Chris Worfolk's Blog


Direct debit fraud

Did you know what with someone’s name, bank account number and sort code, you can set up a direct debit in their name and clean out their account?

Maybe you did. Maybe you had heard about it but thought it was just an urban legend. Maybe you didn’t. The issue came up in 2008 when someone used Jeremy Clarkson’s bank details to set up a fraudulent direct debit, after be made his bank details publicly available to prove that you couldn’t commit direct debit fraud simply with a few numbers. Of course, you actually can.

Ideally of course your bank details wouldn’t be in the public domain, but for some individuals and organisations, charities like ours for example, it’s fairly unavoidable that they end up getting out there.

This results in rather a lot of direct debit fraud.

The Gym, PureGym, Sky and Elephant are just some of the companies that seem apparently happy to let people pay for their services by using a charity’s name and bank details.

Is to too much to ask for banks to ensure the direct debits are legitimate? At HSBC, you have the option of placing care messages on your account. So you can be notified of all direct debits set up – it’s nice to get a letter to tell you there has been direct debit fraud on your account, but that they let it go through anyway – really reassures you that they know what they’re doing.

Worse still however, is that we have now blocked all direct debits now need to be confirmed with one of the trustees – yet when I checked the mail the other day I found no less than five new direct debits that had been set up without our authorisation. Ridiculous.

Metadata

This entry was posted on Tuesday, April 16th, 2013 at 10:59 am and is filed under Rants. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply