- Select a language for the TTS:
- UK English Female
- UK English Male
- US English Female
- US English Male
- Australian Female
- Australian Male
- Language selected: (auto detect) - EN
Play all audios:
French telecoms companies have changed the way calls are identified after France’s highest court sided with the victim of a telephone banking scam who was conned out of €54,500.
Telephone operators are now required to authenticate the origin of calls to stop fraudsters from being able to ‘fake’ numbers; a practice sometimes called ‘spoofing’ or ‘phishing’.
And consultations are continuing to see if there should be more regulation to make phone companies responsible for helping to compensate victims of scams carried out in this way.
“This will help reduce the amount of spoofing where a fraudster takes the identity of a legitimate telephone number, such as that of a bank or government administration, to gain the trust of
the victim,” said Banque de France’s Observatoire de la sécurité des moyens de paiements, a body which gathers statistics on payment methods and amounts.
Read more: Identities of 12 million people in France potentially leaked in cyberattack: how to protect yourself
Using the new Mécanisme d’Authentification des Numéros system, telecoms operators will now automatically check that numbers have not been spoofed by crooks, and block suspect calls.
It follows a recent case at the Cour de cassation (supreme court) in which a victim conned out of €54,500 in just a couple of minutes by a fake bank employee successfully claimed the amount
back from their bank.
Contacted by telephone, with the bank’s name and number showing on the screen, the victim was told by a woman pretending to be an assistant of his usual bank contact that the branch was
worried his accounts had been hacked.
Pretending to carry out security checks, she asked the victim to delete five people from a list he had previously registered with the bank for direct payments. He was then instructed to
register them again via SMS links over the mobile telephone, using his confidential codes.
The caller said that as a result of the attempted hacking the victim would not be able to check his bank balance for a couple of days.
After the call the victim telephoned his bank and was informed that no security checks had taken place. Two days later, debits of €54,500 appeared on his accounts.
Read more: Scam alert: Watch out for fake text messages from French banks
He asked BNP Paribas to repay him – under French law clients must be repaid if they are victims of bank fraud – but the bank refused.
It argued that by giving his confidential codes, the client had committed ‘négligence grave’ (gross negligence) absolving the bank of responsibility.
When the case reached the supreme court, judges ruled that it is always the bank’s responsibility to prove that the client was negligent and in this instance, given the circumstances of the
fraud, the bank could not prove its case.
In particular, the fact the crooks were able to spoof the real number of the bank, and that the fake bank employee assured the victim that carrying out the procedure over the telephone would
be safe, meant the client was not in the wrong.