Three in five Which? members have experienced bank fraud and our latest investigation shows banks can be inconsistent when it comes to handling fraud claims.
We surveyed over 3,000 people about their experiences of card fraud and worryingly three in five (59%) had experienced fraud, with 64% of these having been targeted in the last two years. Encouragingly a quarter of cardholders lost nothing as transactions were blocked, but when money was taken, victims initially lost £624 on average for credit cards and £677 for debit cards.
Almost all victims got their money back eventually, and most banks reimbursed 64% of card victims within a week. However, 29% of victims in our survey were kept waiting between one and four weeks, with 7% waiting even longer.
We asked members to rate their credit or debit card provider’s overall response to dealing with bank fraud. Debit cardholders were, on average, less satisfied with the overall response from their provider with 81% saying ‘good’ or ‘excellent’, compared with 86% of credit card holders.
However, if consumers aren’t happy with how their complaint is being handled, they can refer it to the Financial Ombudsman Service (FOS). When we submitted a Freedom of Information request to the FOS, we found that around one in four complaints relating to fraud and disputed transactions are upheld in the customers’ favour. Barclays/Barclaycard were ordered to pay up in 56% of cases whilst 47% of Santander customers were wrongly denied compensation, compared with just 22% for NatWest.
The FOS told us that whilst it’s seen some improvements, in many cases banks have based their decisions ‘on a hunch’, without conducting a full investigation.
Which? executive director Richard Lloyd, said:
“With fraud rates on the rise, it’s encouraging to see the vast majority of victims got their money back. Banks have a duty to resolve cases of fraud quickly and can only delay a refund if there is suspicion of wrongdoing. If you’ve been denied a refund by your bank you should escalate your case to the Financial Ombudsman Service.”
Types of fraud:
- Remote purchase or ‘card not present’ – By far the most common type of fraud, with losses of £331.5m in 2014, remote purchase is when card details are stolen and used to buy things online, by phone or by mail-order. Which? view: A bank will never ask for your PIN or password over the phone or via email so never share this with anyone. Create strong passwords for use online, and don’t use the same one for every website you login to.
- Counterfeit (cloned/ skimmed) – When a fake card is set up using stolen details from the magnetic stripe on a card. Which? view: Don’t throw out anything (including cards) containing your name, address or financial details without shredding it first.
- Fraud on lost or stolen cards – These can be used online, over the phone or in shops that don’t have chip and Pin. Criminals also ‘shoulder surf’ to watch people enter their Pin and then use it more widely. Which? view: When the correct Pin is used at a payment terminal it doesn’t mean the bank can automatically refuse refunds. Experts at the University of Cambridge believe the chip and Pin system isn’t as fraud-proof as banks think. Ensure you always cover your Pin when you enter it.
- Card ID theft – This takes two forms: account takeover (where a fraudster infiltrates an existing account to order a new card and Pin) and application fraud (setting up a new account using stolen details). Which? view: No matter whether it’s a letter, email or a phone call, if it’s unsolicited never give anyone your PIN or password. Don’t do it, always assume it’s an attempted scam. You can also report the fraud using the Police’s fraud reporting service Action Fraud.
- Card non-receipt – When fraudsters steal mail to intercept a new/replacement card, then use it to commit card fraud and ID theft. Which? view: If you’re expecting a bank or credit card statement and it doesn’t arrive, tell your bank or credit card company. If you move house, ask Royal Mail to redirect your post for at least a year.
- Phishing – Phishing emails are sent by criminals posing as genuine companies such as a bank or HMRC. Clicking on a link can lead to a fake website. Which? view: Phishing emails or phone scammers will often try and get valuable personal data from you, and they can use this to steal your identity or steal your money. One customer complained to the FOS after losing £14,000 when criminals posed as the bank’s fraud department. The bank’s claims of gross negligence fell flat and it was ruled reasonable for the customer to have followed the fraudsters’ instructions in this case.
Notes to editors:
- Which? surveyed 3,339 members online in July 2015. 1,556 members had experienced card fraud on their credit card, 682 members on their debit card. Only those who had experienced card fraud in the previous two years (1,316 cases) were asked to provide detailed feedback on their experience.
- FOI data: Figures cover all disputed transactions for credit and debit cards which may include misplaced transactions, missing payments, ATM disputes and debits applied incorrectly by retailers. New cases don’t relate directly to the uphold rate, as resolved cases can include older cases, but the numbers are broadly similar.
- Our top tips on how to bank online safely, here: http://www.which.co.uk/
money/bank-accounts/guides/ how-to-bank-online-safely/ tips-to-protect-your-bank- account-against-fraud/
- Of credit card providers, John Lewis led the way, with 93% regarding it as ‘good’ or ‘excellent’ followed by M&S Bank at 92%. Barclays sits at the bottom of our table, with only 61% saying it was ‘good’ or ‘excellent’ and 15% rating it ‘poor’ or ‘very poor’. However, Barclaycard, the Barclays-branded credit card provider performed impressively, with 87% rating it as ‘good’ or ‘excellent’.