Not your 'average' bank fraud

**gradus** · 19-01-16, 10:20

Many thanks for posting this, I read it immediately after making an online bank payment, so very timely.

**french frank** · 19-01-16, 13:17

If I want to make an online payment to a new payee, the bank rings me up on my landline to confirm it. That's about the limit of the risk I'd want to take with online banking. You don't have to use a mobile or rely on getting a text - but I'd guess very few younger people have landlines (judging from the ever decreasing size of the Phone Book). Or can people hack into the landline too?

**Old Grumpy** · 19-01-16, 13:32

Originally posted by Anastasius View Post

I'm posting this here as it is so out of the ordinary and also out of your control to prevent it happening to you.

It's the first item here http://www.bbc.co.uk/programmes/b06w53bh

A fraudster was able to bypass easily the two-part security, put in place by banks, by persuading the mobile company to re-register a new SIM card and so ensuring that the security code texted by the bank went to the fraudsters phone and not to your phone. As far as I can see there is little you can do to prevent this happening to you as it relies on social-engineering and the reaction/attitude of the individual call-centre operator at your mobile company.

Of course, if you never do online banking then you have no need to worry!

Or never do online banking through a mobile phone - especially via free WiFi. I am with FF (#3) on this - landline retained, rarely use mobile phone.

OG

**jean** · 19-01-16, 13:33

For a new payee, my bank makes me use a card reader. Are they vulnerable, too?

**Bryn** · 19-01-16, 13:51

Originally posted by french frank View Post

... can people hack into the landline too?

Indeed they can. Just do an Internet search for "landline hacking".

**ahinton** · 19-01-16, 14:46

Originally posted by Bryn View Post

Indeed they can. Just do an Internet search for "landline hacking".

In response to FF and jean, landlines and card readers can be hacked. I do online banking but have never used a mobile for this. The important thing for anyone doing online banking is to make regular checks of bank statements online and report any ontoward activity at the earliest opportunity; there are safeguards in place to address this issue.

**teamsaint** · 19-01-16, 17:12

if you have fairly straightforward banking requirements, First Direct seems to work very well, without the need for online banking at all, all from your landline and the comfort of your own home.

Landline hacking is something new I seem to have to worry about.....

**Bryn** · 19-01-16, 17:25

Originally posted by ahinton View Post

In response to FF and jean, landlines and card readers can be hacked. I do online banking but have never used a mobile for this. The important thing for anyone doing online banking is to make regular checks of bank statements online and report any ontoward activity at the earliest opportunity; there are safeguards in place to address this issue.

With one of my accounts I have to make use of a mobile phone for receiving the validation code only. This is because I clear out the financial service provider's cookies when ever I shut my laptop down, so that my computer is no longer recognised by them. However, I do not use my usual mobile phone in this instance. I have an old pay-as-you -go phone which gets used just for this purpose. I gave up my landline telephone contract several years ago and do not miss it at all. My main Internet connection is via fibre-optic cable.

**Anastasius** · 19-01-16, 22:16

Originally posted by Old Grumpy View Post

Or never do online banking through a mobile phone - especially via free WiFi. I am with FF (#3) on this - landline retained, rarely use mobile phone.

OG

Sorry but you've misunderstood. You are using your desktop/laptop to do your online banking. As part of the authorisation process some banks - Lloyds, for example - will have asked you for a landline and/or mobile number that they ring. On your desktop screen are four digits and when you are prompted on the phone to enter them, you do. This tells the bank that it's OK to continue with the payment. So your phone is only being used as a phone....not for internet banking.

I also agree with you and I'd never use my mobile phone for online banking either - possibly an iPhone in extremis but definitely not an Android based phone.

(FF - Santander will not accept a landline - you have to have a mobile phone!!)

**Anastasius** · 19-01-16, 22:18

Originally posted by jean View Post

For a new payee, my bank makes me use a card reader. Are they vulnerable, too?

Not as far as I am aware, Jean, provided that it is one where you have to enter a PIN that is know only to you. There was a flurry of concern back in 2009 that I found reference to after a very cursory Google.

**Anastasius** · 19-01-16, 22:19

Originally posted by Bryn View Post

Indeed they can. Just do an Internet search for "landline hacking".

The landline hacking that you are referring to would not be an issue as far as online banking two-step verification is concerned so FF you can rest easy.

**Anastasius** · 19-01-16, 22:21

Originally posted by ahinton View Post

In response to FF and jean, landlines and card readers can be hacked. I do online banking but have never used a mobile for this. The important thing for anyone doing online banking is to make regular checks of bank statements online and report any ontoward activity at the earliest opportunity; there are safeguards in place to address this issue.

No they can't in the context of online banking. If you think that they can then please provide a URL.

**gradus** · 20-01-16, 10:40

I'm lost in the technicalities. Does the above mean that a card reader is safe because it has no URL? Yours baffled...

**Anastasius** · 20-01-16, 12:35

Originally posted by gradus View Post

I'm lost in the technicalities. Does the above mean that a card reader is safe because it has no URL? Yours baffled...

Gradus, yes, you should not need to worry. The reference to the URL above is in response to Ahinton's post which is inaccurate and misleading.

Not your 'average' bank fraud

Not your 'average' bank fraud

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment