In early February I was scammed by someone claiming to be my bank. They said fraudulent transactions had been made on my credit card, and I believed this to be genuine as this person had my card number, expiration date and CVC number.
They said they would send a cancellation code to my phone to stop the transactions, which I had to repeat back to them.
But that code turned out to be a one-time access code, which allowed the scammers to make a purchase online using my card.
The money was used to buy flights from the Flights Guru travel agency costing £3,005.
Flight Fraud: Someone booked £3,005 worth of flights using our reader’s card
I reported this to Flights Guru as soon as I realized it but it didn’t cancel the booking and just says the legal team is working on it.
My bank, First Direct, is refusing to refund me because I gave the scammers the one-time access code that allowed the transaction to proceed.
I have asked the bank to treat it as an Article 75 which they say will not happen as I have no proof of the purchase. Of course I can’t get this because I didn’t buy the flights. MT, by email
Helen Crane from This is Money replies: Unfortunately, scams are becoming more and more convincing – and fraudsters are finding new ways to trick people into handing over their money.
We are in the middle of a scam epidemic, with a total of £4 billion lost to scams by 2022 according to comparison site Money.co.uk – almost two-thirds more than the previous year. People of all ages and backgrounds can and do become victims.
Banks are trying to stay one step ahead of fraudsters by introducing increasingly stringent controls when people transfer money or make online purchases.
In recent years, they have introduced one-time access codes when buying things online.
These are sent to the customer’s mobile phone as a text message or in their banking app, and the customer must enter the access code into a widget on the website before the money is debited.
It should stop scammers since they don’t have access to the customer’s mobile phone – but as your case sadly shows, criminals are already getting wise to this tactic and finding ways around it.
After being told someone was trying to withdraw money from your account, you panicked and handed the code to the person on the phone who you thought was trying to help you – but ended up with a £3,005 hole in your bank balance .
Since the flights are booked on your card but with different names on the tickets, it is not a problem if they present a valid passport when they board the plane.
You told me that as soon as you hung up the phone, something didn’t feel right. You called First Direct and Flights Guru, but it was too late to stop the transaction.
You can’t use Section 75, because that protection is reserved for purchases that customers have legitimately made – but which fall short of expectations.
Should First Direct have refunded you immediately? There is an argument that it should.
Like most major banks, First Direct’s parent company, HSBC, is signed up to a voluntary code of conduct called the CRM Code, overseen by the Lending Standards Board, which requires it to pay back impeccable scam victims in certain scenarios.
But when a customer has handed over an access code to a fraudster, banks sometimes claim liability for the fraud and therefore decide not to refund.
In the banks’ defense is the fact that the text messages they send usually tell the recipient not to share the passcode with anyone – not even someone claiming to be from the bank itself.
I have contacted both First Direct and Flights Guru to try and get your money back.
Fake call: MT got a call from someone saying they were from her bank – but it turned out to be a fraudster using her card details who needed a one time access code to buy flights
Flights Guru responded quickly and I spoke to the commercial manager, Liam Brophy.
He said the reason the company didn’t refund you immediately was that it is often a victim of fraud itself.
He told me that sometimes customers call and ask to cancel a flight booking, and once their money has been returned, they also ask for a chargeback from their card company – meaning they get the money twice, at Flights’ expense Guru.
The limit for filing a chargeback claim is 120 days, so Flights Guru initially wanted to wait until that time had passed to refund you.
After I spoke with the company, you agreed to confirm in writing to the company that you would not file a chargeback claim, and Flights Guru issued the refund within a few days.
It was left with £155 to pay the costs it would incur for canceling the flights with the airlines.
Flights Guru also said to be willing to hand over the names on the booked tickets to your bank or the authorities. However, Brophy pointed out that there was a risk it could be a double scam where the fraudster also charged another unsuspecting party for the flight booking they made on your card.
After Flights Guru refunded you, First Direct contacted you. Since you handed over the access code to the scammer despite warnings in the text message, they unfortunately hold you liable for the fraud.
However, it has also agreed to refund you the £155 outstanding as a gesture of goodwill, meaning you’re all set now.
A spokesperson said: ‘Protecting our customers from fraud is an absolute priority for us and we are sorry to hear that MT has fallen victim to a fraudster. We fully investigate each case and take guidelines from the CRM code to ensure fair and reasonable results for our clients.
On this occasion, MT shared the one-time access code with a fraudster, which allowed the transaction to be processed. We understand she has now received a £2,850 refund from the tour company, and we have refunded the cancellation fee as a gesture of goodwill.
As this case shows, fraudsters are criminals who use a range of techniques to exploit their victims and convince them they are real. We would like to remind all customers that First Direct would never ask a customer for their one-time access code. We advise people to remain vigilant and always take note of fraud warnings.’
Online shoppers were urged to name rip-offs
Trick tactics: Government urges online shoppers to report retailers who try to entice them to spend more using bogus ‘selling’ and pressure tactics
With the cost of almost everything we buy continuing to rise, people are looking for a bargain more than ever.
That often means looking around online to make sure you’re getting the best deal – but unfortunately these deals are sometimes too good to be true.
The Competition and Markets Authority – a government agency that ensures companies play fair – wants shoppers to call out scammers if they see them, and has issued a a new website where they can report them.
It wants shoppers to tip it off about retailers using heavy-handed sales tactics and other sneaky tricks to get them to hand over more money.
These include misleading claims about price cuts or discounts, hidden taxes or fees, customers signing up for subscriptions they don’t want, or using fabricated customer reviews to make their products sound better than they are.
It also wants them to call out “urgency” tactics, which is when retailers try to close a quick sale by, say, telling customers there are only a few items left or having a countdown clock until when an “offer” ends.
I get a lot of complaints from readers about this kind of unscrupulous behavior, and I’m glad to see there’s now an easy way to address retailers.
Some links in this article may be affiliate links. If you click on it, we may earn a small commission. That helps us fund This Is Money and use it for free. We do not write articles to promote products. We do not allow any commercial relationship to compromise our editorial independence.