Posts Tagged ‘crime’

Gwyn Headley

by Gwyn Headley

Managing Director

Last Saturday I went to Lord’s to watch the third day of the England New Zealand test match, which was neatly wrapped up by England on the following day. Well played, Broady!

I was sitting with three old friends, and one of them — let’s call him David, as he values his privacy — told me this astounding story of how he had been scammed out of some £4,000. David is an intelligent and sophisticated man, a successful corporate advisor and business planning consultant. He is nobody’s fool. This, in his own words, is what happened to him:

I was sitting at my desk in London on the evening of Thursday, 9th May, when my telephone rang. A man introduced himself as DCI Harris from Holborn Police Station. He gave his number as EK 457. He said that two Eastern European men had just been apprehended on the suspicion of credit card fraud. They had details of various people that they might have been targeting and I was one of them. He gave me an incident/crime number (No. 29121575665) and advised me to get in touch with my credit card company and have a block put on my account(s).

I rang off and then looked at the back of my Barclaycard Visa debit card for the Barclaycard Customer Services contact number. I dialled the number and got through to a Customer Services lady (who later said that her name was Louise White) and I told her about DCI Harris’ advice. She took the details of my Barclaycard debit card and then proceeded to ask me some questions to verify that I was who I said I was. Among these questions were my date of birth and my mother’s maiden name. She also asked me to give details of a direct debit on my account, including the payee, the amount paid and the time of month that it was paid.

She appeared satisfied about my identity and then asked when I had last used the card. I said that I had withdrawn £100 from a bank in Essex on the previous day. She said that she could see that transaction, but she then mentioned four further transactions that had taken place that evening near to Oxford Circus. I said that these certainly were not my transactions. She said that my card must have been compromised.

She then said she was going off to see if she could get hold of DCI Harris to see if these might be transactions carried out by his suspects. She said that it was important that I stayed on the ‘phone while she did this, so that she was sure of my whereabouts. She returned a little while later to say that the police thought that they might have a suspect who was actually using a card with my number on it. He was later reported to have got away.

She then asked if I had any other credit or debit cards. I said that I had a Barclaycard Visa credit card and a Barclaycard Mastercard credit card. She asked for details of these cards and she looked up the activities on them. She read out a list of recent transactions on them and these were in the West End that evening. I said that none of them were anything to do with me. She asked me if there was anyone in my household who could have copied my cards. I said that there was only me, my cleaning lady and my brother, who had stayed overnight recently, and I was sure that they wouldn’t have done anything.

She then said that she must speak to her boss and again said that I must stay on the line while she was away, emphasising that I might be considered to be a suspect in a fraud. She came back to say that a special team in Surrey was working on this sort of fraud and they wished to have my cards to examine and contrast them with some counterfeit ones. They were going to send a courier to collect them. She would therefore put a block on my cards and would then ask me to put them in a sealed envelope for collection – it was important that only my recent fingerprints were on them.

She then went through the process of putting a block on each of the cards – this ended with me having to tap my pin number on to my telephone keypad. During the time that the courier was coming up from Surrey, she asked if I had any other credit cards and I said that I had an American Express card. She said that she would be able to ask American Express if there had been any recent activity on that card. I therefore gave her the card number and she came back with a list of very recent transactions. These had nothing to do with me. She therefore advised me to put a block on this card as well and went through the same procedure. She suggested that this should also be sent to the Surrey experts.

There then followed a period during which the courier was coming up from Surrey. While we were waiting, the Barclaycard lady said that she needed to write a report on this whole event for her boss. She asked me which phases I could remember and we constructed a report together. The courier then arrived in uniform, collected the envelope of cards and left. I didn’t get a view of any vehicle.

The Barclaycard lady wanted me to stay on line in case there were any further queries. I inadvertently dropped the receiver a short time later and was planning to ring the lady back, but couldn’t find her number. Without her pressure, I was able to think what I had done and realised that there could well be a scam here (although I had never doubted the ‘Barclaycard’ lady during our conversations). I thought that I would go down to Notting Hill police station and ask whether DCI Harris existed. They were very busy with other things at the station, but they took time to tell me that I was undoubtedly the victim of a scam and lent me their telephone to call the real Barclaycard. My respondent there confirmed that money had been withdrawn from each of my Barclaycard accounts in the last hour or two. I then realised that I had been completely hoodwinked.

I now realise that the key element in the scam was my telephone. When I rang off initially, the ‘policeman’ stayed on the line and the scammers were able to create a dialling code when I lifted my receiver and appeared to get through to the ‘Barclaycard’ lady. She kept my attention and confidence very cleverly throughout the rest of a very long conversation.

If you get a call like this, call your card company on a different phone, as per the last paragraph. If this can happen to David, then it can happen to any one of us. Fraudsters used to be relatively easy to spot — Dere valued Natwest customer pliz give me yore pin numbre now, yours in the Lord — but now they are getting smarter than us. David got his money back from the banks, of course, although American Express seem to be reluctant to settle. And the scammers have got away with £4,000 plus. And the banks will want to recover that somehow, so gradually they’ll get it back from us, in higher costs.

We all suffer.


Perpetual Vigilance

January 23rd, 2013
Gwyn Headley

by Gwyn Headley

Managing Director

I don’t know if it’s age, cynicism or personal general grumpiness but there seem to be a lot more villains around now than when I were a lad.

If you run a shop, shrinkage is the name you give to shoplifting. I guess it’s endemic. If you run a website like fotoLibra, you make sure you are as well protected as possible from shoplifters, or hackers if we use a general term for web-based criminality.

To put it in terms that I understand, we have to stop thieves. We have two sorts — those who want to steal your photographs, and those who want to steal our money. The latter is far more common, I’m sorry to say.

Stealing photographs, first of all. The basic fact is they can’t, not unless they can design and mount an incredibly expensive and sophisticated assault on our firewalled servers. But frankly, we’re not Cartier or Tiffany. It’s much cheaper to buy an image from us than spend months trying to figure out how to steal it. So there’s little incentive. The few infringements we do spot are people using fotoLibra watermarked Previews on their websites, on the basis that if it’s on the internet, it must be free. On behalf of our Pro and Platinum members, we have successfully sued every commercial infringer we have discovered in our jurisdiction.

Stealing money is far more devious, and we fell for it once — and only once. This is how it works. First ‘You’ steal someone’s credit card details. Then You join fotoLibra as a free member and upload one picture. Then You join fotoLibra as a buyer, using the name on the stolen credit card. Then You buy the picture You’ve just uploaded for a humungous amount of money, using Your stolen credit card.

Unfortunately for You, we at fotoLibra scrutinise every sale carefully, and if something doesn’t look right, we pounce — unlike lethargic banks and credit card companies.

There was an incident last year when an Indonesian photographer uploaded a couple of images and six hours later two separate women in the USA signed up as buyers and bought his images for large sums of money. We notify photographers of sales every 30 days, but somehow our Indonesian chummy felt sure his images had been sold long before we would have informed him and pestered us daily to pay him ‘his’ money. We didn’t, and six weeks later the bank removed the entire amount from our account, citing credit card fraud. Strange that we never heard back from the photographer after we informed him a criminal investigation was under way.

Yesterday and today we made two big image sales, both of (I’m sorry to say) of unremarkable images, both uploaded by different Vietnamese photographers. One was bought for a great deal of money by an Australian, the other for nearly as much money by a lady in Leicestershire.

Now if my name is Gwyn Headley, I can’t for the life of me see why I should open a Hotmail account under the name of It’s just not logical. So when we saw the lady in Leicestershire — let’s call her Lulu Leicester — had ‘bought’ the image using the email address Debbie Derby the first warning bells began to ring.

We searched for ‘Lulu Leicester’ online, and found a telephone number for her. She is a respected academic. We rang her and asked ‘Have you recently bought a photograph from’ No, she hadn’t heard of us. ‘Does your credit card end in 1234?’ Yes, it does. “Cancel it immediately,’ we said, ‘it has been compromised and has been used in an attempt to commit fraud.’

We haven’t contacted the Australian gentleman, but as he signed up as a buyer seven minutes after the second Vietnamese photographer joined up and uploaded his one photograph we suspect he’s probably not what he claims to be.

All this takes time and vigilance. The scam works this way: we pay 50% of the money we receive to the photographer, the thieves prove the use of a working credit card and go on to empty its resources in a matter of hours. Six weeks later (it’s always a little over six weeks, never any quicker) the banks wake up and deduct the money from our account, never informing us in advance.

The Australian purchaser tried three different credit cards in three different names before the fourth went through. We cancelled these transactions immediately.

We can track these people down — we know where they are — and we would be happy to pass the information on to the competent authority. The trouble is, who has the authority? And are they competent?

Wouldn’t it be nice if the banks were as alert as we try to be?