After chatting on WhatsApp about the latest series of Ozark, Paula Leonard’s* daughter broached a difficult topic: she needed two bills paid, as she was locked out of her online bank account after getting a new phone.
Leonard immediately moved to help her US-based daughter as she has done in the past.
“There was this chit-chat and a lot of use of the word mum,” she says. “I think that was so clever because you have a Pavlovian response to ‘mum’ from your children. That gets you.”
Over the next hour she arranged two bank transfers to the same account – one for £1,523 and another for £1,345.
It was when there was a request for a third sum of £1,276, and a claim that bailiffs were threatening action, that Leonard, 75, realised there may be a problem. “While I was texting her, I emailed her and got a message back to say ‘That isn’t me mum, it must be a scam.’”
It was then that she phoned the bank.
Leonard is a victim of the latest form of fraud to balloon online, in which people are contacted by fraudsters claiming to be members of their family, who say they have lost their mobile and also access to online banking to pay bills.
Lloyds Bank says the number of cases reported by customers soared by the end of last year, with victims losing an average of £1,950 each.
When Leonard tried to ring the number during the scam, there was a crackling line, then a text message arrived saying “I think my mic is broken”.
When she did not respond to the final demand, the criminals continued with “Mum?” and “Is it done?”.
Then Leonard received texts from another number, with a photograph of a woman, saying: “I’m really sorry that my son Joshua has done this to you, and I’ll do what I can to get the money back.” She regarded this as an attempt by the fraudsters to reopen communication.
Impersonating family members is a new tactic by criminals to undermine people’s mental safeguards against being defrauded, says Jake Moore, a cyber-security advisor at internet security firm ESET.
“These scammers are well aware that if you can add the psychological element into a scam, they work far better than the previously used phishing emails thrown out as a net, where maybe they would see 3% to 4% of a return,” he says.
“When you are being called mum or dad, that is what many people would have in their phonebook. Preying on the heartstrings by saying they have lost their phone – it fits in with what is very likely.”
Moore says that it is easy for criminals to obtain a database of names, phone numbers and dates of birth through the dark web and social media channels.
Charlie Shakeshaft, founder of Individual Protection Solutions, which aims to warn against scams, says fraudsters trade information on potential victims, including so-called “sucker lists” of people who have fallen for these crimes before. From there, the criminals can identify age groups of people who may have children of university age and who, for example, might ask for money.
Typically, the conversation on WhatsApp, or via text message, is started by an automated bot, and then forwarded to a human who can communicate with the victim if they engage, says Moore. “Some can take weeks because they believe that, if they can really dupe those people, it might be worth it,” he says.
This method is particularly sinister, says Shakeshaft. “People’s natural instinct is to worry about their child and to prey on that, in order to steal money from a victim, is pure evil.”
Leonard says that the loss of almost £3,000 hurts financially, but is also infuriating for someone who considers herself self-sufficient and aware of threats. “It has hit my confidence and my pride,” she adds.
She says that her banking app has a warning when transferring money to be aware of scams, but she continued with the payment as the request for cash was similar to what her daughter had asked for in the past.
Nationwide, where she holds her account, told Cash that it would be giving a full refund “given the individual circumstances of the case”. It says that since there were warnings on the app, the building society had fulfilled its obligations under the contingent reimbursement model (CRM), a code of practice designed to give victims fairer and more consistent redress.
“When making a decision to refund, we take into account a range of factors, including whether it was reasonable to believe the situation the member found themselves in.
“In this case, her daughter lives abroad and is in the process of moving back home. Her daughter has previously received money from her mother. Therefore, a request like this was not unusual.”
WhatsApp says that the company launched a campaign last year entitled “Stop. Think. Call”, encouraging people to pause and consider whether unusual, or urgent, requests for money, appear strange and to call a person before transferring any funds.
“We have designed WhatsApp to protect people from unwanted contact, which is why, whenever you get a message from someone who isn’t in your contacts, we ask if you want to block or report them. We then review reports for abuse, and if we find an account has breached our terms of service, we will ban it,” it says.
“We use a combination of techniques to enforce our policies and prevent abuse, including machine learning techniques to tackle fake accounts and fraudulent activity, and we assist law enforcement with their investigations in response to valid legal requests.”
The company advises people who receive a suspicious message to ask for a voice note to verify that someone really is who they say they are.
Lloyds warns people to be wary of any number that is not already in their contacts, and to try the original stored number of the person who is apparently making contact.
HSBC, Britain’s largest bank, has also highlighted the growing number of victims of the fraud. “WhatsApp is typically the platform we are seeing this happen on, more often than not,” says the bank.
The Lending Standards Board (LSB), which oversees the CRM, says organisations have to work together. “Other sectors need to come together with financial services providers and understand where the danger spots lie within the customer journey, so that each organisation can take responsibility for intervention at the right point,” said chief executive Emma Lovell.
* Name has been changed