FRAUD EPIDEMIC AT THE T OTALLY SHAMBOLIC B ANK
Scores have been robbed of their life savings, left on hold for up to five hours by TSB’s ‘helpline’ – then told they won’t get their money back
VICTIMS of a fraud epidemic at the crisis-hit bank TSB are being denied refunds, Money Mail can reveal.
We have been inundated with letters and emails from TSB customers who have lost their life savings to con artists in the wake of the bank’s IT meltdown last month.
They have been duped out of sums as large as £60,000, yet denied assistance from TSB’s overloaded fraud helpline and branches.
One mother has been left for almost a week without access to cash and says she is now struggling to feed her children; a disabled 64-year-old was told to beg his relatives for emergency cash; and a cancer patient had her £29,000 critical illness payout snatched.
Distraught customers are being forced to wait up to five hours to speak to someone on the bank’s fraud hotline. When they finally get through, many are being cut off or informed that the team has gone home.
Others are being told they will have to wait for days — with no access to funds — to learn whether they will get a refund, as the bank is so overwhelmed with cases to investigate.
In the few instances where TSB is giving customers a clear answer, it has routinely refused to give payouts.
Instead, it has blamed fraud victims for handing information to the con artists who drained their accounts.
It was only when Money Mail intervened that the bank said it would refund some victims.
The new scandal has led to calls for TSB chief executive Paul Pester — who earned £1.8 million last year — to resign.
While some customers have no idea how their accounts have been emptied, others admit they have received phone calls or texts that later transpired to be fraudulent.
Criminals appear to be preying on TSB customers’ fears that their accounts were compromised in the bank’s botched attempt to upgrade its computer system.
During the original IT debacle, as well as thousands of customers being locked out of their online accounts, some were able to see the details of other customers’ balances and payments when they logged on. That chaos led to TSB being dubbed the ‘Totally Shambolic Bank’.
Experts warned at the time that fraudsters would attempt to exploit the confusion.
Now, it has emerged that, over the past week or so, crooks have started phoning TSB customers pretending to be bank staff. Some customers have received emails or text messages that appear to come from TSB’s fraud department. They often appear alongside genuine previous messages from the bank and ask the customer to call the number given urgently or update their security details online.
Typically, the fraudsters say there has been suspicious activity on the customer’s account and ask them whether a particular transaction is genuine.
When the victim denies making the payment — which has been fabricated as part of the con — the crook posing as a TSB worker warns the customer that they have been defrauded.
The customer then receives a text from TSB containing a sixdigit code and the words: ‘Hello, TSB here. Use password/code xxxxxx. Didn’t request this? Please call us.’
Victims are told this is part of the bank’s security checks and a vital stage of issuing a refund.
The fraudster then asks the customer to read this code out loud over the phone.
In fact, these codes are understood to enable the criminal to access the customer’s account. It is unclear exactly how the crooks are generating these codes. One theory is that they are using them to reset online passwords.
TSB’s website says to reset a password, you need to enter your internet banking user ID, first name, last name and date of birth.
Once they have persuaded the victim to read out the code over the phone, they use it to get into and empty their bank accounts.
TSB insists that there was no data breach during the weeks of chaos when its computer upgrade went wrong.
But victims say if this is the case, then they have no idea how the fraudsters have got hold of their phone numbers.
They also believe the criminals must have access to their online banking user names and security information, because they are not divulging these over the phone.
Last night, City watchdog the Financial Conduct Authority (FCA) said the bank must repay fraud victims.
Meanwhile, campaigners are calling for executives at the bank to take control or resign. John Mann, an MP on the powerful Treasury Select Committee, says: ‘TSB is in the midst of a chronic crisis. The Financial Conduct Authority needs to send someone into the bank to sort this out.
‘If the directors of the bank cannot sort out these problems, they should resign immediately.’
Ross Anderson, a professor of security engineering at the University of Cambridge, says: ‘This is outrageous. TSB cannot blame customers for falling victim to a sophisticated scam when its systems are in disarray and it won’t answer the phone.’
Customers say it has been impossible to contact the bank to check whether the calls and texts are genuine, because call waiting times can be five hours.
Even when victims do finally get through to someone, they are left in limbo: typically, they are told that their money cannot be refunded until an investigation is completed and their account is then blocked.
Customers are often not given any idea by staff whether their cash will be repaid or when they can get back into their account.
In the worst cases seen by Money Mail, victims who have unwittingly read out the codes in text messages have been warned that they will not be refunded.
Banks do not have to refund fraud victims if it can be proved that the customer authorised a transaction. They can also deny payouts if they believe that the customer was negligent and failed to protect their card details, PIN or password. But experts say the
bank should refund victims regardless — given the unique circumstances.
Martyn James, of the consumer website Resolver, says: ‘TSB is responsible for this error; it should be responsible for refunding customers. What makes this scenario so unfair is that victims have no way of verifying anything, because the bank is too busy to answer the phone.
‘TSB should also be offering customers whose accounts are frozen an extended credit facility so they have access to money, rather than being left high and dry.’
A spokesman for the FCA says: ‘We are in continuous contact with TSB. No customer should lose out as a result of the problems at the firm and we expect TSB to quickly resolve any reports of fraud.’
Nicky Morgan, chair of the Treasury Select Committee, said that TSB chief executive Paul Pester would be grilled again by MPs following the latest crisis. TSB insists that it would never ask for security details in text messages or emails, nor ask customers to divulge their passwords over the phone.
The bank refused to say how many of its customers had been targeted by fraudsters or had lost money.
It added that it would be reviewing each situation on a ‘case-by-case’ basis and those who had been defrauded as a ‘direct result’ of the IT meltdown would not be ‘left out of pocket’.