Skip to main content
  1. Home
  2. Computing
  3. News

UK woman loses home purchase deposit to phishing email

By

uk woman loses home purchase deposit to phishing email american advisors group
American Advisors Group/Flickr
A woman in the UK has been scammed out of her life savings through a simple phishing email orchestrated by cyber criminals.

Londoner Vivian Gabb, 59, received an email that she thought was from her lawyer, she told BBC News. Gabb was in the middle of buying a house and the email claimed she needed to transfer her deposit of nearly £50,000 ($78,000), which she did.

Little did she know her email account had been allegedly hacked and monitored by cyber criminals who pounced on the opportunity to siphon off such a large sum of money from one victim. The criminals had set up their own bank account at TSB under the same name as Gabb’s lawyer, Chris Smee.

The fraudulent email featured familiar and friendly language such as “Dear Viv” used in previous legitimate emails, which fuels her belief that her emails were spied on. “We have changed who we bank with, I forgot to inform you of the changes in the email I sent you yesterday,” read the fake email before providing the new details.

A couple of days after the transaction, Gabb realized Smee’s firm Barnes & Partners had not received the money. When she contacted her bank, it became clear that she was the victim of a scam and the criminals had already made off with the money from their fake account. Gabb, a self-employed Pilate’s teachers and tennis coach, says her banks, Halifax and TSB, are unable to do anything about it.

“Neither bank seems very troubled by my predicament. I am absolutely at my wits’ end with what has happened to me. There is no system of redress and I seem to meet a closed door every way I turn,” she told the Daily Mail.

“Halifax has categorically told me they do not consider themselves to be in any way responsible and TSB will not talk to me due to data protection issues,” says Gabb.

Halifax has said that this is a case of social engineering and it looks at every instance individually. The Metropolitan Police in the UK have also said that it can pursue the criminals but refunds and financial recovery is a matter “between the customer and the bank”.

Phishing campaigns of this size are usually targeted at businesses transferring large amounts of money so this makes Vivian Gabb’s predicament unusual. However once cyber criminals find a potentially lucrative individual in their trawls, they’ll put in some extra effort to land a big payload.

Topics
Jonathan Keane
Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more