When Tom Honeyands realised he had been defrauded out of £70,000 he was furious and embarrassed – and left wondering if he had given away too many details on his social media vidoes.
Honeyands was on a work trip to Tokyo when he got a call from someone claiming to be from Lloyds bank. The caller asked if he had made a recent transaction in Singapore and when he said no, the scammer said his account had been compromised and that security details needed to be reset.
The tech reviewer, who has 1.63 million subscribers to his “The Tech Chap” YouTube channel, believes they stitched together a profile on him based on videos he had uploaded.
“The only thing I can think of is that banking icons are on my computer home screen,” he says. “I make video content for a living and if someone sees Lloyds, that’s one bit of information.”
It was late at night when he was called by scammers, who, he suspects, knew that he was travelling because of posts on his social media feeds. The jet lag and late hour added to him being confused and tired, and he fell for the phishing scam.
“I was at a dinner, and it was difficult to hear. That definitely contributed to me not paying full attention,” says Honeyands, who answered a number of questions about his personal details.
“I feel like I am a fairly intelligent guy. I should know better. They knew my name, address, who I banked with, that I was travelling,” he says. “You can put together enough information to phone me and, just this once, it worked, which is pretty embarrassing.”
What it looks like
A fraudster calls and says that they are from your bank’s fraud team and that you need to take action to help them protect your money.
In Honeyands case the scammer claimed he had to cancel payments that had been made to the account and that codes would be sent to Honeyands to verify the cancellations. However, they were actually verifications for new payees.
Honeyands made 12 verifications over a few hours which allowed the criminals to make payments totalling £70,000.
It was only when Lloyds’ real security team rang him that he hung up on the criminals. “I had the hacker on hold and the actual bank security team on another line and was thinking, ‘Who is real?’,” he says. The real Lloyds caller told him to hang up on both, and then call back on the number on the back of his bank card, which he did.
What to do
Based on his experience, he advises people to be aware of what detail they are sharing online. “It’s like the old thing of not sharing social posts when you’re travelling because your house is empty. In a similar way, if you ever show pictures of your phone screen and it has your bank on it, then that’s one more bit of information for the criminals.”
Lloyds tells customers that if a call is suspicious in any way, that they should call back on a trusted line and use a number for the bank such as that written on the back of its debit cards.
