AIB fraudulent transactions

redmissb

My son has a student account with aib. Unfortunately the other day he got a text that came in on the AIB messages thread and he clicked the link and entered his details and also a verification code. Shortly afterwards he had a text from genuine AIB regarding suspicious activity on his account, sure enough it had been cleared..14 transactions one after the other. AIB are now saying they won't refund because he authorised the transactions, he didn't. What are his chances of getting his money back? He's distraught.

Atlantic Dawn

Previously they were refunding but with the amount of warnings they give all over the app and the website I think this may have now ceased.

Henry Ford III

Looks like your son did authorize withdrawals (by entering details and code).

I can't see why AIB would be liable in the circumstances tbh.

cal naughton

A harsh lesson learned early in life op.

redmissb

Yes the link was to a copy of the aib website, it was all his savings almost €4000. He was told on the phone that night he would get it refunded but then the letter said no. I wonder if they refunded anyone recently? He's sickened about it.

redmissb

It was the fact that it came in on the aib message thread that caught him out, that and he'd just made a fairly big transaction.

redmissb

https://www.boards.ie/discussion/comment/118835766#Comment_118835766

Isn't that how the majority of people are caught out? By giving information to phone scammers etc.

L1011

https://www.boards.ie/discussion/comment/118835776#Comment_118835776

Yes, and that's also why its impossible for them to be liable - the bank would go bankrupt if they had to refund everyone who was scammed.

You cannot trust any SMS as to where it appears to come from - phones will bunch messages with the same sender ID together but sender IDs are 100% fakeable (and have been since the first SMS in the early 1990s)

redmissb

Yes I know not to trust any sms from the bank with a link to follow, I thought my son did too but there you go. At least the person he spoke to yesterday seemed to think there was grounds to appeal the letter. Just wondering what the chances are of getting anywhere with them.

Pentecost

https://www.boards.ie/discussion/comment/118835436#Comment_118835436

This. Someone I know works there and they can't or won't do that any more due to how prevalent the scams are. They used to do it out of goodwill but refunds went through the roof in recent years. Under EU regulations if you give away your authorisation details the bank isn't liable.

redmissb

https://www.boards.ie/discussion/comment/118835986#Comment_118835986

I wonder if he has any chance in that case:(

Pentecost

https://www.boards.ie/discussion/comment/118836137#Comment_118836137

Each case is assessed individually and they will try to be fair despite the poor reputation banks have but the fraud levels are well up in the millions these times I believe.

TuamJ

I know so many people who have been caught with this text message. I got it sent to me 3 times last week and they tried sending me a BOI one too only I don't use BOI. The aul fella has his entire life savings in his current account. Getting him to open a bank account at all was hard work, getting him to invest etc out of the question so he has it sitting in his AIB account. I dread getting the call that he's wiped out. My mate lost 800 euro and never got it back.

I did get an email from them that shows the exact text I keep getting only it went into my spam folder and I only found it when I went looking for it after my mate got stung. They basically told him 'we sent an email, if you missed it, too bad'

Bank of Ireland have increased their security for clients greatly in recent times. I don’t use AIB so I can’t compare. All I know is you can’t simply clear out a BOI account quickly, there is a daily limit as to what you can draw out., and the app has extra authentication required per transaction.

People had previously complained on Liveline about how poor the security in BOI had been, and they duly got their act together. I’d love to know what the AIB experience is, ie are they still operating somewhat like BOI did.

redmissb

https://www.boards.ie/discussion/comment/118841775#Comment_118841775

That's a bit uncalled for, he knows he messed up..anyone can make a mistake.

HalfAndHalf

https://www.boards.ie/discussion/comment/118842093#Comment_118842093

Tbf there are countless adverts on all forms of media, this isn’t a new thing and the message is always ‘we will never contact you asking for personal or banking details’.

Granted, your son didn’t want the fall out from said mistake but expecting AIB to refund 4k due to it is also uncalled for.

Where do you think AIB would recoup all the costs from if they refunded everyone who made a ‘mistake’ after spending millions on advertising educational material to stop people making those ‘mistakes’. it would be in account charges to all other customers who have educated themselves on the unfortunate world we live in now.

It’s a harsh life lesson but he’ll have to take it and move on. He won’t do it again. (Hopefully).

redmissb

https://www.boards.ie/discussion/comment/118842144#Comment_118842144

I didn't say I expected them to refund him, just asked what the chances were as the person he spoke to on the phone said he should appeal the decision.

Ficheall

How did they get around the multi-factor authentication stuff?

The only reason I have ever done anything on my phone with AIB is because they've enforced MFA, with an app/text messages.

redmissb

https://www.boards.ie/discussion/comment/118842183#Comment_118842183

I'm not sure tbh, AIB are saying he clicked on a push notification and he's adamant he didn't.

steve-o

https://www.boards.ie/discussion/comment/118835811#Comment_118835811

It is now possible to stop misuse of sender ids. If the banks are still allowing their sender ids to be faked then they are in some part responsible

Ficheall

14 successive transactions totalling 4k to a new 'contact' on one verification code? Doesn't say much for the MFA.

Deub

what kind of transactions was it? Payment on a website or transfer via his bank account ?

from your OP, your son gave one verification code so I don’t think he can claim the first transaction. However, how were they able to complete the following 13 transactions?

redmissb

It was payment to a website crypto.com. Yes he gave on verification code, maybe they allowed the rest because they were all to the same website?

Deub

https://www.boards.ie/discussion/comment/118842212#Comment_118842212

How is it possible?

on the spam text thread, they say it is the responsibility of telecom companies to fix it. How could the bank fix this?

Deub

https://www.boards.ie/discussion/comment/118842317#Comment_118842317

That doesn’t seem very secure from AIB. I would contest the last 13 transactions saying I had never authorised them.

L1011

https://www.boards.ie/discussion/comment/118842212#Comment_118842212

That's not something the bank has any control over at all. Phone networks side of things.

The principle remains the same across the industry.

No bank will send you a link and ask you to enter sensitive information (passwords etc)

The most they'll do is ask you to sometimes confirm if a transaction is genuine (usually send a yes or no response)

The fake texts always come through on genuine message threads.

It's a harsh lesson to learn but they would be seriously out of pocket if they had to refund everybody who has been scammed.

HalfAndHalf

https://www.boards.ie/discussion/comment/118842212#Comment_118842212

This isn’t true. There is no way to stop spoofed texts or calls as yet.

HalfAndHalf

https://www.boards.ie/discussion/comment/118842328#Comment_118842328

I suspect the ‘verification code’ was contained in the spoofed text that was received.

crypto.com is a legitimate site so perhaps AIB don’t enforce MFA for that site.

BOI only ask me to approve in the app on some sites and usually ones I haven’t used before. Like footlocker the first time I used them but never since.

The simple fact is, banks have been telling us for ages now that they’ll never text or call asking for information or details or to do anything that involves moving funds. People should know this by now.

HalfAndHalf

https://www.boards.ie/discussion/comment/118842158#Comment_118842158

Your OP you say he did not authorise the transactions and that AIB are resuming to refund.

The thing is he did authorise the transactions as he clicked the link in the spoofed text and entered his details and the verification code. At that point the spoofers have all the details they need to do what they like. They acted fast enough as to clear the account before AIB’s algorithm flagged the account as possibly compromised.

I’m sorry for the lad and I know it’s not what you want to hear but there’s no responsibility for AIB to refund him.

It’s a hard lesson learned but hopefully it is learned. You said yourself you knew about these types of scams.

stopthevoting

https://www.boards.ie/discussion/comment/118842319#Comment_118842319

It is explained in this thread on the Bank of Ireland forum, from post 25 onwards:

https://www.boards.ie/discussion/2058214640/is-this-a-genuine-text-message/p1

redmissb

https://www.boards.ie/discussion/comment/118842659#Comment_118842659

The letter stated he authorised the transactions by clicking on push notifications, he says he didn't click on any push notification. Yes he logged in and entered one verification code.

Look I'm not saying AIB have a responsibility to refund him, it was an AIB staff member who told him he should appeal the decision so that's why I was wondering if anyone got a refund in similar circumstances. I'm not arguing that he's entitled or should expect a refund as you seem to be implying.

Yes I did say I know about these types of scams, not sure what difference that makes.

Ohmeha

How soon after your son entered his details on the fraudulent text were the 14 transactions processed on the account and how soon after all this did AIB contact him? Have AIB provided full information on the transactions, were they all instantly processed, were they sent to crytpo.com as SEPA, SWIFT transactions etc.?

All banks were required recently enough under PSD2 regulations to upgrade their fraud detection systems, obviously something was flagged after the horse had bolted. I would be quizzing AIB on all the above questions because if a fraudulent transaction is identified quickly enough before processing they can internally block transactions to fraudulent accounts held with external banks and with SEPA if its processed and caught on the same day a cancellation will reject the transactions back

redmissb

https://www.boards.ie/discussion/comment/118842816#Comment_118842816

AIB texted him an hour after transactions went out, it happened on Monday and they were pending till Thursday.

I'm not sure if they were SEPA etc,

HalfAndHalf

https://www.boards.ie/discussion/comment/118842762#Comment_118842762

Something doesn’t add up here.

If AIB are saying that your son authorised by approving the MFA push then if he hadn’t, the transaction would fail. That’s how it works. The bank is literally holding the transaction until you approve, if you don’t approve then it fails the transaction.

Without knowing more about what details he provided the scammers then for all we know the scammers were able to redirect the MFA pushes to themselves, if he’s provided the relevant info to sign into the app.

Again that wouldn’t be AIB’s responsibility.

Deub

https://www.boards.ie/discussion/comment/118842685#Comment_118842685

Thanks. I read the article and searched for some more. It says it is a collaboration with several stakeholders. It means that AIB on its own cannot stop these texts appearing as AIB messages. It also says that, in Ireland, 3 mobile operators are part it. There are 9 mobile operators so it will continue to happen to some customers unless all of them decide to take part of this process (to be honest, it should be mandatory).

kaymin

https://www.boards.ie/discussion/comment/118842762#Comment_118842762

The push notification is just to receive the SCA code - he must have sent this different code on to the fraudsters 14 times otherwise the transactions wouldn't have been authorized.

Jim2007

Mod Note: I have removed some posts that were a distraction and pulling the thread off topic.

Jim2007

https://www.boards.ie/discussion/comment/118843672#Comment_118843672

No disrespect to the OP, but I would not assume the original description to be entirely accurate, he is relating what he was told by his son. He did mention that at some point the son logged in and provided a code.

The bottom line is that the money is gone and unless the bank decides to make some kind of compassionate payment to a young customer I doubt it is coming back.

yoyopfk

Hi,

Same happened to myself on 15th of March.

I was on my way back home after the work, tired and got this message about security update. As it was shows up under AIB messages thread I did click on it and I was 100% sure I am in AIB online banking aplikation on my phone. So I've logged in and got confirmation code which I confirmed. it was around 4:30pm.

Then got finnal message says our system is down to updating security and only phisical payments can be done.

At the evening I went to Super Value do quick shopping and once I used my card got message if that was me spent 70 euro in UK. I typed no, and got another message saying somebody from card team will contact you.

As I suspected there is something not right I tried to log into my banking account and I couldn't.

10 min later I got phone call from Card Fraud Department, and after confirm security questions I've been told there is many transaction done under my account in UK for nearly 3500euro, and ask me if that was me using my card in Ireland. I confirmed. Also, find somebody put my account on hold.

I've been told all the transaction has been catch up so don't worry, money will be returned to my account in 48h, new card will be sent next day and I have to ring AIB to unfreeze my account.

As it was St.Patrick weekend I was waiting over the weekend for new card ( as I've been told by phone I can't do anything with account until will get new card ) I got the letter says 3 big transaction for nearly 4000 euro will be not refunded because I did authorised them via push notifications but I didn't.

Only small transaction has been returned so far( under 100 euro ).

Have been told to appeal the decision which I did via letter sent to AIB last Thursday and still didn't received any updates

redmissb

https://www.boards.ie/discussion/comment/118847495#Comment_118847495

I'm so sorry you were caught out too, I hope you get an update soon. My son sent off his letter yesterday so we'll see what they say anyway. Best of luck.

CreadanLady

The reason these scammers exist is because they have people queuing up to hand out their money. Seriously, anything coming in on text or email that gives a link and asks you for information is 99% a scam.

People need to wise the fúck up, it is the only way to stop it.

yoyopfk

https://www.boards.ie/discussion/comment/118850308#Comment_118850308

I hope it will never happen to You. As I was 100% they will never get me that way, until they will get into You in right time when there is too much thing on your head.....

yoyopfk

https://www.boards.ie/discussion/comment/118850239#Comment_118850239

Thank You.

Best of luck to Your son, too. He is not alone in this so i know that feeling well as many other people

CreadanLady

A simple rule to live by is to never engage with cold contact that is asking something.

Even whatsapps purporting to be from a friend or relative that are asking for something out of the ordinary. If there is doubt, ask them to ring you discuss. If it is legit, then there will no problem.

TuamJ

https://www.boards.ie/discussion/comment/118850543#Comment_118850543

I don't agree with the tone of some posts, bit harsh, buts it's clear from this thread and from the few people I know who also got stung that there needs to be an ad on telly/streaming platforms/online explaining to people how these scams work, how urls work etc... I get why you thought you were on their app but if you knew what a fake url looks like you never would have clicked. To some of us, a fake url is like a fire alarm. The AIB scam texts use urls like aib.auth-20 or aib543-online or online-aib-login etc... My mate did not know that AIB would never have a url like that, he didn't even cop it after he got hit and only understood why that was a huge red flag until i explained it to him.

So, it's not so much that idiots are ready to part with their money. it's that lots of people (inc young people) are using the internet every day but they do not know some of the basics of online security. They don't know that Amazon will never send you a link to amazon123.com, that an email coming from help@amazonsonline.com is not Amazon, that yourestaonline.ie is not the official US government website to get your esta. Even when they get hit they think it was an elaborate sophisticated scam and never learn that it's a blatant fraud trap easily identified by looking at urls and email addresses.

Seth Brundle

I would dispute that @TuamJ. People have been told not to click on links in texts and emails. People have been told by their banks not to assume that emails and texts are genuine. Most people would have received some form of written notification tucked in with their bank statement e.g. a flyer about not clicking on links. People have been told from various other sources about scammers.

And yet they still click the links, still enter their online login details and still have their money stolen!

In my own organisation, we've had various campaigns by IT about being vigilant and not clicking links in any mail that may be suspicious. We're warned about phishing scams, etc. but despite this, in internal phishing exercises where we make it somewhat obvious that its a dodgy mail, we still see educated people open the mails and follow links.

People are the problem and no matter how many times you tell them, there will always be some who put their finger on wet paint!

steve-o

https://www.boards.ie/discussion/comment/118843460#Comment_118843460

There are many mobile brands and virtual operators in Ireland, but there are only 3 network operators and all 3 are participating. AIB (and BOI) have no excuse if they don't register and protect their sender ids.

Deub

https://www.boards.ie/discussion/comment/118852676#Comment_118852676

Do you have a source to confirm all 3 main network operators are participating?

i see they mention high street banks without mentioning names.

steve-o

https://www.boards.ie/discussion/comment/118852766#Comment_118852766

It's on the announcement linked in the previous thread: "Supported by all 3 MNO’s"

https://www.boards.ie/discussion/comment/118852793#Comment_118852793

I doubt they'd make the details public, but I'd presume that messages using a registered sender id will be blocked unless they originate from the registered source

LordBasil

This happened to me.

Around 3 weeks ago, I got a message via my phone from 'AIB' advising me of suspicious activity. As it came from AIB or so I thought, I entered my details. The next night, around 1am, got a message via my app requesting authorisation for Just Eat purchases in GB Pounds which I refused. No money was taken out. The same thing happened the next night. I cancelled my card and ordered another. I got my new card last week.Then I got phone call from 'Derek' from AIB who wanted to check on suspicious transactions and make my online banking more secure. He was able to tell me my personal details and also the most recent transactions on my account so took it that he was genuine. I gave him my card details. He said he was gonna send me a codes via the app to verify/strengthen my online banking. He asked me to quote codes back to him and then told me to not check my online banking app for 30 minutes. He said he'd call me back in 30 minutes. I then received a text from AIB asking me to verify/approval for a revolut transaction for a small amount. I said no. I then checked my app and saw my account was cleared out with a high value purchase pending. I was left with a few euro. I started to panic and realised I'd been defrauded.

Luckily the AIB Customer Service Helpline was still open. I got through to the online banking section. The lady advised me that criminals can clone both AIB text number and the APP and that there was attempts to sign my account up to Apple Pay and Google Pay. She cancelled my new card and got me to change my banking login/ID numbers. I was then put through to the card payment section and explained what happened. The officer was able to cancel the purchases and advised me that money would be refunded, which it was the next day.

I was very lucky not to lose my money. Looking back there were some red flags that I didn't notice. I felt like such a gobshite. I'd advise anyone not to enter any details to any links sent from your 'bank'. Freeze your card on the app and call the bank directly as soon as you can if you receive suspicious messages. Do not engage any calls you receive from your 'bank'. It was a horrible experience, I wouldn't wish on anyone. I learned a valuable lesson. I won't make the same mistake again. I hope anyone who was robbed can get their money back.