No-hang up fraud victims unlikely to get bank compensation

Nearly two thirds of British 'no-hang up' victims do not get compensated by their banks, the Financial Ombudsman Service (FOS) has revealed.

No-hang up scams see crooks cold call people pretending to be from their bank or the police, warning them that their account is in danger and money needs to be moved or withdrawn. The victim is told to hang up and call their bank back but the criminal simply stays on the line to harvest their details.

The FOS says that of 200 cases it reviewed, in just 37% did the ombudsman find the bank’s response to the fraud had fallen short and ordered that customers be compensated. In the remainder of the cases, the bank had done all that it could.

The sums involved were substantial, with 38% of people losing between £5000 and £14,999, 20% between £20,000 and £49,999, and some more than £100,000. Most victims are older - of the 200 cases reviewed, 80% of those conned were over the age of 55, and in five was over 75.

Caroline Abrahams, charity director, Age UK, says: "Government and financial institutions need to recognise the relentless threat to older people that fraud represents and take much more determined action against it."

Channels

Retail banking Security

Comments: (2)

Dave Sanderson - YBS Group - Bradford/Leeds - UK 07 July, 2015, 08:21

Be the first to give this comment the thumbs up

0 likes

I agree that this is a terrible crime but I'm unsure what banks can do to mitigate the risks and therefore accept liability. The fault seems to be with the telephone line providers in providing a service that facilitates this type of fraud.

Two genuine questions, what could banks to do combat this and should banks accept the liability in this scenario?

Report abuse

Russell Bell - Fastbase Ltd - Wellington 08 July, 2015, 03:52

0 likes

What banks should do is migrate fully to two-factor authentication. Many banks require 2FA for some on-line payments, i.e. you logon to their website using a password but to make a payment you must also supply another secret-key you receive via text-message or a hardware token. However many banks only require 2FA for tranactions above some threshold or to an unknown party, and only for the on-line banking channel.

If all payments (via any channel, not just on-line banking) required 2FA then it wouldn't matter if scammers harvested details, they couldn't transfer money unless they controlled the registered mobile phone number or possessed the hardware device.

Already there are non-bank online deposit holders that offer to make good customer losses, but only on condition the account is secured via 2FA.