Don’t be duped into disclosing bank security information, the SRA is warning following reports of more firms being targeted by telephone con artists.
The reports involve at least two incidents this month where telephone fraudsters posed as bank representatives. This follows on from four firms being targeted in November last year which prompted another SRA warning.
The callers use refined techniques to gain the confidence of those they call – known as social engineering – and obtain information enabling them to access accounts. They ask for “challenge and response” codes, which are then used to authenticate payments and in some cases digital banking log on and password credentials.
Robert Loughlin, Executive Director of Operations & Quality, said: “We are very concerned about this increase in activity. The con artists are highly sophisticated in their approach and their script makes them sound as though they are genuinely who they say they are, even though what they are doing is trying to obtain confidential information.
“It’s not just ourselves at the SRA who are concerned about this increase in activity. Time and again solicitors across England and Wales are raising it as a serious issue during our discussions with them.”
Banks will never ask for passwords or account related details over the phone. If employees are concerned about the authenticity of a caller, they should terminate the call and make further enquiries.
To validate callers, firms should contact somebody they already know at the bank, using a separate telephone line, eg a mobile line. There have been examples of the scammers keeping telephone lines open, to intercept an outgoing call.