Someone has attempted to defraud me - they didn’t get far but thought, like others have done, to write up what happened. Each one appears different so they more the share the more we can get a picture of what to expect.
At 6:15pm today, I received an SMS from Monzo (as in, it came up on my phone as being from them and appeared in the same conversation as legitimate SMS’ they’ve sent before). It told me…
A payment was attempted to a new payee, “R GOMES” on 09/09 at 18:14. If you did not create this payee, an agent will be contact with you urgently.
I smelt something was amiss immediately but checked my account and saw nothing there.
At 6:20pm, they called me (phone number 0800 802 1282). They called me “Mr David” and didn’t ask me any security questions to confirm who I was. They were immediately rumbled.
They told me that my account must have been compromised and that someone from Nottingham (which is where on forum profiles I say I live, although it’s not 100% correct) using a Galaxy Note had attempted to take that payment. They had therefore set up a new account for me and that I needed to transfer all the money from my existing account to this. They texted me the bank details (I’ve forward those onto Monzo, as it’s one of their accounts).
I told him I was onto him but he wouldn’t accept it. I hung up but he kept calling back. Over and over again. I blocked the number in the end.
Although I was onto him pretty quickly and easily I can certainly see why others do fall for it - we panic when we hear about people trying to get to our money and they present credible information (they know I’m a Monzo user and where I live, etc). How they’ve associated that to my phone number, however, is curious.
I’m assuming Monzo has not had a breach of some kind?
So sorry this happened to you and thankfully you realised who they were!
Just for some extra peace of mind Monzo (we) would never call you without arranging it first, especially not out of the blue. The only times I have seen us call without arranging or giving fair notice is when a callback has been requested.
I hope this help you or anyone else going forward, you can also check in the app if we are calling you!
What is the recommended procedure for preventing identity theft/fraud now then? These people have the goldmine of personal info. My name/address/date of birth/everything to set up direct debits / set up credit, take loans - anything! I’m getting paranoid now. How can I stop this whole thing from initiating?
You own & control your email account.
You own & control your mobile account.
So while phishers/hackers/numpties will always try to take control of these services - you own them.
They may have your email address. But if your account is secure, they shouldn’t be able to get access to it. So if they try and apply for something using the goldmine of personal info (email), you’ll be notified and they won’t. But if they get access to the email account, you’re in trouble as they can watch the account without you knowing and then start a switch to their control once critical info is gained. Get 2FA/MFA in operation NOW on all of your email accounts.
They may have your phone number. But (if your SIM hasn’t been compromised) they shouldn’t be able to access it. So if they try and apply for something using the goldmine of personal info (phone number), you’ll be notified and they won’t.
So long as you retain control by employing protection and not giving out means to gain access to your accounts - you’ll be OK. It’s all about vigilance.
