0:00:02 > 0:00:04We asked you to tell us what's left you feeling ripped off,
0:00:04 > 0:00:07and you contacted us in your thousands.
0:00:07 > 0:00:10You've told us about the companies you think get it wrong,
0:00:10 > 0:00:12and the customer service that's simply not up to scratch.
0:00:13 > 0:00:16I've complained and complained and nobody takes any notice of me.
0:00:16 > 0:00:19In all honesty, I think it's just a way for the shops
0:00:19 > 0:00:20to make more money.
0:00:20 > 0:00:23You've asked us to track down the scammers who stole your money
0:00:23 > 0:00:26and investigate the extra charges you say are unfair.
0:00:26 > 0:00:28You don't want to spend any more but yet they're always trying to
0:00:28 > 0:00:30offer you little things extra.
0:00:30 > 0:00:33And when you've lost out but nobody else is to blame,
0:00:33 > 0:00:36you've come to us to stop others from falling into the same trap.
0:00:36 > 0:00:39Rang up the company and they went, "Oh, it isn't our fault."
0:00:39 > 0:00:40So whose fault is it?
0:00:40 > 0:00:44So, whether it's a blatant rip-off or a genuine mistake,
0:00:44 > 0:00:46we're here to find out why you're out of pocket,
0:00:46 > 0:00:49and what you can do about it.
0:00:49 > 0:00:53Your stories, your money - this is Rip Off Britain.
0:00:55 > 0:00:57Hello and welcome once again to Rip Off Britain,
0:00:57 > 0:00:59where today we're doing our best
0:00:59 > 0:01:02to beat the scammers trying to trick you out of your cash,
0:01:02 > 0:01:04by arming you with all you need to know
0:01:04 > 0:01:07as to how to spot them coming. Now, the team in our office
0:01:07 > 0:01:08has been working really hard to try
0:01:08 > 0:01:11and keep abreast of the fraudsters' latest tactics, which,
0:01:11 > 0:01:14I have to tell you, are growing more audacious and shocking than ever.
0:01:14 > 0:01:16Yes, you know, every series,
0:01:16 > 0:01:19the scams we look at seem to get more sophisticated,
0:01:19 > 0:01:20so to try to understand
0:01:20 > 0:01:23exactly what's gone on and at what point alarm bells
0:01:23 > 0:01:25should've rung isn't always easy,
0:01:25 > 0:01:28and that's especially true of the stories we'll be looking at today.
0:01:28 > 0:01:31And I tell you what, you'll think twice about your own security
0:01:31 > 0:01:33after hearing how, in one case,
0:01:33 > 0:01:35scammers were able to get into
0:01:35 > 0:01:38not one but five of the same person's bank accounts,
0:01:38 > 0:01:40which of course is a reminder
0:01:40 > 0:01:42that it's not just down to all of us to keep our money safe,
0:01:42 > 0:01:45but the banks have a responsibility, too.
0:01:45 > 0:01:47So, we're going to be looking into what they're doing
0:01:47 > 0:01:49to make sure that our money stays safe.
0:01:51 > 0:01:53Coming up - how crooks used a new scam
0:01:53 > 0:01:57linked to her phone to find their way into this woman's bank accounts,
0:01:57 > 0:01:59and she had no idea they'd done it.
0:02:00 > 0:02:03Someone going into your bank accounts...
0:02:03 > 0:02:06I can't think of anything more personal.
0:02:06 > 0:02:11And I can't get past that feeling that somebody has...
0:02:11 > 0:02:15Has seen how I conduct my life.
0:02:15 > 0:02:16And, "Hand over your cash
0:02:16 > 0:02:19"or you'll never see your precious files again" -
0:02:19 > 0:02:23what to do if scammers hold your computer to ransom.
0:02:23 > 0:02:26I decided that I wasn't going to give in to these cyberterrorists,
0:02:26 > 0:02:30these people bullying. They're not going to get my money.
0:02:34 > 0:02:36Every year on Rip Off Britain,
0:02:36 > 0:02:39we tell you about the latest tricks and tactics that are being used
0:02:39 > 0:02:43by scammers who are dead set on getting their hands on your money.
0:02:43 > 0:02:47And every year we tell you what to look out for to avoid being stung.
0:02:47 > 0:02:50Well, of course, as the nation gets wise to their tricks,
0:02:50 > 0:02:54the scammers also - unfortunately - seem to be one step ahead,
0:02:54 > 0:02:57developing new and ever more audacious ways
0:02:57 > 0:02:59of conning us out of our cash.
0:03:02 > 0:03:05No sooner is one scam exposed than another pops up to take its place.
0:03:07 > 0:03:09And we've been keeping you up to date
0:03:09 > 0:03:12with the fraudsters' latest tactics for years.
0:03:15 > 0:03:18Several times we've warned you about how they've been able to
0:03:18 > 0:03:21keep your phone line open when you thought they'd hung up.
0:03:21 > 0:03:24I feel that people have got to know about this business of being able
0:03:24 > 0:03:28to hold the phone line open, which is where I feel I slipped up.
0:03:28 > 0:03:32Next we revealed that criminals had started hijacking
0:03:32 > 0:03:35genuine phone numbers to make an unexpected call
0:03:35 > 0:03:36look reassuringly familiar.
0:03:36 > 0:03:40The number that showed up on my phone
0:03:40 > 0:03:44was the same number as the back of the Santander card,
0:03:44 > 0:03:47and that convinced me he must be from the bank.
0:03:47 > 0:03:51And in our last series, we showed you how you could even be
0:03:51 > 0:03:54tricked into thinking you were working for the police
0:03:54 > 0:03:56in an elaborate con that once again
0:03:56 > 0:03:58is all about getting your bank details.
0:03:58 > 0:04:00To use that term so many times -
0:04:00 > 0:04:03"Don't forget you're working undercover."
0:04:03 > 0:04:06But, as the scams keep evolving,
0:04:06 > 0:04:09it's estimated that as much as £755 million
0:04:09 > 0:04:12is stolen from British bank accounts every year.
0:04:14 > 0:04:16And now there's a new twist,
0:04:16 > 0:04:18because retired civil servant Mary Edgely
0:04:18 > 0:04:21was targeted by a scam you will not see coming,
0:04:21 > 0:04:25and she's not someone you'd expect to be caught out.
0:04:25 > 0:04:29She's always tried to keep her bank account secure, and she's convinced
0:04:29 > 0:04:32that her vigilance has proved essential to protecting her money.
0:04:33 > 0:04:39I would say I'm deeply suspicious of calls and rogue e-mails.
0:04:39 > 0:04:43I'm very, very careful about personal security,
0:04:43 > 0:04:45and part of that is because I've been on the internet
0:04:45 > 0:04:47for about 20-odd years now.
0:04:47 > 0:04:50I've been on internet banking and I've found it
0:04:50 > 0:04:52a great blessing, but not now.
0:04:55 > 0:04:59The first inkling that Mary had that scammers had her in their sights
0:04:59 > 0:05:00was when, out of the blue,
0:05:00 > 0:05:04she was called by her credit card provider Tesco Bank.
0:05:04 > 0:05:06Following the advice that we've often repeated,
0:05:06 > 0:05:09she refused to believe the call was genuine
0:05:09 > 0:05:11until she had called back to check.
0:05:13 > 0:05:15In terms of calls,
0:05:15 > 0:05:19I will not answer anybody who rings me and wants
0:05:19 > 0:05:20to take ME through security.
0:05:20 > 0:05:23They phoned me - how do I know who they are?
0:05:24 > 0:05:27But when Mary called back, the bank had some bad news.
0:05:27 > 0:05:29Someone had tried but failed
0:05:29 > 0:05:33to transfer £5,000 from her credit card.
0:05:33 > 0:05:38Fortunately, the security was tight and they had, for whatever reason,
0:05:38 > 0:05:40been suspicious.
0:05:40 > 0:05:42I suppose, if I'm being honest,
0:05:42 > 0:05:44the fact that this hadn't gone through
0:05:44 > 0:05:46was actually quite reassuring.
0:05:46 > 0:05:49But the fraudsters hadn't stopped there.
0:05:49 > 0:05:53When Mary logged on to check another of her accounts at Santander,
0:05:53 > 0:05:58she saw to her horror that they'd found their way into there, too,
0:05:58 > 0:05:59and this time more successfully.
0:05:59 > 0:06:04Twice someone had managed to transfer sums of around £5,000.
0:06:04 > 0:06:06This was the shock.
0:06:06 > 0:06:09They'd been into my Santander accounts
0:06:09 > 0:06:11and tried both of my credit cards.
0:06:12 > 0:06:14Over the next 24 hours,
0:06:14 > 0:06:18all Mary's bank accounts were bombarded with requests for
0:06:18 > 0:06:21balance transfers that she did not make.
0:06:21 > 0:06:24In total, the fraudsters tried to remove over £22,000
0:06:24 > 0:06:29from her various accounts. But, thanks in part to her swift action,
0:06:29 > 0:06:30containing what was happening,
0:06:30 > 0:06:34they didn't get their hands on any more than that initial ten.
0:06:34 > 0:06:36I phoned everyone I had a credit card with,
0:06:36 > 0:06:40everyone I had a bank account with, and told them to freeze accounts.
0:06:40 > 0:06:43I stopped everything dead at that point.
0:06:46 > 0:06:49To make matters worse, when trying to call her banks,
0:06:49 > 0:06:52Mary had realised that her mobile phone wasn't working,
0:06:52 > 0:06:55and I'm afraid that was no coincidence.
0:06:55 > 0:06:58Because when she contacted Vodafone to find out what the problem was,
0:06:58 > 0:07:02it gradually became clear that the fraudsters had managed to access
0:07:02 > 0:07:04her mobile phone account as well,
0:07:04 > 0:07:08and in fact that had proved the key to the entire scam.
0:07:10 > 0:07:14During the course of that chat, the person responding made reference to,
0:07:14 > 0:07:16had I not got the SIM?
0:07:17 > 0:07:20"I don't know what you're talking about, what SIM?"
0:07:20 > 0:07:24Vodafone told Mary that her phone wasn't working because,
0:07:24 > 0:07:26as she had apparently requested,
0:07:26 > 0:07:30they deactivated her SIM card and sent out a new one.
0:07:31 > 0:07:34But Mary never had requested a new SIM.
0:07:34 > 0:07:38She immediately realised it must have been the scammers,
0:07:38 > 0:07:42and to do it they would have had to bypass the security
0:07:42 > 0:07:45on her Vodafone account, something Mary now realised
0:07:45 > 0:07:47was actually not that hard.
0:07:47 > 0:07:49Several people would know my mother's maiden name.
0:07:49 > 0:07:52I'm sure several people would know my date of birth.
0:07:54 > 0:07:56With the answers to simple questions like that,
0:07:56 > 0:07:58it would've been relatively easy
0:07:58 > 0:08:03to reset Mary's account and transfer her number to a new SIM card.
0:08:03 > 0:08:06They could activate a blank SIM in my name.
0:08:08 > 0:08:12What that did - and here's the real puzzle -
0:08:12 > 0:08:18is that gives them the ability to go into bank accounts.
0:08:22 > 0:08:25The reason taking over Mary's phone number was so essential
0:08:25 > 0:08:28to the scammers' plan is that, these days, most bank accounts
0:08:28 > 0:08:31come with an additional layer of security,
0:08:31 > 0:08:35requiring the account holder to use a unique passcode for each
0:08:35 > 0:08:38online transaction, and that passcode
0:08:38 > 0:08:40is usually sent out via text message.
0:08:40 > 0:08:45So, getting hold of her phone number and those vital text messages
0:08:45 > 0:08:47was enough to help the fraudsters gain access
0:08:47 > 0:08:50to what they really wanted - Mary's money.
0:08:50 > 0:08:52Someone going into your bank accounts...
0:08:52 > 0:08:54I can't think of anything more personal.
0:08:56 > 0:09:00And I can't get past that feeling that somebody has...
0:09:02 > 0:09:05Has seen how I conduct my life.
0:09:05 > 0:09:09They've seen who I do business with, they've seen who I pay bills to,
0:09:09 > 0:09:12and, of course, in doing so they're seeing
0:09:12 > 0:09:14whatever other accounts that they could access.
0:09:18 > 0:09:22Mary was lucky. Because there was clear evidence of fraud,
0:09:22 > 0:09:25her bank gave her the stolen money back,
0:09:25 > 0:09:28but fundamental to the success of this scam was that the criminals
0:09:28 > 0:09:31had been able to get hold of just enough of her details
0:09:31 > 0:09:35to find their way through various identification checks,
0:09:35 > 0:09:37and as Mary's prided herself on
0:09:37 > 0:09:39always being so careful with her personal information,
0:09:39 > 0:09:43she's keen to know exactly how they did that.
0:09:43 > 0:09:47I've racked my brains to think of what I could've done.
0:09:47 > 0:09:50My security is as tight as anybody I know.
0:09:50 > 0:09:53In fact, most of my friends would say
0:09:53 > 0:09:56I am the person least likely to have this happen to,
0:09:56 > 0:10:02because I've always been almost obsessive about security.
0:10:02 > 0:10:05Well, there is a variety of ways that criminals can get hold of
0:10:05 > 0:10:07your personal data, but one route
0:10:07 > 0:10:10that we've reported on before is through the dark web -
0:10:10 > 0:10:12the murky underworld of the internet,
0:10:12 > 0:10:17where criminals and scammers openly trade individuals' details
0:10:17 > 0:10:19and sell them on to the highest bidder.
0:10:19 > 0:10:23One gang may find your e-mail and password and then they'll sell it
0:10:23 > 0:10:26to another organisation who'll then use it
0:10:26 > 0:10:28to start doing things like phishing e-mails,
0:10:28 > 0:10:30where they try to get data off you,
0:10:30 > 0:10:34or they'll use researchers to find things like your date of birth,
0:10:34 > 0:10:36where you live, that kind of information,
0:10:36 > 0:10:39and they build that up over a period of time,
0:10:39 > 0:10:41and that process can take up to two years.
0:10:44 > 0:10:48We'll never know for sure how Mary's information was stolen,
0:10:48 > 0:10:51but it's likely that at least some of her data
0:10:51 > 0:10:53WAS traded on the dark web.
0:10:53 > 0:10:57So, to understand more about how even the most security-conscious
0:10:57 > 0:11:01among us can fall foul to the criminal market in personal data,
0:11:01 > 0:11:05we've brought Mary to meet digital forensic expert Keith Cottenden -
0:11:05 > 0:11:08and a point that she's keen to establish from the off
0:11:08 > 0:11:10is that, whatever else may have happened,
0:11:10 > 0:11:15at no stage would she have fallen foul of any suspect spam e-mails.
0:11:16 > 0:11:21Part of my frustration throughout this whole period is people saying,
0:11:21 > 0:11:23"Did you click on an e-mail?"
0:11:23 > 0:11:26I am pretty certain I didn't.
0:11:26 > 0:11:29I don't think any of us can say definitely we didn't,
0:11:29 > 0:11:31but I'm pretty certain I didn't do those things.
0:11:31 > 0:11:34And that's what's puzzling me about this,
0:11:34 > 0:11:35it's kind of, "Why me?"
0:11:35 > 0:11:37Well, firstly,
0:11:37 > 0:11:40people are picked not because of who they are,
0:11:40 > 0:11:45just because a number, data.
0:11:45 > 0:11:49And your data is as valuable as anybody else's data.
0:11:49 > 0:11:52It could be down to an inadvertent action that you don't even realise
0:11:52 > 0:11:57you've committed. There are international gangs out there
0:11:57 > 0:12:01who mine data from systems over a period of time,
0:12:01 > 0:12:02sometimes many years,
0:12:02 > 0:12:08and sell this data on to smaller organisations or smaller fraudsters.
0:12:09 > 0:12:12And as soon as those fraudsters decide to act, as Mary discovered,
0:12:12 > 0:12:15they work fast and a lot can happen.
0:12:16 > 0:12:20This particular fraud is possibly a one-off opportunity
0:12:20 > 0:12:24and they might only have a window of 12 hours
0:12:24 > 0:12:26to do serious damage.
0:12:26 > 0:12:28But Keith is keen to reassure Mary
0:12:28 > 0:12:31that it's not just her responsibility
0:12:31 > 0:12:32to keep her data safe.
0:12:32 > 0:12:35And I think the questions you need to be asking then
0:12:35 > 0:12:38are perhaps of your financial institutions
0:12:38 > 0:12:41and your service provider to ensure this doesn't happen.
0:12:41 > 0:12:44"How are you protecting my data?
0:12:44 > 0:12:47"How has this been allowed to happen?"
0:12:47 > 0:12:50So it might not have been me, it could've been a breach elsewhere?
0:12:50 > 0:12:54It could've been a breach... Any system can be compromised.
0:12:54 > 0:12:56You might have been signed up at some point
0:12:56 > 0:12:59to an organisation that has had a data breach
0:12:59 > 0:13:02that you didn't even realise has happened.
0:13:02 > 0:13:05And a data breach doesn't need to be at your bank or phone company.
0:13:05 > 0:13:08Anywhere you've logged in personal details -
0:13:08 > 0:13:11even something as simple as an online shopping account -
0:13:11 > 0:13:12could be the start of a trail
0:13:12 > 0:13:14that ends with fraudsters getting hold
0:13:14 > 0:13:16of your personal information.
0:13:18 > 0:13:21The meeting with Keith was deeply shocking, inasmuch as...
0:13:24 > 0:13:27..people are trading my information.
0:13:27 > 0:13:33Somebody perhaps sold my date of birth, my mother's maiden name,
0:13:33 > 0:13:36and they're just gathering those bits,
0:13:36 > 0:13:38but people are selling information.
0:13:38 > 0:13:42Mary will probably never know for sure where her scam began,
0:13:42 > 0:13:45only where it ended, and when we spoke to Vodafone,
0:13:45 > 0:13:48where the fraudsters had somehow known enough about her to pass
0:13:48 > 0:13:50the company's identification checks,
0:13:50 > 0:13:52it confirmed that Mary had been a victim
0:13:52 > 0:13:55of what it called...
0:13:57 > 0:14:00Vodafone told us it has three levels of verification
0:14:00 > 0:14:01on customer accounts,
0:14:01 > 0:14:05but it realises how distressing this has been for Mary,
0:14:05 > 0:14:09so it's now introduced special security measures on her account.
0:14:09 > 0:14:12It's also refunded the cost of the fraudulent calls
0:14:12 > 0:14:15and credited her account as a goodwill gesture.
0:14:15 > 0:14:18And whenever we speak to the banks about cases such as this one,
0:14:18 > 0:14:21they're always keen to stress how hard they work
0:14:21 > 0:14:24to stop this sort of fraud before it happens.
0:14:24 > 0:14:25Of course, in Mary's case,
0:14:25 > 0:14:29most of the fraudulent transactions did ring alarm bells
0:14:29 > 0:14:31and were prevented, but later in the programme
0:14:31 > 0:14:35we'll take a closer look at what banks do to keep our money safe,
0:14:35 > 0:14:39as one of them gives us exclusive access to its fraud protection team.
0:14:39 > 0:14:41And we'll have crucial advice to make sure
0:14:41 > 0:14:44that your details don't end up in the wrong hands.
0:14:48 > 0:14:50Coming up next, a terrifying new scam
0:14:50 > 0:14:54that doesn't actually involve criminals getting access
0:14:54 > 0:14:57to your bank account or trying to take control of your cash,
0:14:57 > 0:14:59but instead targets your computer,
0:14:59 > 0:15:02swooping in to prevent access to your most precious files
0:15:02 > 0:15:04and then holding them to ransom,
0:15:04 > 0:15:06demanding cash so that you can get them back.
0:15:06 > 0:15:08Now, it might all sound like something out of the Wild West,
0:15:08 > 0:15:13but computer ransomware is very much a 21st century crime.
0:15:13 > 0:15:17And the online outlaws behind it don't seem to care
0:15:17 > 0:15:18who they go after next.
0:15:20 > 0:15:24Gillian Pucci from Manchester is in a race against time.
0:15:24 > 0:15:25I just knew something was wrong.
0:15:26 > 0:15:30In four days, she'll be permanently locked out of the files
0:15:30 > 0:15:32on her own computer, thanks to cyber-criminals
0:15:32 > 0:15:36who found a way to control access to what she stored there,
0:15:36 > 0:15:38and are demanding a ransom to set it free.
0:15:38 > 0:15:40I know they're there.
0:15:41 > 0:15:43And that's what's heartbreaking.
0:15:44 > 0:15:48It's a scam that could target you, as well - but even if she pays up,
0:15:48 > 0:15:52Gillian can't be sure she will ever see her precious files again.
0:15:52 > 0:15:54With any kidnapping, there's no guarantee
0:15:54 > 0:15:58that, if you do pay the ransom, that you'd ever get them back.
0:16:00 > 0:16:02Gillian uses her computer for everything,
0:16:02 > 0:16:04from storing photographs to running the accounts
0:16:04 > 0:16:06for the family's Italian restaurant.
0:16:06 > 0:16:09She prides herself in being security-conscious -
0:16:09 > 0:16:11and until recently, Gillian was very confident
0:16:11 > 0:16:14she could spot a dodgy e-mail when she saw one.
0:16:14 > 0:16:15But in June this year,
0:16:15 > 0:16:19Gillian was caught out by one e-mail that didn't look quite right.
0:16:19 > 0:16:24It was an e-mail addressed to me personally, and the heading said,
0:16:24 > 0:16:28"We would appreciate prompt payment of the attached invoice."
0:16:28 > 0:16:31Something inside me said, "Don't open it."
0:16:31 > 0:16:34But then I was thinking, "Well, have I ordered something,
0:16:34 > 0:16:36"or has somebody cloned my card,
0:16:36 > 0:16:40"has something happened and I'm being asked to pay for something
0:16:40 > 0:16:41"that I haven't ordered?"
0:16:41 > 0:16:43So I did, I opened it.
0:16:44 > 0:16:46The attachment that Gillian clicked on was blank,
0:16:46 > 0:16:49so she closed it again and thought nothing of it.
0:16:49 > 0:16:52But that one click would have disastrous consequences.
0:16:53 > 0:16:58When I opened the computer the next morning, there was just writing,
0:16:58 > 0:17:02information telling me that my computer had been infected
0:17:02 > 0:17:05with this Cerber ransomware
0:17:05 > 0:17:10and that I would be unable to open any files or any documents.
0:17:10 > 0:17:14Gillian's computer and all the data on it was being held hostage.
0:17:14 > 0:17:18That innocuous-looking e-mail she clicked on had contained
0:17:18 > 0:17:21a software virus known as ransomware, which had encrypted
0:17:21 > 0:17:25every single file, document and photograph on her computer,
0:17:25 > 0:17:28converting them to a code that she simply couldn't unlock.
0:17:28 > 0:17:33My heart sank. There's years and years of photographs of my children,
0:17:33 > 0:17:36of my family, of my dogs.
0:17:36 > 0:17:38Go! Yay!
0:17:38 > 0:17:41'It's devastating, it feels like'
0:17:41 > 0:17:43you've been attacked.
0:17:44 > 0:17:46I know they're only photographs,
0:17:46 > 0:17:49but photographs contain memories and they mean such a lot.
0:17:50 > 0:17:53The cybercriminals demanded that Gillian pay up
0:17:53 > 0:17:56a ransom of about £600 within two weeks -
0:17:56 > 0:17:58or she would lose everything.
0:17:58 > 0:18:02She would need to pay using an internet currency called bitcoins,
0:18:02 > 0:18:05and every week she delayed, the price would go up.
0:18:05 > 0:18:08This, it's just a nightmare.
0:18:08 > 0:18:11You lose something that you really love,
0:18:11 > 0:18:14something that's really dear to you.
0:18:14 > 0:18:17I say lose, it's not lost, it's there,
0:18:17 > 0:18:21I just can't have it, can't open it.
0:18:21 > 0:18:24And it's devastating.
0:18:24 > 0:18:28But even with so much at stake, Gillian is refusing to pay.
0:18:29 > 0:18:32But I decided that I wasn't going to give in to these cyberterrorists,
0:18:32 > 0:18:37these people bullying. They're not going to get my money.
0:18:37 > 0:18:39Instead, she's determined to somehow find a way
0:18:39 > 0:18:43to unlock the files before the ransom deadline.
0:18:43 > 0:18:46I sat at my PC, day after day,
0:18:46 > 0:18:49from the morning through to the night-time,
0:18:49 > 0:18:53reading up, looking, uninstalling, installing,
0:18:53 > 0:18:56for the past ten days.
0:18:56 > 0:18:58It's just taken over my life.
0:18:58 > 0:19:00But with the clock still ticking,
0:19:00 > 0:19:03Gillian is no closer to finding a solution,
0:19:03 > 0:19:05so she's come to us for help.
0:19:05 > 0:19:07We've arranged for her to take her computer
0:19:07 > 0:19:10to tech detective John Salt.
0:19:10 > 0:19:12He's been in the business for over 20 years,
0:19:12 > 0:19:14and although this type of scam
0:19:14 > 0:19:16is something he's become very familiar with,
0:19:16 > 0:19:18he knows that even if Gillian
0:19:18 > 0:19:20does pay the ransom, it doesn't mean
0:19:20 > 0:19:21that she'll get her files back,
0:19:21 > 0:19:24and it could open the door to even more scams.
0:19:24 > 0:19:28Well, the first thing, you've done the right thing not to pay,
0:19:28 > 0:19:31because chances are, they won't repair your computer.
0:19:31 > 0:19:36And the second thing is they tend to send a list out of people
0:19:36 > 0:19:40who do pay to other scammers, who will then send you scams.
0:19:40 > 0:19:43- Right.- So, you've done the right thing by bringing it in.
0:19:43 > 0:19:45I think the first thing we need to do
0:19:45 > 0:19:49is find out what type of ransomware it is that's on,
0:19:49 > 0:19:51because there's quite a variety.
0:19:51 > 0:19:53- That's great. Thank you. - Yeah?- Yes.
0:19:53 > 0:19:55But I think, because time's of essence,
0:19:55 > 0:19:57we'll put it straight on to the bench.
0:19:57 > 0:20:00John's going to try and find a way to break the encryption
0:20:00 > 0:20:02that's locked Gillian's files away.
0:20:02 > 0:20:05Well, the first thing we need to do is we need to scan the system
0:20:05 > 0:20:09to see where the encryption came from, how deeply it's encrypted.
0:20:10 > 0:20:12And he soon discovers the
0:20:12 > 0:20:15cyber-criminals have modified almost every file
0:20:15 > 0:20:18- on the computer. - They're little blank pages.
0:20:18 > 0:20:19- Yes.- Now that's because your
0:20:19 > 0:20:21computer doesn't know how to open them.
0:20:21 > 0:20:23- Right.- It doesn't know what programme they're going to use.
0:20:23 > 0:20:26- Yeah.- Whereas, if you look further up the list,
0:20:26 > 0:20:28it knows it's a photograph...
0:20:28 > 0:20:32- Yeah.- ..but, when you go into it,
0:20:32 > 0:20:34- it then... - Windows can't open this file.
0:20:34 > 0:20:38It can't open this file because it doesn't quite know how to open it.
0:20:38 > 0:20:41Gillian is relieved that her computer is now in expert hands.
0:20:41 > 0:20:44The question is, can John save her files
0:20:44 > 0:20:47before the ransom runs out in four days' time?
0:20:47 > 0:20:51I always thought that I was too clever and too savvy,
0:20:51 > 0:20:54and I wouldn't open something like that, but that invoice,
0:20:54 > 0:20:57that e-mail got me.
0:20:58 > 0:20:59I opened it and...
0:21:01 > 0:21:02..I unleashed the beast.
0:21:05 > 0:21:07You know, it's an easy mistake to make,
0:21:07 > 0:21:11but if attempts to unlock your files fail, the results can be disastrous,
0:21:11 > 0:21:14as Charles and Sally Jones discovered in 2015
0:21:14 > 0:21:18when the main computer at the nursing home they run in Lancashire
0:21:18 > 0:21:20was also infected with ransomware.
0:21:21 > 0:21:26Everything had gone, it wasn't just, say, some photos or a few files.
0:21:26 > 0:21:29Everything that we had stored on that computer was encrypted.
0:21:29 > 0:21:31I felt sick.
0:21:31 > 0:21:33When we realised there was something going wrong,
0:21:33 > 0:21:36then you start to worry about, what have they taken?
0:21:36 > 0:21:38- Yeah.- Have they got all the information?
0:21:38 > 0:21:41- Have they got all the bank details? What have we lost?- Yeah, yeah.
0:21:41 > 0:21:43Goodness me, that is scary.
0:21:43 > 0:21:46And then you suddenly realise you've put all your eggs in one pot.
0:21:48 > 0:21:50A message came up telling Charles and Sally
0:21:50 > 0:21:54that they needed to pay a 500 ransom to get their files back.
0:21:54 > 0:21:56Like Gillian, they didn't pay up.
0:21:59 > 0:22:02But when the ransom expired, all their business accounts,
0:22:02 > 0:22:05invoices and contracts were lost,
0:22:05 > 0:22:08and they no longer had access to the backups either.
0:22:08 > 0:22:09They did enlist expert help,
0:22:09 > 0:22:12but by then it was just too late to recover the data,
0:22:12 > 0:22:15and it took them six months to get their business back on its feet.
0:22:18 > 0:22:22It meant having to trawl through the files, the paperwork,
0:22:22 > 0:22:23change all the passwords...
0:22:25 > 0:22:28Just build the whole thing up all over again.
0:22:28 > 0:22:32Back to Gillian, and she has just days to avoid the same fate,
0:22:32 > 0:22:36and it all depends on whether John can find a way to unlock her files.
0:22:36 > 0:22:38James Lyne is global head of security
0:22:38 > 0:22:41for internet security firm Sophos.
0:22:41 > 0:22:43The company's been dealing with corporate ransomware
0:22:43 > 0:22:46for a couple of years, but has noticed that attacks
0:22:46 > 0:22:49on personal computers have become much more common
0:22:49 > 0:22:50in the last couple of months.
0:22:50 > 0:22:55Really it's a question of when you'll run into ransomware, not if.
0:22:55 > 0:22:59While most attacks come as viruses attached to e-mails,
0:22:59 > 0:23:02which is what happened to Gillian and Charles and Sally,
0:23:02 > 0:23:05James is seeing more and more ransomware hiding in the background
0:23:05 > 0:23:09of websites that we might not even begin to question.
0:23:09 > 0:23:11So the other extremely common way
0:23:11 > 0:23:13that cyber-criminals will infect people
0:23:13 > 0:23:17is by putting malicious code into legitimate websites,
0:23:17 > 0:23:18so that when you visit it,
0:23:18 > 0:23:21it deploys it silently in the background.
0:23:21 > 0:23:23As soon as I browse to this web page here,
0:23:23 > 0:23:27in the background the attacker starts loading the nasty code
0:23:27 > 0:23:31and a short while later, the browser will now crash.
0:23:31 > 0:23:33Of course, you'd think nothing of it.
0:23:33 > 0:23:36You'd just close it down, open it again or go and make a cup of tea,
0:23:36 > 0:23:40but in the background we're now starting to see files encrypted.
0:23:40 > 0:23:45And just a few seconds after it's encrypted enough data that it knows
0:23:45 > 0:23:49it can snare me into paying, it pops up these messages on the screen,
0:23:49 > 0:23:53and at the top it just says, "What happened to my files?
0:23:53 > 0:23:55"What do I do?"
0:23:55 > 0:23:58And there's links to a series of payment pages
0:23:58 > 0:24:02where you can hand over money to get the information back.
0:24:02 > 0:24:06So, very quick and easy, just by browsing to a normal web page,
0:24:06 > 0:24:09I'm now in a position where all of my information is inaccessible to me
0:24:09 > 0:24:12throughout the computer.
0:24:12 > 0:24:14Web browsers are regularly updated
0:24:14 > 0:24:17to make sure they can stand up to dangerous viruses,
0:24:17 > 0:24:19so make sure you don't ignore those update messages,
0:24:19 > 0:24:22or you might be leaving the door wide open to attacks.
0:24:22 > 0:24:24Unfortunately, though,
0:24:24 > 0:24:26there's no software update that can protect you
0:24:26 > 0:24:30against clicking on an infected e-mail attachment.
0:24:30 > 0:24:33If you get an e-mail from someone you don't know,
0:24:33 > 0:24:34claiming something to do with an
0:24:34 > 0:24:37invoice or a payment that you weren't expecting,
0:24:37 > 0:24:40treat it a little bit like you would in the real world -
0:24:40 > 0:24:42be a little bit sceptical about who that person is
0:24:42 > 0:24:45and maybe don't open the attachment if you're not sure.
0:24:47 > 0:24:48But however cautious you are,
0:24:48 > 0:24:51James says the best advice is to prepare for the worst.
0:24:53 > 0:24:56Assume you're going to get infected,
0:24:56 > 0:24:59have a backup plan so that you can restore your data
0:24:59 > 0:25:02back to where you were and not have to pay the cyber-criminals money.
0:25:04 > 0:25:06If you back up all your files
0:25:06 > 0:25:09to a drive that's not permanently connected to your computer
0:25:09 > 0:25:11so it can't be infected with the same ransomware,
0:25:11 > 0:25:14it should be possible to restore your data
0:25:14 > 0:25:16to the way it was before the attack.
0:25:18 > 0:25:20Back in Oldham, Gillian hadn't done that
0:25:20 > 0:25:24and now, 13 days since her computer was infected,
0:25:24 > 0:25:25she has just 24 hours
0:25:25 > 0:25:26before the deadline
0:25:26 > 0:25:29given to her by the ransomware cyber-criminals.
0:25:30 > 0:25:32Today's the day we find out
0:25:32 > 0:25:35if John's managed to retrieve anything off my computer for me.
0:25:35 > 0:25:39I'm not holding out too much hope.
0:25:41 > 0:25:44So it's crunch time for Gillian and her precious computer.
0:25:44 > 0:25:47- Hello, Gillian. Nice to see you again.- Hi, John.- Well,
0:25:47 > 0:25:50the important thing is I've been able to retrieve a lot of the data
0:25:50 > 0:25:54- that you, that was important to you. - I'm so happy, so grateful.
0:25:54 > 0:25:55- Great.- Thank you so much.
0:25:55 > 0:25:57No, it's a pleasure, that's what we do.
0:25:57 > 0:26:00Good old John, he was able to beat the ransomware
0:26:00 > 0:26:02before the deadline expired
0:26:02 > 0:26:05by unlocking the files with specialist software.
0:26:05 > 0:26:07And while some files were lost for good,
0:26:07 > 0:26:09he was able to save the majority
0:26:09 > 0:26:12of Gillian's most precious documents and her memories.
0:26:12 > 0:26:16I'm absolutely thrilled and so grateful to John
0:26:16 > 0:26:20for all his hard work that I've got the photographs back.
0:26:20 > 0:26:21It means such a lot to me.
0:26:21 > 0:26:23I never thought we'd be able to do it,
0:26:23 > 0:26:24I thought they were lost forever.
0:26:26 > 0:26:30And she'll be doubly careful in how she protects her photographs
0:26:30 > 0:26:31in the future.
0:26:31 > 0:26:34I'm going to learn from this mistake.
0:26:34 > 0:26:36The first thing I'm going to do
0:26:36 > 0:26:38is keep a backup of them,
0:26:38 > 0:26:42and secondly I'm not going to open up any more suspicious e-mails,
0:26:42 > 0:26:44and basically just learn a lesson from it.
0:26:50 > 0:26:51Still to come on Rip Off Britain...
0:26:51 > 0:26:54Behind the scenes of one of Britain's biggest banks
0:26:54 > 0:26:58to see how its fraud team keeps your details safe.
0:26:58 > 0:27:00We can always compare the transactions
0:27:00 > 0:27:02that are presented to us with other customer spending
0:27:02 > 0:27:04that's happened previously,
0:27:04 > 0:27:06which will assist us in determining whether
0:27:06 > 0:27:07this perhaps is fraudulent or not.
0:27:11 > 0:27:13Welcome to the Rip Off Britain pop-up shop.
0:27:13 > 0:27:16This year we were at Manchester's bustling Trafford centre,
0:27:16 > 0:27:19meeting as many of you as we possibly could,
0:27:19 > 0:27:22including some of our younger viewers.
0:27:22 > 0:27:25I love that bag. That is beautiful.
0:27:27 > 0:27:29I'm really loving this open plan pop-up shop.
0:27:29 > 0:27:32It's actually the first time we've ever done it this way,
0:27:32 > 0:27:35and the great thing about it is that everyone can see what we're doing -
0:27:35 > 0:27:37we're getting lots and lots of people coming up
0:27:37 > 0:27:40to see what we're all about, and that means more problems solved.
0:27:43 > 0:27:46One family hoping to get their problem solved
0:27:46 > 0:27:50were the Bamforths - Ian, Foni and four-year-old daughter Lizzy.
0:27:50 > 0:27:52And it was a hitch with Lizzy's birthday party
0:27:52 > 0:27:55that brought them to see Trading Standards officer Sylvia Rook.
0:27:55 > 0:27:58Well, thank you both for coming in to see me this afternoon.
0:27:58 > 0:27:59How can I help you?
0:27:59 > 0:28:02Ian and Foni had booked and paid for an entertainer
0:28:02 > 0:28:07well in advance of the big day, but with hours to go she rang to cancel.
0:28:07 > 0:28:11She just cancelled because she is ill, so I said, "That's fine then,
0:28:11 > 0:28:14"but can you please find a replacement for me?"
0:28:14 > 0:28:16And then they keep saying, "I try,
0:28:16 > 0:28:20"I try," but until seven o'clock that night, we're still not getting,
0:28:20 > 0:28:24but her party's the next day which is making me all stressed out, so...
0:28:24 > 0:28:25It was very stressful.
0:28:25 > 0:28:29Foni was able it find a replacement in the nick of time,
0:28:29 > 0:28:31but having forked out for two entertainers,
0:28:31 > 0:28:35she was understandably keen to get back the £100 she'd paid to the one
0:28:35 > 0:28:40who didn't show. Trouble is, almost a year on, she's still not had it.
0:28:40 > 0:28:43So this person e-mailed me, saying, you know,
0:28:43 > 0:28:46she's going to replace the money.
0:28:46 > 0:28:48I said, "All right then," but it never arrived.
0:28:48 > 0:28:50I e-mail her back, never get a reply.
0:28:50 > 0:28:53I call her, never get pick-up.
0:28:53 > 0:28:56I leave a voicemail, never get an answer.
0:28:56 > 0:28:57Ian and Foni had almost given up
0:28:57 > 0:28:59hope of recovering their money
0:28:59 > 0:29:02until they saw that our pop-up shop was in town,
0:29:02 > 0:29:05and Sylvia's sure the cash is recoverable
0:29:05 > 0:29:07if the couple follows some simple steps.
0:29:07 > 0:29:10Well, obviously, she's in breach of contract,
0:29:10 > 0:29:13and therefore you are entitled to your money back from her.
0:29:13 > 0:29:15You've done everything right in terms of e-mails,
0:29:15 > 0:29:18but we would always recommend you put something in a letter.
0:29:18 > 0:29:20Send a letter recorded delivery, keep a copy of it,
0:29:20 > 0:29:22and now you need to say,
0:29:22 > 0:29:25"If you don't credit my bank account within 14 days,"
0:29:25 > 0:29:29then you'll be pursuing the matter through that small claims court.
0:29:29 > 0:29:32Is there any time limit for pursuing this kind of...?
0:29:32 > 0:29:35No. In terms of your consumer rights, any consumer rights,
0:29:35 > 0:29:37if you want to make any civil action,
0:29:37 > 0:29:38you've got up to six years to make a claim.
0:29:38 > 0:29:41- All right.- So there's no problem with the fact that it's over a year,
0:29:41 > 0:29:43but I would say, if you're going to do something,
0:29:43 > 0:29:45do it as soon as possible.
0:29:45 > 0:29:46Do you think that will help?
0:29:46 > 0:29:49- It will help, thank you very much. - Well, I wish you the best of luck
0:29:49 > 0:29:52with getting your money back, and I hope you have a lovely birthday.
0:29:52 > 0:29:53Armed with Sylvia's advice,
0:29:53 > 0:29:56the couple are now much more optimistic
0:29:56 > 0:29:57about getting their money back,
0:29:57 > 0:30:00and they know exactly how they'll be spending it.
0:30:00 > 0:30:03If we get the money back, then all that money's going to go to Lizzy.
0:30:03 > 0:30:06Maybe it'll go to a bigger and better birthday party next year,
0:30:06 > 0:30:08- when you're five.- Yeah.
0:30:08 > 0:30:09Elsewhere in the shopping centre,
0:30:09 > 0:30:13our lawyer Gary found an opportunity to catch up on some advice
0:30:13 > 0:30:16that he gave Gloria on the programme last year,
0:30:16 > 0:30:20and that he recommends everyone should think about putting in place.
0:30:20 > 0:30:22So, Gloria, last year we talked about
0:30:22 > 0:30:24making a lasting power of attorney
0:30:24 > 0:30:27which is a way of appointing someone to make decisions for you
0:30:27 > 0:30:29if you can't make them for yourself.
0:30:29 > 0:30:31- Have you done anything about that? - No, I'll tell you the truth,
0:30:31 > 0:30:34there's something in my make-up that doesn't want to let go,
0:30:34 > 0:30:38but I promise you I will seriously think about it, I will.
0:30:38 > 0:30:41Gloria's not the only person still mulling it over.
0:30:41 > 0:30:43Research shows that only 13% of over-50s
0:30:43 > 0:30:46have set up a lasting power of attorney,
0:30:46 > 0:30:48yet the official advice is that it's sensible
0:30:48 > 0:30:52for every adult to get one sorted in case the worst happens
0:30:52 > 0:30:55and you're unable to make financial decisions for yourself.
0:30:55 > 0:30:57Hopefully there will be an opportunity
0:30:57 > 0:30:59for you to put in hand arrangements.
0:30:59 > 0:31:01What would be awful is if there was a sudden accident
0:31:01 > 0:31:03or illness and it was too late,
0:31:03 > 0:31:06because then it can be very expensive and very worrying
0:31:06 > 0:31:07for your nearest and dearest.
0:31:07 > 0:31:09You've made me think about that aspect again.
0:31:09 > 0:31:11Gary wanted to see if this is something
0:31:11 > 0:31:13passing shoppers have considered.
0:31:13 > 0:31:16It is lovely to meet you.
0:31:16 > 0:31:19Eva is 72 and considers herself very sensible
0:31:19 > 0:31:22when it comes to putting her finances in order.
0:31:23 > 0:31:27My life insurance is paid for, my funeral's paid for.
0:31:27 > 0:31:31I don't believe in leaving my children or my grandchildren
0:31:31 > 0:31:33to do anything.
0:31:33 > 0:31:35Eva has also made a will,
0:31:35 > 0:31:39but so far she hasn't done what Gary believes is so vital.
0:31:39 > 0:31:42Now, the thing is we're talking about power of attorney.
0:31:42 > 0:31:46- Are you familiar with the phrase? - Yes, I am.- And have you done that?
0:31:46 > 0:31:48No. I...
0:31:48 > 0:31:51- Would you do it?- I would do it if I got to the state
0:31:51 > 0:31:54where I couldn't do anything properly.
0:31:54 > 0:31:56Actually, that's the wrong time to do it.
0:31:56 > 0:32:01- I know.- Yes, it's too late to sort this out when, for whatever reason,
0:32:01 > 0:32:04you may have already lost the capacity to make the best decisions,
0:32:04 > 0:32:08which is why Gary is so keen that we think about it in advance.
0:32:08 > 0:32:10But it's estimated that two thirds of us
0:32:10 > 0:32:12haven't spoken to family members
0:32:12 > 0:32:14about how we'd like our finances managed
0:32:14 > 0:32:16if we're unable to do it ourselves.
0:32:16 > 0:32:19Well, now, the thing is that you and I could make a pact,
0:32:19 > 0:32:21you see, because I've been told off
0:32:21 > 0:32:23now today for not taking out my power of attorney.
0:32:23 > 0:32:26And I think that is a point worth thinking about.
0:32:26 > 0:32:29I think I'll just go sit with my eldest granddaughter
0:32:29 > 0:32:34- and my son...- Yeah. - ..and take power of attorney out.
0:32:34 > 0:32:37Gary seems to have convinced Eva, and while, with luck,
0:32:37 > 0:32:39it's something that she'll never need,
0:32:39 > 0:32:41if a power of attorney did become necessary,
0:32:41 > 0:32:42having one already in place
0:32:42 > 0:32:45could save her family a great deal of trouble and expense.
0:32:45 > 0:32:48I think it would just be the final piece of the jigsaw,
0:32:48 > 0:32:51cos if you actually were lacking capacity,
0:32:51 > 0:32:53the bank, the building society, the post office,
0:32:53 > 0:32:56they wouldn't know how lovely your family are...
0:32:56 > 0:32:58- No.- And they wouldn't know that they are the right people
0:32:58 > 0:33:01- to be dealing with things for you. - Thanks very much indeed.
0:33:01 > 0:33:03Thank you. OK.
0:33:03 > 0:33:05- See you again.- Thank you.- Bye-bye. - Bye.
0:33:05 > 0:33:08- How fabulous is she? - Wonderful.
0:33:10 > 0:33:14I think one of my favourite parts of our pop-up shop event is this -
0:33:14 > 0:33:18Gripe Corner - because it means you can just come along,
0:33:18 > 0:33:20let off steam and tell us exactly
0:33:20 > 0:33:22what you think about anything at all.
0:33:24 > 0:33:28And that's exactly what this lady did after falling for an offer
0:33:28 > 0:33:30that had a costly sting in the tail.
0:33:30 > 0:33:34I got the promise of a voucher for £10 of petrol.
0:33:34 > 0:33:38They wanted £2.78 from me in order to send me the voucher,
0:33:38 > 0:33:41so I foolishly gave them my credit card number.
0:33:41 > 0:33:43When my credit card statement arrived,
0:33:43 > 0:33:48they'd also taken £78 and 90-odd pence to join their club.
0:33:48 > 0:33:51I still haven't received my £10 voucher.
0:33:51 > 0:33:53The whole thing has made me so furious
0:33:53 > 0:33:55with myself more than anything.
0:33:55 > 0:33:59Do never, ever, ever, never give your credit card number to anybody.
0:33:59 > 0:34:00And I'm really, really furious,
0:34:00 > 0:34:02and that's the end of my rant, thank you.
0:34:07 > 0:34:11Earlier in the programme, we saw how the tactics being used by fraudsters
0:34:11 > 0:34:13who are trying to steal your savings
0:34:13 > 0:34:15get more and more elaborate all the time,
0:34:15 > 0:34:18and, however much you may be on your guard,
0:34:18 > 0:34:21they do keep finding all-too-plausible ways
0:34:21 > 0:34:24to convince you to give them access to your cash.
0:34:24 > 0:34:27One question that we're often asked is whether or not the banks
0:34:27 > 0:34:31are actually doing enough to keep our money safe in these situations,
0:34:31 > 0:34:34so we've had an exclusive look behind the scenes
0:34:34 > 0:34:37at one of Britain's biggest and best known banks
0:34:37 > 0:34:39to find out exactly what is being done
0:34:39 > 0:34:41to stay one step ahead of the scammers.
0:34:44 > 0:34:48The bad news is that bank fraud has rocketed in recent years,
0:34:48 > 0:34:52with more than three million cases reported in 2015,
0:34:52 > 0:34:58when scammers walked away with over £750 million of our money.
0:34:58 > 0:35:02And the good news? Well, it could be a whole lot worse.
0:35:02 > 0:35:06Because, over that same period, the banks managed to prevent
0:35:06 > 0:35:08almost £1.8 billion being stolen
0:35:08 > 0:35:11by stopping the scammers in their tracks.
0:35:12 > 0:35:15But, however reassuring that may be,
0:35:15 > 0:35:19it's small consolation for anyone whose account does get plundered
0:35:19 > 0:35:21by the crooks, and those who have been scammed
0:35:21 > 0:35:24frequently tell us they simply are not happy with the way
0:35:24 > 0:35:26that their bank dealt with what happened.
0:35:26 > 0:35:29In autumn 2015, consumer group Which?
0:35:29 > 0:35:31explored that in more detail,
0:35:31 > 0:35:34surveying victims of fraud to see what they made of the way
0:35:34 > 0:35:37that the banks had handled the situation.
0:35:37 > 0:35:39And in that report, there was one big name
0:35:39 > 0:35:42that came in for particular criticism.
0:35:42 > 0:35:45Barclays had the lowest score for its overall response
0:35:45 > 0:35:49to fraud cases, and as a result it took a lot of flak in the press.
0:35:51 > 0:35:54So I'm just heading off to their corporate headquarters
0:35:54 > 0:35:56here in Canary Wharf in London,
0:35:56 > 0:35:58to see not only what they're doing
0:35:58 > 0:36:00to try and keep up with the fraudsters,
0:36:00 > 0:36:05but also how to improve the way in which they handle fraud claims.
0:36:06 > 0:36:09Barclays has invested millions in systems
0:36:09 > 0:36:14to tackle and stay one step ahead of the ever-evolving threat of fraud,
0:36:14 > 0:36:17and a key part of that is training front-line staff, like Daisy here,
0:36:17 > 0:36:21to identify fraudulent transactions as they happen,
0:36:21 > 0:36:23so the bank can stop the crime in its tracks
0:36:23 > 0:36:25and protect customers' money.
0:36:26 > 0:36:28What alerts you to the fact
0:36:28 > 0:36:30that there's a problem on someone's account?
0:36:30 > 0:36:33So the system itself will alert me as to...
0:36:33 > 0:36:35That we need to check some transactions with a customer.
0:36:35 > 0:36:37So, when we've received that call,
0:36:37 > 0:36:39it will bring the details of the transactions in question on screen.
0:36:39 > 0:36:42- Can we see that?- Yes, of course.
0:36:42 > 0:36:44We should say this isn't a real person, this is, as it were,
0:36:44 > 0:36:47- a training exercise. - Yes indeed, yeah.
0:36:47 > 0:36:48Dummy system, so to speak.
0:36:48 > 0:36:51So we're not actually looking at somebody's bank account.
0:36:51 > 0:36:52We can always compare the transactions
0:36:52 > 0:36:54that are presented to us with other customer spending
0:36:54 > 0:36:56that's happened previously,
0:36:56 > 0:36:58which will assist us in determining whether this is typical
0:36:58 > 0:37:01of that customer, whether it's in their spending profile
0:37:01 > 0:37:04and ultimately whether this is perhaps fraudulent or not.
0:37:04 > 0:37:07The software that Daisy is using contains unique profiles
0:37:07 > 0:37:11of every Barclays customer and tracks their spending habits,
0:37:11 > 0:37:13so that it can flag anything out of the ordinary
0:37:13 > 0:37:16which staff can then ring the customer to check.
0:37:17 > 0:37:19Essentially we'll detect a transaction
0:37:19 > 0:37:22that we'll need confirmation for from the customer,
0:37:22 > 0:37:23so we're going to run through, you know,
0:37:23 > 0:37:26some of their spending and check prospective fraudulent spending,
0:37:26 > 0:37:29as well, so we can identify whether that is the case.
0:37:29 > 0:37:31The software is designed to identify fraud
0:37:31 > 0:37:34when there's still time to stop it happening,
0:37:34 > 0:37:37but much of the recent criticism levelled at Barclays
0:37:37 > 0:37:39has been about how it responds to customers
0:37:39 > 0:37:42who've already lost money to criminals.
0:37:45 > 0:37:47Between 2010 and 2015,
0:37:47 > 0:37:51the financial ombudsman service received almost 15,000 complaints
0:37:51 > 0:37:53about banks refusing to refund money
0:37:53 > 0:37:56that customers had lost to fraudsters.
0:37:56 > 0:37:594,000 of those complaints were from Barclays customers,
0:37:59 > 0:38:02and that's more than for any other bank.
0:38:02 > 0:38:05Alex Grant is Barclays' head of fraud prevention.
0:38:05 > 0:38:08Why is it that there are 4,000 of your customers
0:38:08 > 0:38:12over the last five years who have not had their money refunded?
0:38:12 > 0:38:15There are a small number of cases where we would say, actually,
0:38:15 > 0:38:17it is not the bank's responsibility.
0:38:17 > 0:38:19We will profile those transactions,
0:38:19 > 0:38:21we will do our best to protect those customers,
0:38:21 > 0:38:24we will spend many more millions of pounds on customer education
0:38:24 > 0:38:28than any other bank to allow the customer to protect themselves.
0:38:28 > 0:38:31But you will know that the fraudsters, the scammers,
0:38:31 > 0:38:35get more and more convincing with their lies.
0:38:35 > 0:38:37They do all sorts of tricks
0:38:37 > 0:38:40that ensure that the person who is your customer
0:38:40 > 0:38:44on the receiving end of their telephone call believes 100%
0:38:44 > 0:38:47that they are talking to someone from Barclays,
0:38:47 > 0:38:49and yet you are saying that if they do that
0:38:49 > 0:38:52and they give away that information, they then are at fault
0:38:52 > 0:38:55and you're not prepared to reimburse them their money.
0:38:55 > 0:38:56Is that what you're saying?
0:38:56 > 0:38:58In a very, very small number of cases...
0:38:58 > 0:38:594,000 in five years.
0:38:59 > 0:39:03I'll repeat, small number of cases, we will not always refund,
0:39:03 > 0:39:08but the vast, vast majority, and it is in the very high 99 percents,
0:39:08 > 0:39:09we will refund.
0:39:12 > 0:39:14Alex, across the banking system as a whole in this country
0:39:14 > 0:39:19in the last year alone there were 3.2 million fraudulent cases online.
0:39:19 > 0:39:22What's happening? Are the fraudsters upping their game?
0:39:22 > 0:39:23Are you keeping in touch with that?
0:39:23 > 0:39:25Absolutely the fraudsters are upping their game.
0:39:25 > 0:39:28The level of attack across the industry has grown tremendously
0:39:28 > 0:39:31in the last year. At Barclays, we are absolutely upping our game,
0:39:31 > 0:39:35we have invested many millions of pounds in new technologies,
0:39:35 > 0:39:37new systems to fight against the fraudsters,
0:39:37 > 0:39:39so we are absolutely at the forefront
0:39:39 > 0:39:42of protecting our customers and fighting fraud.
0:39:42 > 0:39:44Of course Barclays isn't the only bank
0:39:44 > 0:39:48constantly reviewing its security to keep the fraudsters at bay.
0:39:48 > 0:39:49Over the coming months,
0:39:49 > 0:39:52we'll all see the levels of security on our bank accounts change
0:39:52 > 0:39:56dramatically, whether that's through fingerprint verification
0:39:56 > 0:39:58on online accounts at NatWest,
0:39:58 > 0:40:01voice recognition protection with HSBC,
0:40:01 > 0:40:05or even selfie security that knows your face,
0:40:05 > 0:40:09that's already in place at the new digital only banking service,
0:40:09 > 0:40:12Atom Bank. Of course, even with all that technology,
0:40:12 > 0:40:16if we as customers let our guard down even for a moment,
0:40:16 > 0:40:19the fraudsters will still find a way into our accounts,
0:40:19 > 0:40:23so it's up to each of us to deploy our own secret weapon
0:40:23 > 0:40:27and be cynical about every communication we get,
0:40:27 > 0:40:30asking us to do anything with our account.
0:40:30 > 0:40:34And if that means questioning even genuine contact from your bank...
0:40:34 > 0:40:36Well, better safe than sorry.
0:40:38 > 0:40:39Daisy, when you ring somebody,
0:40:39 > 0:40:41how does the person on the end of the phone
0:40:41 > 0:40:43know that you are the genuine article?
0:40:43 > 0:40:46Would you welcome it if people challenged you and said,
0:40:46 > 0:40:49"Who are you? Prove to me that you're Barclays"?
0:40:49 > 0:40:52There definitely have been occasions where customers have challenged me
0:40:52 > 0:40:55and said, you know, "How do I know who I'm speaking to?"
0:40:55 > 0:40:58And we always, you know, to an aspect, endorse that
0:40:58 > 0:41:00and say it's wonderful that you do have that vigilance.
0:41:00 > 0:41:02So you'd like everybody to do it, really.
0:41:02 > 0:41:05- Yeah, ultimately!- Thank you.
0:41:10 > 0:41:12If you've got a story you would like us to investigate,
0:41:12 > 0:41:15then you can get in touch with us via our Facebook page...
0:41:17 > 0:41:18Our website...
0:41:22 > 0:41:23Or e-mail...
0:41:27 > 0:41:30And of course you can send a letter to our postal address...
0:41:44 > 0:41:46You know, for years we've been saying that frauds
0:41:46 > 0:41:49keep getting more ingenious and harder to see them coming,
0:41:49 > 0:41:52but with some of the new techniques being employed to stop them,
0:41:52 > 0:41:54it really does feel like the banks are being just as inventive
0:41:54 > 0:41:56when it comes to keeping us all safe.
0:41:56 > 0:42:00But of course that's absolutely no consolation to anyone who find their
0:42:00 > 0:42:03money's been mysteriously spirited away,
0:42:03 > 0:42:05so the message is, stay vigilant
0:42:05 > 0:42:08and look out for even the slightest sign of anything suspicious.
0:42:08 > 0:42:11Remember, it only takes a second to be taken in.
0:42:11 > 0:42:14And we certainly hope that you've been able to pick up some tips
0:42:14 > 0:42:15from our programme today
0:42:15 > 0:42:17to ensure that it's your money
0:42:17 > 0:42:19that stays very firmly under lock and key -
0:42:19 > 0:42:22and please do keep telling us about any new scams
0:42:22 > 0:42:26that you come across so that we can get the word out as soon as possible
0:42:26 > 0:42:27to as many people as possible.
0:42:27 > 0:42:29But I'm afraid that is where we have to leave it for today,
0:42:29 > 0:42:32so thanks very much indeed, as always, for joining us,
0:42:32 > 0:42:34and we hope to see you again very soon.
0:42:34 > 0:42:35But until then, from all of us here...
0:42:35 > 0:42:37- Bye-bye.- Bye-bye.- Goodbye.