There should be a way to verify the new email by authorising the change from the old email. If you don’t have access to your old email, then further checks should be made. Change email and add new payee within minutes should be a red flag.
5 Likes
Is this not the case? I’ve not changed my email with Monzo, but with other companies I’ve often received an email to the old address advising to click a link if I didn’t make the change.
1 Like
Interesting - I don’t use Starling enough to have ever seen this - but I’ve been saying for a while this type of implementation would be good within Monzo.
It’s similar in approach to how Apple verify support tickets, I believe - ‘enter the pin shown on your [iDevice] to continue’ style.
Isn’t the issue how do you stop people giving out the PIN over the phone? Even when people get a text saying don’t give this out to anyone, they still do.
2 Likes
I don’t know how they use it to be honest as I’ve never called them or been called by them, but there’s a rotating Customer Service PIN at the bottom of the Help page.
1 Like
The Starling customer service PIN is a 6 digit one-time PIN that changes every 30 seconds and is only used for calls.
1 Like
Because it’s a high stress panic situation.
Someone on the other end of the phone knows your name, dob, address etc. They sound professional and they are calling to help you, they are calling to try and stop your money disappearing. Money that you need to live and eat.
It’s very easy to say afterwards “But you should…” and “You shouldn’t have done…” but this isn’t being sold magic beans on your doorstep, this is sophisticated and well planned out.
3 Likes
I sorta kinda have stopped answering phone calls from numbers I haven’t saved in my contacts these days. Any stranger with anything really important to say to me can leave a voicemail message or send a text.
7 Likes
I get it, so there should be more automated security checks as I said. Like if you change your email and then add a new payee immediately. That should be an instant red flag.
1 Like
100% agree
yes 100% agree that we shouldn’t be providing the details at all costs, but when you are in that situation and there might be any panic happening, you don’t think straight …
A huge lessons learned for me! and hope for everyone reading this post
there has been a couple of breaches in the past years, one of them is Easyjet which i think is very major, other than that not too sure.
Agree on the tips thanks for sharing !
1 Like
This is one I got alerted of recently in May via HaveIBeenPwned. If a CRM database was breached, I can potentially see how such details are obtained - it doesn’t take too much to come across as having a credible amount of knowledge about you.
I can recommend checking out your email on HaveIBeenPwned if you haven’t already.
2 Likes
The only thing I would add to this is to call back via a different phone. As it is possible for it to look like you have hung up but when you call back you’ll be reconnected to them rather than your Bank I.e. if spoofing the number
5 Likes
Hi All,
Just to let you know, I am delighted to say that Monzo has reimbursed me the full stolen money!
Great support from Monzo team.
Regards
Malek
14 Likes
Monzo returned all your money? In less than a day? Without investigations?
No chances.
I waited longer for a reply in chat
1 Like
Not all chats are equal.
1 Like
I simply don’t belive in this story. Post created yesterday - Sunday. Sunday…
1pm on Monday all sorted money returned?!
1 Like
Why should it take longer than that? Banking is 24/7 for these sorts of issues.
2 Likes
Maybe… really nice if its true.
1 Like