Fraudsters are committing man-in-the-middle vishing scams to exploit genuine bank account details and security information which enables them to make unauthorised payments to bank accounts under their control.
How It Works:
Generally, victims are contacted by a text, letter or email purporting to be from their bank, which requests that the victims contact them on a telephone number provided.
The victim phones the number provided, and the suspect then redirects them to the bank; however as the call has been redirected, the criminals have the ability to record and listen to this call as it is being made, gaining all the victim’s security answers and personal details.
The criminals then phone the bank at a later date purporting to be their customer and exploit the genuine credentials and security information gained to request a range of payments to be made from the account/s.
It may be that people are contacted directly by the suspect, purporting to be the bank, who request further details so that validation can be gained for further transactions.
Protection / Prevention Advice:
- Never provide personal or financial details to an unsolicited caller.
- Always contact the bank on a trusted number found on their website or correspondence that is known to be authentic e.g. statement.
- When contacting your bank please request confirmation of any earlier communication before giving any personal details. This will assist in identifying if any unauthorised person has attempted to obtain your details or money.
If you, or anyone you know, have been affected by this fraud or any other scam, report it to Action Fraud by calling 0300 123 2040