Omega Owners Forum
Chat Area => General Discussion Area => Topic started by: pscocoa on 09 January 2013, 15:36:13
-
Someone got hold of a letter destined for my company with a telephone banking code - letter never arrived here from the High St bank. I had not requested telephone banking for company accounts and so was not actually awaiting the letter in the first place. Yesterday someone walked into a Sussex branch of bank and transferred between our internal acounts a large 5 figure sum and then attempted to transfer out to a third party from our charitable donations account.
It failed at this point as the signature was poor and we do not have anything to do with that branch indeed all our banking is via internet. So fraud was picked up and we are trying to see the cctv for the person that tried to do the external transfer.
How could they effect the internal transfer? Answer - our sort code and account numbers are on web and signature of Chairman appears on scanned minutes of AGMs.
First time this has happened. Problem originates from the fact that bank decided to send telephone banking code to my office when it should have only been sent to myy home address and I had not requested said code for business accounts just for personal.
Anyway - no loss sustained thankfully.
-
Someone got hold of a letter destined for my company with a telephone banking code - letter never arrived here from the High St bank. I had not requested telephone banking for company accounts and so was not actually awaiting the letter in the first place. Yesterday someone walked into a Sussex branch of bank and transferred between our internal acounts a large 5 figure sum and then attempted to transfer out to a third party from our charitable donations account.
It failed at this point as the signature was poor and we do not have anything to do with that branch indeed all our banking is via internet. So fraud was picked up and we are trying to see the cctv for the person that tried to do the external transfer.
How could they effect the internal transfer? Answer - our sort code and account numbers are on web and signature of Chairman appears on scanned minutes of AGMs.
First time this has happened. Problem originates from the fact that bank decided to send telephone banking code to my office when it should have only been sent to myy home address and I had not requested said code for business accounts just for personal.
Anyway - no loss sustained thankfully.
Thank goodness for that and hopefully it wont happen again had a simular thing happen to me it tried to be posted to my work address on a Saturday even though the account was a personal one and the letter was addressed to my work but the internal documents were addressed to my home address lol :-\ so someone screwed up somewhere lol
-
It would not surprise me if this was an inside job.
Most company fraud is, but for your company to advertise so many details of their accounts is a very risky practice in this age of computer driven fraud. ;)
-
As we all know, the internet and computers are clevers little wotsits that very rarely cock up. But then you introduce humans and all manner of things go wrong.
-
Someone got hold of a letter destined for my company with a telephone banking code - letter never arrived here from the High St bank. I had not requested telephone banking for company accounts and so was not actually awaiting the letter in the first place. Yesterday someone walked into a Sussex branch of bank and transferred between our internal acounts a large 5 figure sum and then attempted to transfer out to a third party from our charitable donations account.
It failed at this point as the signature was poor and we do not have anything to do with that branch indeed all our banking is via internet. So fraud was picked up and we are trying to see the cctv for the person that tried to do the external transfer.
How could they effect the internal transfer? Answer - our sort code and account numbers are on web and signature of Chairman appears on scanned minutes of AGMs.
First time this has happened. Problem originates from the fact that bank decided to send telephone banking code to my office when it should have only been sent to myy home address and I had not requested said code for business accounts just for personal.
Anyway - no loss sustained thankfully.
No sympathy mate - thats just stupidity ::)
Just be glad that you didn't lose anything, and remove sensitive bank details from web site ;)
-
If the bank's letter did not contain details of the charity account, how did they know about it? If that is the case, then I would be asking the question who knows about the charity account? You were very lucky they were amateurish with professionals it would have been into a mule's account and disappeared before you could say missing.
When you remove your company bank details on your website, might I also suggest that you take down the sign in your front garden saying "The keys are under the front door mat" and also stop putting a note in the windscreen of your unlocked Miggy at Farnborough Main station, saying: "The keys are in the ignition for a quick getaway". ::) ::) ::) ::) :o :o :o :o
I always wary and only put my bank details on invoices for electronic payment from companies that I have built up a trading relationship with.
-
There's definitely more to this than meets the eye ???
There are far too many 'coincidences' in this scenario for me ::)
-
There are thousands of situations where sort codes and bank accounts are on web - all sorts of sales/events situations so that of itself is not the issue. The key to this is how a bank sent out a telephone banking code which did not arrive with the customer and customer was not in any case expecting it.
Hope we do find out more.
Nobody will nick the Omega from Farnborough. But I have had a car nicked from there 17 years ago but it was a year old Scorpio.
-
Unfortunately, if your bank details are on the web, then it is open to potential abuse, particularly when somebody has a grudge against the company, like setting up direct debits into mule bank accounts all transferred on the same day all withdrawn or transferred on from the mule account the same day, money gone.
There are many scammers on social networking, Skype and web dating sites who befriend people and then ask for a favour to use their bank account to transfer money, once they have the details that then becomes a mule account for the laundering of transfers and other sources of money.
I do know of much worse situations, but that is not something, I would discuss on an open forum. :-X
Personally, I would never publish my bank details on a website, but each to his own.
-
a year old Scorpio.
Nice :y
Without dwelling on it, or indeed asking too many questions, if someone wanted to transfer money out of your account to a third party, why do an internal transfer first? Assuming both these account details were readily available, then how would someone know to use the charitable account? Again, perhaps advertised on your docs, but ultimately, if they were able to carry out an internal transfer via tinterweb, why not just transfer the money out in the first place? Why bother risking a signature?
I have to add that I have no knowledge of business banking, and apologise if I am being ignorant in this respect. Just my thoughts :)
-
we think they were testing that the telephone bank code worked - if you get in you can transfer between your accounts no problem if you have sort code and account. It is when you set up third parties that the fun starts. What they had to avoid was trying to set up an external account and the bank would ring me (automated system) straight away to ask if we had proposed to set up this new payee.
They obviously knew this hence the attempt to forge a signature but in a bank branch we do not use and in a pattern completely different to how we do things. Online is the way we prefer obviously.
-
That makes sense, and I can't help feelng that some insider awareness was involved, particularly in light of what you've said.
It'll be interesting to see what the CCTV reveals ::)
-
As I posted before, this does appear to be an inside job, and the more facts are questioned, the more it does seem to be the answer.
I spent almost 35 fighting company fraud, working closely with police and in later years also involving our Security Department, staffed by ex-senior police officers.
In 99 cases out of 100 our company "wastage" was caused by insiders; staff who would steal, in those days, from £150 per week to one of our worst single cases, £30,000 in total (1970s). The latter involved a manager who was also an important London underworld figure who the Fraud Squad, Scotland Yard were after. Another involved £25K+ in the 1990s. Eventually we would catch them, and gain a conviction. But all were staff, and apart from burglaries or robberies that we sustained, the vast majority of our losses were "produced" by these people.
So yes, if you run a business of any type never trust anyone, and watch the staff who appear to be most "trustworthy" and hard working! Insiders will, if given the opportunity as I believe has happened in pscocoa's case, rob you blind! >:(
-
It would not surprise me if this was an inside job.
Most company fraud is, but for your company to advertise so many details of their accounts is a very risky practice in this age of computer driven fraud. ;)
The tax man sent me a letter saying that the tax rebate my accountant had requested on line was being processed!
Phoned the accountant to say the bank details on the inland revenue letter were incorrect, the reply letter in a roundabout said it was an" internal problem"
The missus by dinner time had already made a spending list!
-
I asked the bank about the CCTV and was told I had to formally get the police involved - which is fair enough. Looked on Met police website but not an obvious number to contact so did the non emergency call centre. My issue was logged and a reference number given and passed onto Met police. They phoned within about an hour and took details but started apologising almost immediately about police systems not being linked up. He gave me a Met Police reference number and said that he would now contact (Sussex town) the police covering the branch where the cctv is located who would become the lead for that part of the enquiry. All the info I gave he said would have to be faxed and rekeyed in by the other police force - no national police system. He phoned me back later with the Sussex police reference and also a reference number for Action Fraud which he said would "probably" become the main reference number.
Anyhow wheels now in motion to get cctv but it makes you wonder how they catch people if systems not joined up - can this be true in 2013?
-
I asked the bank about the CCTV and was told I had to formally get the police involved - which is fair enough. Looked on Met police website but not an obvious number to contact so did the non emergency call centre. My issue was logged and a reference number given and passed onto Met police. They phoned within about an hour and took details but started apologising almost immediately about police systems not being linked up. He gave me a Met Police reference number and said that he would now contact (Sussex town) the police covering the branch where the cctv is located who would become the lead for that part of the enquiry. All the info I gave he said would have to be faxed and rekeyed in by the other police force - no national police system. He phoned me back later with the Sussex police reference and also a reference number for Action Fraud which he said would "probably" become the main reference number.
Anyhow wheels now in motion to get cctv but it makes you wonder how they catch people if systems not joined up - can this be true in 2013?
Yes, as we do not have a national police force, although some systems are now joined up. ;)