Trying to recover money taken fraudulently from bank account

Freakbro · 12 Sep 2025 at 15:04

I'm just submitting a complaint to the Financial Ombudsman on behalf of someone else regarding £9,000 that was taken from his account (in 9 x £1,000 transactions) where the bank have refused to refund the money and closed the case.

Background : It's an old farmer, who doesn't have the internet or a smart phone so not tech savvy at all. He has an old retired friend, who's been a family friend for donkeys years, who comes and helps him out with the house and other jobs. He asked her to buy him some work trousers online and gave her his card details. She couldn't do it at his house due to lack of signal, so went home and bought the trousers from Chums Ltd. She's done this more than once over the years. The transaction went through, the trousers arrived, no problem.

Then, on the same day and for the next week, £1,000 card transactions have gone out of his account to a company called Bigo Technology Pt (based in Singapore) and it wasn't until the 9 transactions had gone through that it was picked up on, the bank fraud dept contacted and the card stopped. I've heard that he was subsequently told another 20+ transactions were attempted after the card was stopped.

Police involved, investigated the lady friend and concluded they couldn't find any evidence she was negligent with his card details or made the transactions herself.

Now, the bank have refused to reimburse him and have closed the case, verbally telling him that they don't think the police investigated the lady enough. Though what I have in writing from them is this explaining why they have refused the claim

When my colleague was looking at the Bigo Technology pt transactions they could see the IP address was the same as the one for the Chums Ltd transaction and they were performed from the same location on the same device/phone

Now, the farmer is adamant that it wasn't his friend and trusts her implicitly, and tbh, I can't see some old retired lady in the depths of rural Lincolnsire needing Social Media services from a tech company or running a money laundering ring from Singapore.

So my question is, how damming is that line from the bank with respect to his claim, is it a simple thing to spoof from the fraudster or is it hard evidence that she did it, or could it be she has malicious software on her phone?

Destination · 12 Sep 2025 at 15:09

Could she have spyware on her PC, and the transaction has indeed been done from her address, on her PC, without her having a clue.

shifty_uk · 12 Sep 2025 at 15:10

Do they have the original URL the trousers were purchased on? Could it be a phoney version of the website?

I’ve seen those before, similar URL, out by a couple of letter and styled to look identical, goods come(from east Asia) but your card details are out in the wild.

shifty_uk · 12 Sep 2025 at 15:14

Either way, it’s awful but can’t really blame the banks stance especially if it’s paid using a debit card. They must have fraud cases daily, the reimbursement would be coming out of their pocket. I’d be pushing the police more to see what they can do but don’t hold much hope.

ivrytwr3 · 12 Sep 2025 at 15:15

Freakbro said:
He asked her to buy him some work trousers online and gave her his card details.

That's the banks get out clause.

But, there was fraud/scam at the end of the day - by all means keep pursuing. It's not up to the bank to say the police haven't investigated enough, he has the police's official response; nfa against her. So they are left with fraudulent activity on his account.

Freakbro · 12 Sep 2025 at 15:21

ivrytwr3 said:
That's the banks get out clause.

That's what I said to him was going to be the main weakness of his case, but the police/bank don't seem to be making as much of that as I thought they would, but it's more about this same IP / device part. I was just wondering if there was an easy answer to that and I was going to include it on the submission to the FO.

ivrytwr3 said:
But, there was fraud/scam at the end of the day - by all means keep pursuing. It's not up to the bank to say the police haven't investigated enough, he has the police's official response; nfa against her. So they are left with fraudulent activity on his account.

Yea, I'll keep trying for him.

Destination said:
Could she have spyware on her PC, and the transaction has indeed been done from her address, on her PC, without her having a clue.

I believe it was on a phone rather than the PC, but I guess the same could apply? Though i assume (probably incorrectly) it's less likely to have spyware on a phone?

shifty_uk said:
Do they have the original URL the trousers were purchased on? Could it be a phoney version of the website?

I’ve seen those before, similar URL, out by a couple of letter and styled to look identical, goods come(from east Asia) but your card details are out in the wild.

I suppose the trousers turning up has made people think there was nothing wrong with the transaction, but I'll ask and see if I can check the website details she used.

shifty_uk · 12 Sep 2025 at 15:38

Freakbro said:
I suppose the trousers turning up has made people think there was nothing wrong with the transaction, but I'll ask and see if I can check the website details she used.

Share it if you can. Were you being serious with chums ltd, the mature mens and womens clothing site?

Script injections are also very common these days, might just be very unlucky.

booyaka · 12 Sep 2025 at 15:44

Having had some dealings with Financial Ombudsman over the years - I think it will be a very difficult case to "win"

As you have already said - he willing gave his card details to someone else (whether trusted or not), the fact the IP addresses match both transactions is another one that the Financial Ombudsman simply won't have the knowledge/IT skills to investigate properly.

Also with the bank and the police have concluded nothing obviously amounting to fraud - It will be up to you/your family friend to offer an alternative view as to how this has happened.

You will need to provide some evidence to contradict what has been offered so far by the police and the bank

Good luck

Freakbro · 12 Sep 2025 at 15:54

shifty_uk said:
Share it if you can. Were you being serious with chums ltd, the mature mens and womens clothing site?

Yea, Chums Ltd was the site for the work trousers, I'd never heard of them.

shifty_uk said:
Script injections are also very common these days, might just be very unlucky.

I'll put that in my submission to the FO

booyaka said:
Having had some dealings with Financial Ombudsman over the years - I think it will be a very difficult case to "win"

As you have already said - he willing gave his card details to someone else (whether trusted or not), the fact the IP addresses match both transactions is another one that the Financial Ombudsman simply won't have the knowledge/IT skills to investigate properly.

Also with the bank and the police have concluded nothing obviously amounting to fraud - It will be up to you/your family friend to offer an alternative view as to how this has happened.

You will need to provide some evidence to contradict what has been offered so far by the police and the bank

Good luck

Bummer, I thought (at first) it was going to be pretty easy to win, but the more I've found out the less confident I've been getting.

I'll do the submission and take it from there. The last chance after that is a legal case via his insurance (NFU) who said they can take it on if he gets no joy with the FO.

413x · 12 Sep 2025 at 16:13

I don't know the rules apart from what most of us know.

But I'd say admitting giving your details to a friend is a slam dunk loss right there.

I'd also actually agree with thr bank. The woman needs investing properly.
It sounds like she's either been conned, she is the conner, or something sketchy is on her PC, or the website has been hacked.

You'd expect if it was broadly an infection On her computer, she'd have fallen victim long ago.

Therefore I'd guess it's either her, or the website is sketchy.

Wouldn't bank on winning this one. There's a lot of steps where the bank isn't at fault imo.

radderfire · 12 Sep 2025 at 16:23

I think it's unlikely to be the lady.

It will either be her phone or computer are compromised, or some sort of payment system error.

I would start by asking Chums who they use for payment processing and ask whether they are connected to Bigo.

Then I would ask Bigo if they know anything about the transactions, they have a website:

BIGO TECHNOLOGY PTE. LTD.

The official website for BIGO Newsroom. Explore the latest news, media coverage and creator stories from BIGO Technology.

www.bigo.sg

Rob_B · 12 Sep 2025 at 16:25

I'm not fully clear from the way its worded but if the bank has told you the transactions were from the same IP and device then thats clear evidence against the friend HOWEVER he has been negligent by giving someone his card details and so the bank will, and has, decline to refund. It was not their fault. You could argue negligence by the bank for allowing multiple foreign transactions to go through but thatight be a stretch.

The ombudsman is a good next step however don't get your hopes up, the rules changed recently to make banks MORE liable for some things so its likely already been through a more forgiving process than it used to be.

Push the friend/police connection. The bank potentially use Threatmetrix, if so they have LOTS of information on the IP, device etc used for transaction and they may be willing to provide that to the police (they can do in cases of fraud)
Stolen card details won't have the same device signature as the genuine transaction so if they do then the friends device made the transaction.

shifty_uk · 12 Sep 2025 at 16:35

Freakbro said:
I'll put that in my submission to the FO

Just had a quick nosey there out of curiosity (didn't expect to see anything that wouldn't have been resolved right away), they're not using a common/off the shelf ecommerce framework(so less likely to be broken into) and there's no sign of unusual scripts at any point of the journey. Potentially an antiquated codebase right enough(ASP I reckon, plenty of old school js libraries on the front-end).

Not saying they suffered a script injection but it does happen, more than you'd think.

I'd start with making sure this was definitely the site she bought the trousers from, as others have said it could be the site, could be her computer, she could be at it herself..

Tough one to get anywhere with but good luck either way.

dcsarge · 12 Sep 2025 at 17:00

Hope you get it resolved. My mum had her account cleared via her Amazon account. Not sure how the details were compromised but it there were unusual items sent all over the country (N.I. too).

Amazon and her bank weren't very helpful to begin with until the police declared it non-customer fraud. The bank refunded everything in about a days.

Slam62 · 12 Sep 2025 at 17:06

It obviously wasn’t the lady, for example if they felt the need to the police could access all her bank transactions and online activity.
What the bank are saying about I.p. addresses, well if what they were saying was true the old lady would be under police investigation.
So yeah either the police haven’t done their job or the bank are trying it on.

Hagar · 12 Sep 2025 at 17:24

This is a sad case where people should not really be shopping online and should go to an outdoor shop in a local retail park or high street. Wherever possible for similar purchases I do this and I am still quite savvy with online shopping.
The bank have decided they don't want to pay , nine unusual payments taken from an account and they have not noticed it or queried it with the account holder? Twenty more after the account was blocked. I believe that they were negligent in not noticing the activity.
There was maybe inadequate safeguards on the lady's computer transaction however I don't believe that this absolves the bank in not blocking first and questioning second.
The world is ****** up and there are too many crooks to feel safe online and for the sake of some work pants I personally would not go onto the internet. Just look at Mark's and Spencers and the hit that they have taken and the lack of trust remaining.
The banks should really do better for its customers.

Diddums · 12 Sep 2025 at 17:26

Farmer you say? I reckon there's a pigeon in his bank account.

Feek · 12 Sep 2025 at 17:49

Freakbro said:
and gave her his card details

Sadly, this is the problem. Card details should never be shared and it gives the bank good reason to reject the claim.

booyaka · 12 Sep 2025 at 18:00

Slam62 said:
It obviously wasn’t the lady, for example if they felt the need to the police could access all her bank transactions and online activity.
What the bank are saying about I.p. addresses, well if what they were saying was true the old lady would be under police investigation.
So yeah either the police haven’t done their job or the bank are trying it on.

They can't access her bank or online activity without probably cause and a warrant.... Neither of which are easy to obtain.

The bank will always stand behind the fact he willing gave his card information to a 3rd party.... Like it or not - that's their out right there.

Hagar · 13 Sep 2025 at 08:16

Oh for the days when a neighbourly thing to do did not result in criminal ***** from the other side of the planet entering a person's bank and cleaning out their account.

E;