details from Abbey,” an Inspector wrote. “Unfortunately Abbey has not disclosed this information to us and we are therefore not in a position to continue the investigation.”
Critics say that the system of fraud reporting not only allows banks to pick and choose which cases are investigated, but also allows the Government to keep crime figures to a minimum as credit and debit card fraud does not appear in the annual British Crime Survey.
Ross Anderson, a professor of IT security at the University of Cambridge, says: “Inside jobs are a significant problem for banks. The Home Office pretends that card fraud is not a serious crime and tries to ignore the statistics in the hope it will go away. In fact it is getting worse and ordinary people are losing hundreds or even thousands of pounds to fraud.”
Victims of fraud can often see exactly where fraudsters have spent their money because it appears on their bank statement. Yet police will not identify the thieves by obtaining evidence such as CCTV footage of a cash machine or shop where a card was used fraudulently, unless requested to do so by a bank.
Ryah Snipe, 23, is being pursued by Santander for £7,000 after fraudsters drained her account using her card and PIN. The mother of one has been forced to hire a lawyer after the Financial Ombudsman Service turned down her complaint and the police refused to help.
Ms Snipe had her debit card stolen and a fraudulent cheque paid in to her account, which was spent before the money cleared. The fraudster’s spending spree left her with a debt of £7,000 that she must now repay.
Santander is charging interest on the debt and has hired a debt-collection agency to chase Ms Snipe for the money, she says. “I am not a criminal, I am a victim and a single mum who only earns £16,000 a year. I do not know how my PIN was obtained, I have never written it down or told the number to anyone. Santander has branded me a fraudster without any evidence, which affects my credit record and my future job prospects. My whole future is in question and I feel totally powerless.”
Times Money put a series of questions to Santander about how it deals with fraud but the bank refused to answer any of them (see box page 59).
A spokesman would say only: “We review every customer claim on an individual basis and take full responsibility for fraud that happens on our customers’ accounts, as long as we are satisfied that the customer has not done anything to leave their account vulnerable.
“However, we are unable to accept responsibility for money that goes missing from a customer’s account through their negligence.”
Case study
Ronnie Menassa, 29, set up the support site abbeyfraud.com in summer last year after he fell victim to fraud on his business account. Since then he has heard from about 40 other people fighting with Santander to recover their money.
“Some of the stories are horrendous, especially ones where people are chased by the bank for thousands of pounds spent by a fraudster. In all cases, dealing with Santander’s fraud department is a nightmare. Security at the bank definitely needs to be tightened — most importantly by not making funds available to fraudsters for uncleared ‘fake’ cheques.”
Numerous fraudulent direct debits and standing orders were set up on Mr Menassa’s account for everything from home rent, car insurance and mobile phone insurance to National Trust membership. Every time Mr Menassa, who runs yooneeq.com, a virtual telecoms and business support company, noticed a new fraudulent standing order or direct debit the bank would remove it, only for another to appear a few days later. “It went on for months,” Mr Menassa says.
A spokesman for Santander said: “We acted appropriately and closed the account when we became aware of the fraud and refunded the money to the customer. We reported the incident to the police.”
Unanswered questions
Times Money asked Santander the following questions, all of which the bank refused to answer:
• Will you issue an apology and compensation to Jonathan Groman for the way he was treated?
• Can you explain how it was possible for someone to obtain a copy of Emma Woolf’s card and PIN?
• What measures have you put in place to prevent similar fraud happening again?
• How does Santander justify suggesting that its customers (or their family) are criminals with only circumstantial evidence?
• Does Santander always investigate the possibility of employee fraud in disputed withdrawals? If not, why not?

Santander, the Spanish banking giant, routinely suggests that fraud victims or their families are criminals in order to avoid refunding disputed transactions, an investigation by Times Money has found.

Emma Woolf, a longstanding customer of the bank, had £10,000 withdrawn from her account without her knowledge, but Santander, formerly known as Abbey, refused to refund the money and instead suggested that her fiancé, Jonathan Groman, had stolen the cash.

The bank relented and returned the money more than a year later only when the police arrested a Santander employee for fraud, after finding financial documents of customers in her home. But the bank agreed to pay back the cash only if Ms Woolf signed a confidentiality agreement. The bank also refused to apologise to Ms Woolf and Mr Groman.

This case, along with others that Times Money has seen, shows how victims of chip-and-PIN fraud often face an impossible battle to recover their money. The number of card fraud victims has leapt by 40 per cent in a year, to 2.4 million people, about one in 20 of the adult population, according to figures published this week.

Andy Bokor, of Trustwave, a company that compiles data on fraud at large companies, including banks, says: “About 5 per cent of our compromise investigations occur from internal threats.”

In some cases, victims are even left “owing” their bank money after fraudsters spend their overdraft or the balance of a fraudulent cheque before it has bounced.

Jilo Katter, a 23-year-old student from Coventry, has been locked in a “horrendous” dispute with Santander for 18 months after the bank held her liable for £14,000 spent by fraudsters on her account. Ms Katter’s problems began when her debit card was stolen. She reported the theft to Abbey two days later, during which time someone deposited a fraudulent cheque for £14,000 into her account and used her card and PIN to withdraw thousands of pounds from cash machines in shops. The cheque bounced a few days later, but by then the money had been spent and Ms Katter was held liable for the debt. “Abbey insists that the card used to withdraw the money was the ‘unique’ card still in my possession — there were two cards for my account and only one was stolen,” Ms Katter says. “Therefore the transactions must have been by me or someone connected to me who knew my PIN.”

The Emma Woolf case shows that fraudsters are able to clone chip-and-PIN cards. Yet, throughout Ms Woolf’s legal battle Santander insisted on the infallibility of chip-and-PIN.

In its defence of Ms Woolf’s compensation claim, Santander stated: “The genuine debit card was used for the withdrawals. This can be ascertained from the unique chip contained within the card . . . the unique chips are not capable of being copied.” But Ms Woolf says her card was in her safe at all times.

Ms Katter, like Ms Woolf, insists that she never wrote down her PIN or divulged it to anyone. She claims: “Santander suggested that the fraud may have been committed by someone close to me but it has not provided a scrap of evidence to substantiate this claim.”

She adds: “Santander has emptied my savings accounts of about £1,500 to repay some of the debt and is charging me £300 interest a month on the outstanding balance. It has ruined my credit rating and I am now being hounded by its debt collection agency.”

The police refused to help Ms Katter, saying that if Abbey has not reported the crime, no crime has been committed.

The Financial Ombudsman Service, the independent body that settles disputes between banks and consumers, also turned down her complaint, agreeing with Santander that she must have been negligent with her PIN.

The Ombudsman’s decision is “final and binding”, so Ms Katter’s only option is to take Santander to a small claims court, which can be expensive and time consuming. Ms Woolf, for example, spent about £3,000 on legal fees pursuing her case through the small claims court. Ms Katter says: “I am convinced that it is an inside job at Abbey, but how can I prove it? I am a student and there’s no way I can afford to take the bank to court.”

Experts say that legislation introduced in April 2007 compelling consumers to report fraud only to their bank and not to the police has allowed banks to treat victims unfairly.

Since 2007 it has been a bank’s responsibility, not the card holder’s, to pass details of the crime on to the police. This means that exasperated victims of fraud who go to the police for help areusually turned away.

Ms Woolf told police in Colindale, northwest London, of her fraud but was astonished to receive a letter saying that her case had been closed because Santander (then Abbey) would not co-operate with the investigation. “Our enquiries to date have centred around disclosure of relevant details from Abbey,” an Inspector wrote. “Unfortunately Abbey has not disclosed this information to us and we are therefore not in a position to continue the investigation.”

Critics say that the system of fraud reporting not only allows banks to pick and choose which cases are investigated, but also allows the Government to keep crime figures to a minimum as credit and debit card fraud does not appear in the annual British Crime Survey.

Ross Anderson, a professor of IT security at the University of Cambridge, says: “Inside jobs are a significant problem for banks. The Home Office pretends that card fraud is not a serious crime and tries to ignore the statistics in the hope it will go away. In fact it is getting worse and ordinary people are losing hundreds or even thousands of pounds to fraud.”

Victims of fraud can often see exactly where fraudsters have spent their money because it appears on their bank statement. Yet police will not identify the thieves by obtaining evidence such as CCTV footage of a cash machine or shop where a card was used fraudulently, unless requested to do so by a bank.

Ryah Snipe, 23, is being pursued by Santander for £7,000 after fraudsters drained her account using her card and PIN. The mother of one has been forced to hire a lawyer after the Financial Ombudsman Service turned down her complaint and the police refused to help.

Ms Snipe had her debit card stolen and a fraudulent cheque paid in to her account, which was spent before the money cleared. The fraudster’s spending spree left her with a debt of £7,000 that she must now repay.

Santander is charging interest on the debt and has hired a debt-collection agency to chase Ms Snipe for the money, she says. “I am not a criminal, I am a victim and a single mum who only earns £16,000 a year. I do not know how my PIN was obtained, I have never written it down or told the number to anyone. Santander has branded me a fraudster without any evidence, which affects my credit record and my future job prospects. My whole future is in question and I feel totally powerless.”

Times Money put a series of questions to Santander about how it deals with fraud but the bank refused to answer any of them (see box page 59).

A spokesman would say only: “We review every customer claim on an individual basis and take full responsibility for fraud that happens on our customers’ accounts, as long as we are satisfied that the customer has not done anything to leave their account vulnerable.

“However, we are unable to accept responsibility for money that goes missing from a customer’s account through their negligence.”

Case study

Ronnie Menassa, 29, set up the support site abbeyfraud.com in summer last year after he fell victim to fraud on his business account. Since then he has heard from about 40 other people fighting with Santander to recover their money.

“Some of the stories are horrendous, especially ones where people are chased by the bank for thousands of pounds spent by a fraudster. In all cases, dealing with Santander’s fraud department is a nightmare. Security at the bank definitely needs to be tightened — most importantly by not making funds available to fraudsters for uncleared ‘fake’ cheques.”

Numerous fraudulent direct debits and standing orders were set up on Mr Menassa’s account for everything from home rent, car insurance and mobile phone insurance to National Trust membership. Every time Mr Menassa, who runs yooneeq.com, a virtual telecoms and business support company, noticed a new fraudulent standing order or direct debit the bank would remove it, only for another to appear a few days later. “It went on for months,” Mr Menassa says.

A spokesman for Santander said: “We acted appropriately and closed the account when we became aware of the fraud and refunded the money to the customer. We reported the incident to the police.”

Unanswered questions

Times Money asked Santander the following questions, all of which the bank refused to answer:

• Will you issue an apology and compensation to Jonathan Groman for the way he was treated?

• Can you explain how it was possible for someone to obtain a copy of Emma Woolf’s card and PIN?

• What measures have you put in place to prevent similar fraud happening again?

• How does Santander justify suggesting that its customers (or their family) are criminals with only circumstantial evidence?

• Does Santander always investigate the possibility of employee fraud in disputed withdrawals? If not, why not?

Source: The Times Online – http://yoorl.info/?Jp

(1) Comment    Read More   
Posted on 06-04-2010
[The Times] Fraud by bank staff puts accounts at risk
Filed Under (Media, The Times) by admin

The Times Online

Victims of unexplained fraud may have been deliberately targeted by bank staff who prey on customers with unmonitored accounts, experts have warned.

“Inside jobs” are becoming an increasing problem for banks, particularly at outsourced call centres. Many Times Money readers who have been victims of fraud say that their bank has refused to refund the money. “Inside fraud is a common problem,” Ross Anderson, a professor of security engineering at the University of Cambridge, says. “Banks sack maybe 1 per cent of their staff every year, mostly for small-time embezzlement.”

There are several court cases rumbling on that involve bank staff and fraud. Karl Edwards, a former bank manager for the Hagley Road, West Midlands, branch of Barclays, and Andrew Waters, a former employee of the same bank’s Croydon branch, have been charged with two counts of conspiracy. The prosecution alleges that the two men joined false names to wealthy customers’ accounts and withdrew £1.3 million. Both men deny the charges and are due to face retrial, along with three others, later this year.

There are many ways that staff could potentially defraud customers — for example, by ordering a new card and PIN without the customer’s knowledge and using this to withdraw money near the victim’s home. In this situation, banks may refuse to refund the money because, if the correct card and PIN is used, it is very difficult to prove that the transaction was fraudulent.

“Fraudsters will deliberately target inattentive people — for example, those who only receive annual statements, elderly people who are perhaps easily confused, or those who rarely use their accounts,” Mr Anderson says. “That is why it is so important to check your account regularly for suspicious activity.”

As well as bank branch staff, consumers may also be at risk from staff who work in outsourced call centres. Last December an employee of the Student Loans Company (SLC), who worked at an outsourced call centre in Glasgow, allegedly obtained 24 students’ bank account details and gained thousands of pounds from two of them. A spokeswoman for the SLC said that the students were reimbursed and the matter has been reported to Strathclyde Police.

Cameron Ross, of Veritape, which provides call-recording software, says: “Data theft from call centres is an increasing problem — not only for banks, but for any company handling customers’ financial information. All a fraudster needs for a spending spree is a person’s card number and three-digit security code.

“Centres are supposed to ensure that staff cannot leave the building with customers’ details, and that call recordings do not contain customers’ sensitive data. However, most UK call centres are not compliant with these guidelines.”

Nicholas Percoco, of Trustwave, an information security company, says that data breaches are a big concern for banks. “If a bank employee is being tapped by an organised crime group, they may pay that employee, say, £5,000 to install spyware software that can capture customers’ names, addresses and credit card details,” he says. “This could be done very quickly and is very hard to detect.”

Many victims of fraud complain that their bank does not explain how or why fraud occurred on their account, leaving them wondering if it was an inside job. They also say that banks appear unwilling to report fraudsters to the police.

Ronnie Menassa, 29, set up the website abbeyfraud.com after he fell victim to systematic fraud on his business account. Somebody set up numerous direct debits and standing orders, and the bank froze his account only when the fraudster tried to withdraw £32,000 in one go.

“It was so frustrating because Abbey [now Santander] may have known who was setting up these payments,” he says. “Either Abbey could not be bothered to follow it up or something more sinister was going on.”

Mr Menassa, who runs yooneeq.com, a virtual telecoms and business support company, had the money refunded, but all his business accounts were frozen for 12 weeks while Abbey sorted out the problems. A spokesman for the bank says: “We reported the incident to the police. If they wish to investigate, we will co-operate fully.”

Since Mr Menassa set up his support site, several other victims of apparent fraud, who are locked in a dispute with Abbey, have contacted him.

Despite new Financial Services Authority rules stating that a bank must refund any disputed transactions immediately, banks are still refusing to refund customers. Elias Selby, a 22-year-old student, says that a fraudulent cheque for £18,000 was paid into an account he rarely used. The cheque bounced, but first the criminals managed to spend all £18,000 within 20 minutes using a card and PIN at a betting shop. “Now Abbey is chasing me for the money,” Mr Selby says. “It has also ruined my credit rating. I’ve no idea how someone could have got my PIN or how a cheque can be spent before it clears. Abbey has not offered any explanation for the fraud; it has treated me like the criminal.”

A spokesman for the bank said: “All the disputed transactions were made using the original card and the correct PIN, with no failed attempts to enter the PIN. We are unable to accept responsibility for money that goes missing from customers’ accounts through their negligence.”

A spokeswoman for Barclays says: “Staff fraud is rare, but it can happen in any organisation. We take steps to minimise the risk and detect it quickly. Customers should be reassured that if they fall victim to fraud on their account, they won’t suffer financial loss, unless they are negligent with their PIN or password details.”

Instant access for fraudsters at Barclays

Barclays has been accused of failing to protect customers’ financial privacy after security flaws in its online banking were uncovered by a researcher at the University of Birmingham.

Ben Smyth, at the School of Computer Science, says that a hacker could easily view customers’ bank statements and transfer money between their Barclays accounts. “Security has been neglected in favour of usability,” he says.

If Barclays customers have forgotten their instant-access log-in details, they need only four pieces of data to retrieve it — surname, date of birth, 16-digit card number and three-digit card security code. Mr Smyth says that these pieces of information are too easy to obtain and this leaves people vulnerable to invasions of privacy.

Fraudsters would not be able to move money out of somebody’s Barclays accounts, but they could see a person’s recent transactions and account number and sort code.

A spokeswoman for Barclays says: “Instant access has very limited functionality and we have seen no instances of money being transferred out of accounts in this way.”

Baffled by how fraudsters gained bank details

Holly Noyes recently had some unexplained fraud on a Halifax account that she rarely uses.

The 25-year-old from Richmond upon Thames, southwest London, was contacted by Halifax’s fraud department when someone tried to use her card details to book a £2,000 flight to Morocco.

“Luckily, they stopped the transaction, so I didn’t lose any money,” she says. “I then noticed that a month earlier a fraudster had bought O2 credit worth £30.”

Ms Noyes had not used the account since about September last year. While there is no suggestion that the fraud was an “inside job”, she remains baffled as to how the fraudsters managed to obtain her bank details.

“I have always had the card on me and have never used it to shop online, so I do not know how someone was able to capture my card details,” she says.

When Ms Noyes googled this type of fraud, she found that many other people on consumer forums had found a bogus “O2 LTD pre-pay Slough £30” transaction on their statements. Slough is where the O2 office is based.

A spokeswoman for Halifax was unable to say how the fraud took place, but she added: “Security for customers is our priority. If we detect unusual activity on an account, we can contact the customer before allowing it to proceed.”

An O2 spokeswoman said: “We take every precaution to ensure that payments are genuine.”

Source: The Times Online – http://yoorl.info/?iM


(0) Comments    Read More   
Posted on 05-08-2009
Can you help me?
Filed Under (Abbey Business Fraud, Other) by admin

Abbey Logo

Hi everyone – I have set up this website due to my frustration with abbey following numerous fraud activity on my abbey business account. Please read my story on the about page

I will keep this blog up to date with my developments but would love to hear from anyone who is having a simlar problem to me or had  similar problem to be able to prevent this from happening in the future.

Please share this with your contacts. As they say many voices are better than one. This maybe something that happens to you in the future so let’s make some noise.

Please contact me through the contact page if you have also been a victim or if you can help in any way.

(2) Comments    Read More