Whatever next? The Inflatable Fraud squad? The Cardboard Traffic Division? The Dehydrated Instant Serious Crime Agency? The "Paint by numbers" Art Fraud unit? Special wood-effect laminate? The hanging-from-a-hook-on-wires Squad?

Coat please - the artificial fur.

So it's inappropriate to comment during "an investigation". How about El Reg keeps tabs on this and asks Barclays to comment when "the investigation" is complete? My guess is the response then will be "we don't comment on security matters", hence keeping us all in the dark as to why their staff failed in their duties to obtain proper confirmation of identity before issuing a replacement card.

Meanwhile, what are the Post Office up to? Accepted forms of ID include a Tesco Clubcard now? It's hard enough to understand how they accept just "having a credit card" as ID. I questioned once how I was able to pick up a parcel for my next door neighbour (as a favour) and was able to do so just by proving that I was mature enough to have a credit card with my name on it. They didn't seem to care that the name on the "missed delivery" card wasn't the same name.

We pay for the convenience of being able to request new cards over the phone and having them delivered to our door by a corresponding drop in security. I'd much rather find ten minutes to go into my branch with proper photo and address ID to pick up a replacement card.

shouldnt that be

Dehydrated Instant Serious Crime Organisation

...think of the acronym

taxi for one.

I suppose the only saving grace in this story is the fact that the guy got all his money back from the bank.

You assume these sorts of things happen when the victim has been stupid enough to blindly follow a URL in a phishing email or otherwise not perform the necessary due diligence, not when it all happens completely without his/her knowledge or participation.

Barclays and the PO need to be asking some serious questions of the staff involved in this as in my mind they are complicit in it. Banks should be especially resistant to social engineering scams. I'm also assuming that as an IT Director the guy doesn't move around tens of thousands of pounds around often - why weren't any red flags raised?

Scary really - could've happened to any of us.

I'm currently involved in a case where a crook changed owners and company details and used that filing at Companies House to adjust the bank mandate. Ridiculous as it sounds, the bank accepted the change of such details as name and directors/owners without any problem or question (despite having received prior warning that somewhat was afoul), and eventually paid the crook funds.

No, you didn't misread that. They paid funds without a valid mandate on the strength of Companies House records, and it now has to go to the Financial Ombudsman first to see just how insane this can get (you may imagine that the Bank declares full innocence here).

So we have a case where a bank accepts Companies House records as absolute proof despite it being well known that Companies House does not do ANY, repeat, ANY checking on anything filed. Sure, it's illegal to "knowingly file false information" but as Companies House "only holds the records" the only way this goes to court is if you do it yourself. Given the preparedness of the bank (who shall at present remain nameless until we have a judgement) to hand over your money on totally false information - with what money are you going to fight both criminal and bank?

As far as I can see the criminals have already won. Government systems are useless, police forces have a *serious* aversion against collaboration and are in any case virtually stopped by red tape instead of real oversight and if you eventually get to them they'll claim to be destitute and leave you with a huge legal bill..

When I changed the postal address for my bank account all I needed to give them was my bankcard. No questions, no ID, no utility bills, nothing.....

so, i would like to know how much needs to be stolen before this crime unit will even investigate.

some months back, an internet fraudster used my wife's debit card to purchase stuff (and, unbelievably, pay CC charge) online.

fortunately she noticed the next day, and we only ended up loosing a few hundred pounds (which insurance paid back)...

We had a name and delivery address (in london), and also believe that the culprit can easily be traced through the CC charge transaction (against their vehicle registration, foolish person!), so we called the police who told me that they 'were too busy with serious crimes' and that our case would never even be investigated by them!!

the fraudsters were traced and we had iron clad evidence, but were they even 'disturbed' by the police. they were not, and no doubt continue to rip off others with impunity.

Of course the bank paid up.

It cost them a few grand - and the PR gets all of us saying, "Well that's OK then, nothing to worry about, I'm safe because the bank will give me my money back."

ID fraud and its results are being hidden behind a screen of PR like this. The banks will never tell us how much is being stolen because that would be admiting that there is a problem and they haven't done much to stop it.

Actually they should get real systems in place to stop ID theft and the resultant fraud. But that might cost them more in the short term.

So we all have ID cards and have to take them to the post office or bank to identify ourselves.

Now, if it the registration process could only be outsourced to Tesco wouldn't that be good.?