Written evidence submitted by Lloyds Banking Group plc (OSB0135)
We are a financial services group focused on retail and commercial customers – with millions of customers in the UK, and a presence in nearly every community. It is our role to help businesses and individuals, while making a positive contribution to the communities in which we operate. Lloyds Banking Group incorporates a number of household names like Lloyds Bank, Halifax, Bank of Scotland and Scottish Widows.
Case study – example of a financial scam involving a cloned website
David [J] is an 81-year-old retired businessman and has been a Halifax customer since 1992. In January this year, Mr J completed an online questionnaire expressing interest in taking out a two-year fixed bond investment. The next morning, he received a call from a man claiming to be a representative of a well-known investment company saying he believed Mr J was interested in investing and suggesting he send a prospectus.
This initial interaction prompted a series of convincing activities including e-mails, a cloned website and even calls from someone claiming to be a compliance manager checking Mr J’s eligibility to invest and using terminology you might reasonably expect to hear when investing, such as: “are you sure this is the right investment for you?”; “you’re not investing all your money – are you leaving yourself a nest egg?”
There was nothing in this professional approach that screamed ‘fraud’ and he was keen to invest £80,000 that he had set aside for his children. By this point Mr J had provided his ID and signature to progress the application. When he went into the local Halifax branch to make an electronic transfer to the ‘investment company’, the Halifax bank staff asked for more details about the payment. Looking at the paperwork provided from the ‘investment company’, the staff expressed concerns specifically around the receiving bank account details, the requested ‘reason for payment’ that didn’t mention an investment, and also assurances that should any alerts be received during the transfer, not to be alarmed.
They spoke to Mr J about these at length and through their conversation it transpired that Mr J’s brother-in-law had held an investment with the (legitimate) investment company in question for a number of years. The staff suggested he check the details provided with his brother-in-law before any transfer was made, and on contacting the legitimate business it became clear that fraudsters had been at work and it was all an elaborate scam. The staff have since helped point out a number of resources to help Mr J stay safe following the details he unwittingly provided to the fraudster including:
Mr J has reported the scam to the FCA which is aware of activities of people claiming to be from this company, and he has also contacted Cifas [the cross-sector fraud prevention organisation], keen to do whatever he can to prevent this from happening to other people. Mr J is tech-savvy and has since installed a VPN connection to provide additional protection for his e-mail.
 DCMS / Home Office press release, 12 May 2021: https://www.gov.uk/government/news/landmark-laws-to-keep-children-safe-stop-racial-hate-and-protect-democracy-online-published