The scam begins with a call from someone purporting to be from your bank. The caller asks you to log into your account.
They then ask you to access another web address that offers a “live chat service” or “to verify your PC”.
In reality, this allows the fraudster remote access to your computer, your screen, and all your files and programs.
Finally, the caller will set up payments on your online banking, asking you to read out the one-time security code from your bank’s app to approve the payments.
The ‘live chat’ scam has been around for a while.
It was first reported in mainland Europe. It then spread to Britain and Australia and now it’s here.
Bank of Ireland last week warned its business customers to be vigilant. A few days later, AIB warned that fraudsters are now contacting people through a ‘bad actor’ or fake website, offering products that seem to be often from legitimate, well-known names in financial services.
The scammers share “sophisticated brochures and materials” that appear real, sending these to consumers using the real names and job titles from people in AIB or other banks.
After the victim signs all the relevant fake documents, they are then asked to transfer money to an account which they later realise does not belong to the genuine financial services firm but is in fact controlled by the scammer who now have their money.
The victim is often put under a degree of time pressure to act, for instance “to get the best rate of return”.
It’s then that their money is stolen — in some cases a person’s life savings.
Fraud is not new. It’s as old as mankind itself. But as security, detection, and awareness evolve so do the scammers.
Fifteen years ago, anyone with the internet was the target of people purporting to be from African royalty, commonly referred to as the infamous ‘Nigerian prince’ scam.
Largely targeting older people, the scheme involves a ‘monarch’ asking the recipient to transfer large sums of money in exchange for a share of their royal fortune.
Around the same time, landlines across the country started going ballistic with a wave of ‘Microsoft specialists’ eagerly offering free, unsolicited tech support. All the customer had to do to avail of this kind-hearted service was enter a few banking details here and there to help the caller fulfil their duty. What could go wrong?
Criminals back them followed a step-by-step guide on how to operate a scam but, with time, awareness, and infinitely more resources fraudsters in today’s world employ deception that is more targeted, more believable, and all the more damaging to the average working household and business.
The figures are eyewatering. Figures from Comreg (the Commission for Communications Regulation) show that scams costs Irish consumers more than €300m each year — €115m lost to scam text messages and €187m to scam calls.
In 2022, Comreg estimates there were close to 365,000 cases of fraudulent scams, 89m annoying communications and 31m distressing communications.
More than 5,000 businesses were victims of fraud.
Data from Fraudsmart, led by the Banking & Payments Federation Ireland (BPFI) for last year shows that fraudsters stole €85m from customers — with card fraud making up 95% of cases.
It found half of all adults experienced attempted fraud by text message.
Banking & Payments Federation Ireland head of financial crime Niamh Davenport warns that today’s scams are far more varied and sophisticated than any Nigerian prince fraud.
“Even as recently as 2017, the vast majority of fraud scams we saw were impersonating banks themselves,” Ms Davenport tells the Irish Examiner. “Now, it has gone the other way.
“While fraudsters will always target banks, the ones we’re seeing now also involve the impersonation of individuals, utility companies, phone providers and of course [M50 motorway toll operator] eFlow.
“There are so many different variations and because there is a chance that you may have missed a bill, or you were recently driving on the motorway, you’re not going to be as vigilant.”
Even for more tech-savvy technology users, Ms Davenport emphasises the extensive lengths that criminals will go to make a scam more believable and hence all the more damaging.
According to the financial crime chief, fraudsters will often scan all social media accounts belonging to a potential victim, gathering information on where they have recently been, where they may have spent money, who they were with, and what their future plans are — all to curate an email, phone call, or text message that sounds more personalised and more believable.
While many would never think criminals go to such dramatic lengths, Ms Davenport says they are far more thorough than one would assume.
“You have to understand the potential reward if a fraud proves successful. Very large sums of money can be transferred as part of a scam,” she says.
“Let’s say a fraudster does this for a large number of people. All it takes is one person to believe them. We have seen people put their entire retirement savings into fraudulent scams, minimum deposits could be as high as €25,000. One ‘reward’ can make even up to three months of background-gathering very profitable.”
Just recently, the BPFI reported that €85m was fraudulently taken from people in Ireland last year — an increase of 8.8% compared to 2021.
While the vast majority of these sorts of schemes are transnational, Ms Davenport stresses that fraud is very much a borderless and global issue.
Among those working within Ireland, fraudsters have targeted a number of specific cohorts, and not just older people. Businesses and young people have also been highlighted in the BPFI’s scam detection and alert platform, Fraudsmart.
Often targeted as potential money mules, young adults and teenagers as young as 15 have offered their bank accounts to fraudsters as a way to transfer and launder money, with the account holder keeping a portion of that money for themselves as payment.
According to Ms Davenport, the majority are recruited through social media. A recent report from the BPFI said that in the first half of this year more than 2,600 mule accounts — most of which belonged to 18- to 24-year-olds — had been identified. More than €17.5m of stolen funds were transferred through these accounts.
“This money is coming from successful scams,” says Ms Davenport.
“These transfers represent the eFlow text messages, the targeted investment scams, and banker impersonations.”
“This is not some victimless act — the money that students are transferring is funding human trafficking, drug trafficking, and organised crime. If only a lot more knew what they were enabling, I think a lot less would be happy to do it.”
The growth of artificial intelligence, in particular, generative AI — the software behind chatbots such as ChatGPT — could be a game-changer for scammers.
Gregory O’Hare, Trinity College Dublin professor of artificial intelligence and head of the School of Computer Science and Statistics, said that while it has the capacity to bring great benefit, AI can also be used in a more malevolent manner.
“It could absolutely be used for fraudulent purposes,” says Prof O’Hare, noting a number of ways AI could be used to assist in a scam.
He says generative AI and chatbots have the power to generate sophisticated dialogue, similar to the stylised scripts used by financial lenders, with Prof O’Hare also noting that fraud operations will no longer be bounded by the limits of human effort.
“You may have 20 people working a fraud operation, but there is an eventual limit on the amount of work they can do,” he says. “AI opens that up massively, meaning frauds don’t have to be constrained by its human headcount.”
Since economic crime records began in 2019, instances of fraud reported to the gardaí have more than doubled. Justice Minister Helen McEntee recently announcing a 21% increase in the resources provided to Garda National Economic Bureau since 2020 to tackle the growing problem.
However, as Prof O’Hare told a recent Oireachtas hearing: “The velocity of AI technology is alas fast exceeding the rate at which the law around AI can be framed.”
Read More