Earlier this month Pricewatch received a call from a man who identified himself as Darren and he had some very, very good news for us.
Apparently some bitcoin that we bought – or had won or been gifted – in 2017 had jumped in value and was now worth in excess of €130,000 but because of inactivity on the account the funds had been frozen and we needed to act quickly to unfreeze them.
Darren offered to send a mail ahead of starting a procedure to allow Pricewatch the account be reactivated “and after that we can withdraw the money,” he said.
“We can withdraw the money” was probably the only true sentence that came out of Darren’s mouth although the “we” was not me and him but Darren and his criminal buddies and the money was not some fictitious virtual currency but the actual real physical currency – such as it is – in my bank account.
As it happened, Pricewatch had a few minutes to spare so rather than delivering Darren a crisp expletive-laden message, we told him we were delighted and we encouraged him to tell us what we needed to do next.
He paused and said he would have to pass us to his supervisor.
“Wait one minute, don’t hang up the phone,” he said.
Like we’d do such a thing.
Seconds later another voice came on the line. “Hello can you hear me? It is Jimmy Hayes, the supervisor of Darren, how do I find you,” the voice said.
How do I find you? We were actually wondering the same thing. This was no random cold call. Darren and Jimmy Hayes had my mobile number – obviously – but they also knew my name. That might have lent legitimacy to the call but we were wise to the game – we have received many such calls in the past and while it is vaguely troubling to think that the Pope name and number is out there and being shared among ne’er do wells on the dark web as part of some class of database there is not a whole lot we can do about it.
Anyway, back to Jimmy Hayes. He explained that Darren was new “and had a bit of difficulties to explain your account so tell me Mr Conor do you have any questions or do you want me to explain it from the beginning?”.
We got him to explain it from the beginning, for the craic like.
Jimmy Hayes said we had created the bitcoin account on October 6th, 2017. We sounded a bit confused by this but he explained that while we might not have actually bought the bitcoin we might have won the 2.7 bitcoin or being gifted it as part of an online promotion – his answers were vague but, if you were the very trusting type, not entirely implausible.
Trust was important to Jimmy Hayes. In fact he told us that “transparency brings trust” as he continued to explain the steps we needed to take to get the bitcoin unfrozen, converted into real money and into our account.
When he said the mail he was sending with all the links we needed to follow to start the process was coming from a Gmail account we expressed surprise that a business would use the Google service.
He had his answer ready to go.
“Oh, you heard about that software problem with Microsoft? It means we can’t use our work accounts so I am using Gmail as a backup,” he explained.
Several times he sent the mail to us and several times Pricewatch said it had not arrived.
Eventually he smelled a rat and hung up leaving us annoyed that he had done so before we had been able to properly abuse him but mildly pleased we had wasted a good 10 minutes of his day.
While the scam that Darren and Jimmy were trying to perpetrate is pretty transparent when looked at in this context it is too easy to imagine people being conned by them – and they are. According to recent data from the Banking and Payments Federation Ireland, fraudsters stole almost €100 million from Irish consumers last year – an increase of 16 per cent on 2022.
Card fraud accounted for 95 per cent of fraudulent transactions, which amounted to a total of €35.2 million, or 36 per cent of the losses.
While other types of fraud had lower volumes, they saw more money being lost by consumers.
Unauthorised electronic transfers, where criminals steal victims’ mobile or online banking details and spend and transfer money without the account holder’s authorisation, accounted for only 3 per cent of the volume, but 34 per cent, or €33.8 million, of the losses.
Authorised push payment fraud, which happens when fraudsters trick consumers into sending money directly to an account controlled by the criminal through activity such as an investment, romance or bitcoin scams, makes up just 1 per cent of fraudulent transactions, but more than €18 million in losses, a significant increase compared with 2022 in both volume and value terms.
But in the coming days one particular scam will be circulating more than most – the accommodation scam.
A reader called Sarah contacted us with a flavour of how they can operate.
She recently moved to the Middle East from Ireland and was looking for accommodation but instead lost €1,600 to criminals
“I found a place to rent on an app and contacted the agent through WhatsApp, which is the way it is done out here,” she writes.
According to Garda figures more than 30 per cent of all accommodation fraud scams take place in August and September and last month alone – weeks before the peak season for the criminals – 12 people lost a combined total of more than €20,000 with the chances of any of that money being retrieved pretty remote
She was sent a link to a booking platform that she recognised that offered long-term rentals. To be sure she wasn’t being ripped off she contacted the platform directly and was told it all looked above board.
“I went ahead and made the payment. There was no sign of the confirmation number coming through and next thing I know the link I was using disappeared.”
It was a scam link and the criminals had cloned the booking platform and listed a bogus property in order to get her money.
Her credit card provider was “no help whatsoever” as she had authenticated the payment but only because the booking platform had advised it was a genuine listing.
“I am at my wits’ end now trying to resolve this as no one is helping and I cannot financially afford to pay back my credit card of over €1,600.”
While that accommodation scam involved a non-existent property in a different country, there will be criminals on the prowl across Ireland looking to exploit students scrambling for a place to call home ahead of the start of the autumn term.
According to Garda figures more than 30 per cent of all accommodation fraud scams take place in August and September and last month alone – weeks before the peak season for the criminals – 12 people lost a combined total of more than €20,000 with the chances of any of that money being retrieved pretty remote.
The Competition and Consumer Protection Commission (CCPC) has issued a warning to students and their parents and highlighted some of the red flags people should watch out for anyone on the hunt for a home, they are worth bearing in mind.
If a landlord claims to be out of town or says they are living abroad so cannot show the property in person, people should be very, very cautious. Scammers will also often request a deposit and possibly the first month’s rent upfront without showing you a lease. But the criminals have other tricks up their sleeves and may send false contracts or fake keys to make the scam appear legitimate.
The CCPC also reminded would-be renters to watch out for properties that seem too cheap for a particular location, warning that if a price seems too good to be true it probably is. It also says that properties should always be visited in person with the keys tested before even considering handing over any money.
But even someone who follows all these steps can still be conned out of significant sums of money and we have heard stories of criminals showing properties they do not own – ones they themselves have rented on a short-term basis – before drawing up bogus contracts, giving the victims the actual keys in return of significant upfront deposits before disappearing into the night leaving the victims to pick up the pieces.
How scammers find their victims
While those in the market for rental properties are going to be targets in the weeks ahead, scammers target almost all of us, with 94 per cent of people having had at least some interactions with criminals of this type at least once over the last 12 months, according to figures from Bank of Ireland.
The most common way is by text message (89 per cent), followed by phone calls (75 per cent) and emails (65 per cent), with fraudulent WhatsApp messages growing in prevalence (39 per cent).
When asked whether feel felt personally at risk of financial fraud, 43 per cent of people rated themselves as having little or no risk of fraud in the next six months, climbing to 52 per cent in the 18-30 age category, showing a high degree of complacency or overconfidence.
One area of growing concern is investment fraud, with the volume of investment fraud attempts surging by 76 per cent in the first six months of the year compared with the same period in 2023.
The majority of investment fraud cases begin on social media, with customers then receiving phone calls and messages to continue the scam
The scam unfolds when fraudsters, posing as legitimate firms, offer consumers investment opportunities on social media or in a sponsored search result with a common tactic that promises high returns after which people are put under considerable pressure to commit to the investment opportunity quickly.
The majority of investment fraud cases begin on social media, with customers then receiving phone calls and messages to continue the scam.
The practice of re-targeting customers is also a growing trend and it sees the ruthless fraudsters contact a person who has already been a victim and pose as someone trying to help them recover their money.
As with the rental scams, there are certain red flags that people should be watching out for.
As anyone who has ever had dealings with a financial institution will know, their channels of communication can be poor so if your receive a call almost immediately having clicked an investment product advert on social media or in a sponsored search result that should serve as a warning, as should promises of quick and profitable returns with little or no risk.
And anyone who is putting pressure on you to act quickly or risk losing out or encouraging you to keep details of the transactions secret is almost certainly not acting in your best interests.
“The growth in investment fraud attempts is the most concerning trend we are seeing at the moment,” said Bank of Ireland’s head of fraud Nicola Sadlier. “The level of highly personalised targeting of consumers continues to grow year on year, and everyone needs to be on their guard. When it comes to this serious criminal activity, there is no room for complacency. Being alert to the red flags – including too-good-to-be true returns and pressure to act quickly – is vital.”
Ten scams to watch out for
1: Hotel bookings hijacked. According to British consumer magazine Which? “weak hotel email and booking systems are being targeted by hackers to send troublingly plausible messages to holidaymakers”.
We have heard from readers who have fallen victim to such scams so know it is happening here too.
Criminals breach hotel security systems and get access to databases to extract guests’ contact and booking details, which allows them to send fake messages, texts or emails.
The victims are particularly vulnerable because unlike the blanket phishing or smishing scams we have frequently highlighted those being contacted actually do have bookings with the hotels in question so are far more likely to believe the contacts are legit.
Which said it was “particularly concerned about Booking.com scams. We had 20 reports about these last year and 40 in the first three months of 2024. Typically, messages claim there’s a problem with your payment, before asking you to ‘verify’ or ‘update’ your card details on phishing sites designed to look like Booking.com,” the magazine said.
2: Bogus broadband provider scams. Emails or messages from your broadband or phone company offering upgrades, refunds or other tech improvements can hit people hard, particularly if they are actually having issues with their provider or would be in the market for an upgrade.
3: Fake ads and dodgy subs. This scam is very, very common in Ireland. People are encouraged by social media ads to buy products which turn out to be non-existent or shoddy knock-offs or sign up to subscription services that fail to deliver anything they promise. One sinister tactics sees criminals place stickers of fake QR codes over genuine ones in car parks, restaurants and on posters and instead of bring people to legitimate sites, the dodgy codes take them to ones with the sole aim of stealing their money.
4: Account hacks. We have heard far too many stories of people who have inadvertently given criminals access to their bank accounts by following links or be duped by cold callers. The speed at which criminals can drain accounts is terrifying. The bottom line is never follow links in text messages or emails and always be very, very suspicious of anyone calling you out of the blue – or even after you have received a rogue text message – claiming to be from your bank or other service provider.
5: Investment fraud. We have heard from a great many people who have lost money after being duped by criminals promising significant returns on investment. What is most troubling is that most of those who are caught out are those who are financially vulnerable and so more likely to suspend their disbelief in order to find a way out of a financial predicament.
6: Invoice scams. Criminals sending apparently innocuous mail to a company or individual in a business which looks like it comes from a supplier they deal with. The email asks for no money and is just an administrative alert to let the recipient know that the bank details for the supplier have changed. Payment systems are updated. Weeks or months pass before a legitimate invoice from the supplier arrives and is paid, but to the wrong bank account.
7: The chief executive scam. Scammers use the likes of LinkedIn to find out who the chief executives and senior financial staff are in companies. Then they send bogus emails purporting to be from senior executives to financial staff instructing them to transfer money into numbered bank accounts. The mails say urgency and secrecy are important and are addressed to a named individual and are from a named employer.
8: The Wangiri fraud. This sees scammers leaving missed calls from mysterious numbers on mobile phones. When calls are returned they are diverted to premium rate numbers overseas to the victim’s cost.
9: Phishing scams. Any email from a bank, the National Lottery, Netflix, Revenue or eBay or whoever asking for key details, such as passwords or bank account numbers, so they can update accounts with enhanced security features or send money is to be treated with extreme caution. No reputable organisation will ever contact anyone in such a way.
10: The Microsoft scam. Calls come from people claiming to be from Microsoft offering to fix a deadly virus on the target’s computer for a small sum of money. Sometime the scammers look to take control of computers remotely, sometimes they look for sensitive financial details. They are always bogus calls.
