DavidS wrote:
but whenever my bank / credit card companies would call me, and I insisted on getting a contact and calling them back, they seemed surprised.
There was a scam where even that didn’t work.
Due to a quirk in the British landline telephone system which was probably introduced in the early 20th century (and phone systems are extremely serious about backwards compatibility so all the quirks tend to get carried forward into new systems), only the caller can clear down a call, the callee can’t. (This used to annoy my mother – one of my nerdy friends when I was a teenager would call, and we’d talk at length about our computers, my mother would get annoyed and press the hook on the phone, and then would be very surprised when she let go and we just carried on talking, because it was my friend who had called me – so the call was never cleared down, only my friend could do that).
So what the scammer does is to tell you call the bank back, using the number on the back of your card. You hang up, but the call isn’t cleared down because only the caller can do that, the scammer plays the sound of a dialtone down the phone so when you pick up you have a “dialtone”, then you dial the number, and you’re talking to the scammer. Of course most people don’t know that the UK phone system works this way and are completely fooled – understandably. Unless you know about this quirk of the phone system, any reasonable person will believe they have phoned their bank and the call is genuine!
This is why the advice now is to phone back from your mobile phone. The trick is impossible on a mobile phone in the first place, and calling back from a different phone in any case stops this scam from working.
This thread and seeing where the development of the internet in general has been heading makes very depressing reading.
It is not “only” banking scams which make things difficult, but the general tendency to misuse any and all tools mankind is ever given into it’s evil hands. Some claimed it all started when Cain got hold of that hammer.
E-mail is practically totally useless today, over 90% of all mails are spams. Everything is full with fraudulent or just obnoxious advertizing. Online presence is no longer about content but advertizing and data mining. “News” are predominantly doctored to generate as much clicks as possible rather than focussing on reporting the truth. And the “reader comments” in newspapers often are just a venomous expression of boundless hatred. And it is staggering how much of internet bandwith is wasted by people consuming and spreading pornography.
Nothing is safe from attacks via the net.
Now with the rise of AI, things may get even worse.
The discussion, whether mankind as a whole is only too stupid to ever use something made for them to their actual advantage or if mankind is simply predominantly evil and can only be kept under a certain amount of control by violent application of the law.
Does not make me confident for the future.
Mooney_Driver wrote:
E-mail is practically totally useless today, over 90% of all mails are spams.
Maybe 90% of all email is spam, but less than 1% of what gets into my mailbox is spam. It sounds like you need better spam filtering?
This is an example of how the outfit calling itself Revolut behaves
I know this guy.
They were similarly disinterested when somebody extracted 6k out of my bank using some Revolut-related scam.
Mind you, Lloyds Bank is only a slightly smaller bunch of incompetent tossers, blocking your account if you phone them up and are then unable to receive an SMS message because you live in a place known as “the countryside” (a piece of heavy sarcasm I enjoyed using to some Lloyds member staff recently) 
The problem is that the entire “retail financial services” sphere is full of sh*it. They have over-interpreted the regs (KYC – know your customer – etc) while big banks have been openly money laundering hundreds of millions. I am involved in a case right now (can’t post details, but retail mortgage related) which shows that basically everybody down the line is an anally retarded idiot. One of the funniest things is that this has led to ID solutions like Thirdfort where somebody is storing enough data on a web server to completely destroy all customers for ever if the server was ever hacked.
There is only one solution: have multiple approaches. Multiple cards, etc.
In particular case the question is why would somebody contact a bank where allegedly fraudster’s account is located if he/she is not a client of that bank. And why would the bank respond.
The fraud prevention simply doesn’t work in this way. If you suspect fraud, you notify police or other government agency (depending on country and legislation). The other option is to inform your bank and let them deal with it, launching investigation, notifying other clients if necessary.
If you want to test this, choose random bank in let’s say Spain or France and write them you received suspicious email from someone who claims to be their client, asking you to execute some payment. And let me know if they responded and when.
It’s not about Revolut, they are ok, it’s about how the system works.
“If you suspect fraud, you notify police or other government agency (depending on country and legislation).”
In Scotland, unless there’s been a recent change, Police Scotland will take no action, but will offer a crime number to you if you have lost .money.
They would not record bank account details which I had not payed money into.
In most countries attempted crime is still a crime. We don’t reward unsuccessful criminals by not prosecuting them.
I had a £50k fraud at work 15 years ago, from an invoice with amended payment details.
My bank (Natwest) was completely useless: “your fault, your problem”.
The supplier wasn’t any help either.
After a lot of time on the phone we found someone senior in the fraud department of the receiving bank, who managed to return the funds from the Chinese account. We were very lucky Citibank had a UK office, took it seriously, and someone with enough authority took a personal interest.
It’s not easy to independently check international bank details: emails hijacked, zero ELP on the telephone, fax no longer in use, ungrammatical WeChat invitation…
The thing which saved you was prob99 that Citibank didn’t do the KYC properly, but they were not going to tell you that 
The loss I had (identical method) used Regions Bank – a US bank set up for poor people with little or no ID and maybe no fixed address. Admittedly I should have smelt a rat with a Chinese supplier using a US bank, but fraud / tax evasion is standard in China so I thought it was normal One of the clues was in the email headers (the reply-to: header) and another one (which most people would not spot, because they use modern email software) was that the email was html-only whereas the real supplier’s emails were html+plain.
‘In most countries attempted crime is still a crime."
In Scotland (and the rest of the UK?) theft is often not investigated. I have little doubt that, had I recorded the scammer addressing me as “Mr M”, and told the police I had transitioned, the hate crime would have gone to court.
My instance was an aircraft for sale. I offered the police the contact landline phone number and the bank account number while the scammer still thought I was hooked. They weren’t interested.
The scam failed as I needed to see the aircraft.
