‘We’ll pay back victims of scam’
Bank of Ireland customers lost over €100,000 after being defrauded in ‘smishing’ operation
BANK of Ireland is to reimburse its customers who collectively lost more than €100,000 after scammers infiltrated genuine texts between the bank and its clients.
A bank spokesman told the Irish Daily Mail that the fraudsters are targeting people during the pandemic because there are more of us using online banking and more people working from home.
He said the scammers prey on people’s panic by telling them that their account is being blocked because of an unauthorised transaction.
The customers, thinking that they are continuing their genuine communication with the bank, then input their details on a fraudulent website and the scammers then withdraw money from their accounts.
The spokesman said there was an active Garda investigation under way, all customers had been reimbursed and he did not know where the scammers were based.
The sophisticated scam is a form of ‘smishing’, or SMS
Attack review: Gavin Kelly phishing, which is fraud committed through text messaging. In this case, the scammers sent a text to the customer, often claiming their bank card had been blocked and referred them to what appeared to be a genuine bank website.
They then input their Banking 365 PIN numbers, their bank card numbers and their four-digit card PIN, allowing the fraudsters to transfer money from their account.
Among the victims was a woman, identified as ‘Jenny’, who has a senior role in a financial company and is embarrassed to have been scammed out of €10,080.
‘I feel betrayed, trust is really broken,’ she told Joe Duffy on RTÉ Radio 1’s Liveline.
She said that the scammers withdrew the money over five transactions on June 30.
The next day she emailed Bank of Ireland to say that the transfers were ‘very clearly unauthorised’ and instructed the bank to stop them.
She said that on July 2 the bank told her that they were ‘shadow payments’ which had not gone through yet. ‘I still thought I had hope,’ she said.
She told the bank that it would be facilitating fraud if it allowed the payments to be processed. However, the payment did go through and she lost the money.
She said she was very embarrassed, given her role in financial services.
She was so nervous about speaking on the show that her voice was distorted so that her employers or clients would not recognise her.
Duffy repeatedly said that a listener first contacted the bank about the scam in August 2019 and the bank requested screenshots of the attempted fraudulent transaction. However, a Bank of Ireland source strongly contested that claim.
‘This scam, in various forms, has been around for at least two years. So to say the bank was notified of the same issue a year ago is not accurate. It is an ever-changing security situation,’ the source said.
In a statement, the bank said that smishing is ‘a serious criminal activity which targets customers of a range of institutions around the world – including banks, postal authorities, social welfare payments, and tax collection.
‘While it has been in existence for many years, the volume of smishing has increased significantly over time.’
Gavin Kelly, head of Bank of Ireland’s Irish retail section, said the bank had ‘carried out a review into a recent smishing attack.
‘This tricked customers into divulging their confidential banking details,’ he said.
He added the fraudsters ‘have been particularly active during this period and as consumers, we have had many other pressing concerns to deal with through Covid-19.
‘Therefore we will be reimbursing the customers for these losses and the bank will absorb the financial impact.’
‘I still thought I had hope’