Where's that Mr Perry , Andy Hall etc ?

Lots of organisations publish account number and sort code for paying in purposes. Will this stop ? Simon.

Clarkson won't have a lost a penny due to the direct debit guarantee

of course mentioning this would not have enabled him to have a go at the bank industry and 'PC' legislation.

In message , at 19:12:50 on Mon, 7 Jan

2008, geoff remarked: [I don't currently read threads from uk.d-i-y unless they are crossposted somewhere I do read.]

As for this Clarkson episode, as ever what's the risk that people perceive?

There's no permanent loss of funds to Mr Clarkson, nor any funds available to the perpetrator, but a prankster has caused Mr Clarkson some inconvenience (by which I mean he has to repudiate the DD, rather than he's embarrassed it happened).

And on the way lots of misinformation about DPA, which doesn't help anyone, frankly.

Clarkson won't have a lost a penny due to the direct debit guarantee

of course mentioning this would not have enabled him to have a go at the bank industry and 'PC' legislation.

With rights come responsibilities. I think it could be argued that the 'victim' was reckless and lacked responsibility. I hope he doesn't get anything.

mark

These details are available to anyone you send a cheque to for goods to be delivered by post to your home. Or indeed if you want an electronic transfer into your account.

As I seem to recall mentioning at the time, had the DD been set up to pay off a credit card (or better still "load" funds onto a single use disposable card) then the funds would be available for general use by the fraudster.

The fact that Clarkson may get his money back under a DD guarantee is not exactly the point - its still real money that came from somewhere (i.e. the law abiding customers of these services and products) and is now in the hands of a fraudster.

In message , at 02:49:50 on Tue, 8 Jan 2008, John Rumm remarked:

If you don't want to be caught rather quickly, the Credit Card would have to be in the name of someone whose identity (and mail delivery address) you'd previously stolen. Why go to the trouble of paying off such a card from funds stolen elsewhere, rather than just walking away?

Also I would expect that a check would be done if the account name for the bank account and the credit card weren't the same.

"Dave Plowman (News)" wrote

That may be the case, but the excercise emphasises the point that fraudsters don't need the more specific details (expiry date and security code) associated with your bank card to withdraw from your account. When you send a cheque or carry out a phone purchase you are exercising a level of trust toward the vendor in divulging your personal information and expect that trust (rightly or wrongly) to be honoured. Personally I have never purchased anything "on-line", believing the person-to-person phone option to be less of a risk. However, two train tickets were booked on my account last year via thetrainline.com (of which I have no knowledge). Also I was recently emailed my account details, name and address and (company) phone number by an internet based fraud-prevention company offering to monitor the web and alert me of any occurrences of these details.

Although I had the bank issue me a fresh card (i e changed expiry and card number) the Clarkson stunt does indicate that this is probably not enough and I need to change my account completely.

Phil

[...]

I'm surprised the pranksters didn't choose something more appropriate, like the Rambler's Association or Friends of the Earth...

Anyone know what did JC write to let people find out his address? Sounds a very odd and unusual thing for a 'celeb' to do, whatever the reason.

David

Well you could use it to obtain goods/funds way in excess of the credit limit of the card, for a start.

OK, so I work in the accounts department of a big utility company, which gives me access to millions of bank account details, or I've just bought myself a copy of the missing Child Benefit CDs. What's to prevent me from furnishing myself with a stolen identity and credit card (which I'm sure is pretty straightforward to do if you know the right people), and then over the course of several months, setting up a gazillion direct debits for small, random sums of money, all set to fire off on a given date?

Some of the dormant d/d set ups would get spotted by observant online account holders and get cancelled, but are unlikley to ring major alarm bells as they are for small sums, and no money had actually been taken.

After the d/ds have paid out, people will start to spot them on their statements and question them, but again, as they are small sums I'll have bought time to spend my ill-gotten gains before anyone cottons on to the size of the fraud.

I don't get caught because there's no pattern to the accounts I've stolen due to the sheer magnitude of the database I've used, and I've taken basic precautions to conceal my IP address etc

Wouldn't that work?

David

Even with the address and the bank details, you don't know any more than you've always known about somebody paying you by cheque. Online accounts I've set up always involve the bank sending me something in the post so, unless the fraudster had access to Clarkson's letter box, how could this have happened? I think what the banks are probably in denial about is the level of dishonesty among their own staff

In message , at 09:45:26 on Tue, 8 Jan 2008, Lobster remarked:

Probably the fact that you can only have one DD feeding into each credit card. The reason those DDs exist is to pay off the card each month. The amounts you can receive by such DDs (as far as I've seen) are "Minimum Payment" or "Whole Payment". Some CCs might allow random amounts of money, but could perhaps cap that at the amount due on the card (the CCs don't like you to overpay, and after all their core business is lending

*you* money!)

And we haven't yet established that you can [easily] set up a DD into a credit card account using a bank account with a wildly different name.

In message , at

09:04:25 on Tue, 8 Jan 2008, TheScullster remarked:

I think you have made a wrong assessment. Buying by phone guarantees that your details passes through a person (who can make notes). Getting details for an online transaction requires someone to access the back office database. Phoned-in orders will inevitably end up in that same database.

In message , at 09:19:57 on Tue, 8 Jan 2008, Lobster remarked:

He probably said where he lives. Isn't it somewhere famous like Chipping Norton? That narrows it down enough to search other places (according to reports today, in the Electoral Roll).

Later... I guessed right!

In message , at 10:16:26 on Tue, 8 Jan 2008, Stuart Noble remarked:

I wonder if he's sufficiently busy [1] that he has a personal assistant to deal with his correspondence and routine financial affairs. They may have seen the DD confirmation and put it on a pile to "check with Jeremy later". Indeed, it may have been while that check was being done that Jeremy rumbled it (and the bit about seeing it on his Bank Statement is while strictly speaking true also a certain amount of poetic licence).

[1] He seems to do a lot of filming trips all over the world, and a weekly TV show plus newspaper column isn't a picnic.

I thought it was in the hands of a charity: the 'fraudster' submitted a DD to the charity using the publicised details. So JC gets his money back instantly and the bank then reclaims it from the charity. Much as a chargeback on a credit card. Which is why you have to pass stringent checks before you can get a credit card merchant account or be able to instigate direct debits.

wouldn't find me on the Electoral Roll as I'm on the abbreviated register, as I suspect anybody remotely well-known would be. Not that I'm paranoid or anything, but I have occasionally tried to track myself down online just to check the efficacy of measures such as being ex-dir, off the main Electoral Roll, and anonymous in internet forums, and never managed to do so.

David

Rats. That's my career as a criminal mastermind nipped in the bud, then.

David

Maybe I am mis-understanding the use of the abbreviated register but I was under the impression from the bumpf circulated by our council that the main register with _all_ electors names would still be available in the local library but that you would not be on the abbreviated one that is sold to commercial organizations for marketing purposes.

Andrew