Which? has said that some banks – including HSBC, Lloyds, Santander, TSB, Nationwide, and Virgin media – are leaving customers at risk of falling prey to fraudsters by failing to implement sufficient anti-fraud protections.
The consumer champion’s investigation centred on spoofing, a form of infiltration where fraudsters impersonate companies such as banks to make customers unwittingly hand over account details and other sensitive information.
Watchdog Ofcom estimates that 40.8 million UK adults have received a suspicious call or text in the last three months.
In its investigation, Which? made calls to a test phone, spoofing the numbers of 14 current account providers.
Which? found that at least one phone number from the six banks was successfully spoofed.
To make it harder for fraudsters to impersonate them, Which? advised companies to sign up to regulator Ofcom’s ‘Do Not Originate’ (DNO) list, a shared resource with telecoms providers to help them identify and block calls from numbers that are most likely to be spoofed.
The DNO list maintains a record of phone numbers genuine firms or agencies use to receive calls but never make them.
Commenting on the findings, Rocio Concha, Which? director of policy and advocacy, said: “Number spoofing is a particularly malicious form of fraud used by scammers to deceive their victims – and our research shows some banks could potentially be leaving their customers at risk.”
She added: “Spoofing is all too common in APP fraud, where victims continue to lose potentially life-changing amounts of money and still face a battle to get their money back.”
Responding to the investigation, the banks which had numbers spoofed thanked Which? for bringing them to their attention.
A spokesperson for Santander said it aimed to include all inbound-only customer service phone numbers on the ‘Do Not Originate’ (DNO) list, adding that while it provides some protection against spoofing, it is not 100 per cent comprehensive.
Lloyd's advised telecoms firms to address technical gaps in their systems as "banks can’t solve the problem of number spoofing alone", while HSBC, TSB, Virgin Media, and Nationwide said they are participants of the DNO scheme.
Recent Stories