Fraud is being ignored on Zelle by its big banking founders

Posted:
in General Discussion
Banks are ignoring the widespread problem of fraud on Zelle, a report claims, with the major financial institutions that founded the service seemingly not caring about issues with the payments platform.




Zelle is a popular payments app in a slowly saturating marketplace, one that enjoy backing from a group of major banks. However, that same group appears to have an indifferent attitude to fraud, with claims that it isn't their problem.

Customers who are victims of fraud that involves Zelle are being told there's little that the banks can do, and in some cases saying it wasn't fraud at all, despite the backing.

In one example told by the New York Times, customer Justin Faunce lost $500 to a scammer pretending to be a Wells Fargo official in January, one that occurred through Zelle. However, Wells Fargo says the payment wasn't fraudulent since it was authorized by the user, despite being tricked into the transfer.

Another customer, Bruce Barth, had a thief steal his phone and abuse his digital wallet, making charges to his credit card, withdrawing cash from an ATM, and making $2,500 in Zelle transfers. All of the accounts were held at Bank of America, which refunded all but the Zelle transfers.

According to BoA, the transactions were validated by authentication codes and therefore were authorized. This was said even though the phone was stolen and out of his control.

Barth said he "filed grievances with every agency" but all responses were "useless" in his case.

The banks are also aware that there is fraud occurring on Zelle. In reporting the fraud, Faunce was told by a bank representative "A lot of people are getting scammed on Zelle." and that "many people were getting hit for thousands of dollars."

Rules are rules, except when they're not

Part of the problem is that the banks believe they are absolved of responsibility due to Regulation E federal laws about electronic transfers, which specify they cover only "unauthorized" transactions. In scams where victims are tricked into providing confirmation codes to scammers, this is seen as being an authorization.

Customers also can't argue with Zelle about the transaction, since it is operated by Early Warning Services, a firm owned by seven banks. The list includes both Bank of America and Wells Fargo, as well as other major entities including Capital One and JPMorgan Chase.

The Consumer Financial Protection Bureau has tried to change matters, by advising banks in 2021 what fraud types they are required to reimburse consumers over. Under the guidance, banks must pay for transfers "initiated by a person other than the consumer without actual authority to initiate the transfer," which includes cases where the victim's iPhone or other smartphones are stolen.

However, the CFPB hasn't covered who is responsible if it is a case of fraud when the user is involved in the transaction by pressing buttons. The bureau say it "is aware of the problem and considering how best to address it."

It is this confusion that gives banks an opening to deny a repayment of lost funds through fraud.

"There are certain indicators that we look for in the investigation to let us know that there has indeed been fraud on the account," Wells Fargo told Faunce in a February 23 letter. "During the investigation, we were not able to find any of those indicators present and denied the claim."

While it is unclear how much money is being lost to scams through Zelle, the platform does play host to a considerable amount of transfers. In 202, Zelle facilitated $490 billion in transfers, more than double the $230 billion that passed through main rival Venmo.

Read on AppleInsider

Comments

  • Reply 1 of 13
    chadbagchadbag Posts: 1,999member
    I only use Apple Pay with Apple Cash, or if need be PayPal, to send money to others.  Or I give them a check. I don’t use Venmo or Zelle.  I don’t  trust them.  (Yes I know Venmo is owned by PayPal but it runs differently — I am sure they have upgraded their security but I worked at a payments startup several years ago and we looked at Venmo and it’s security and policies and found them lacking at the time). 

    I have had people pay me through Zelle (or it’s predecessor under a different name) but I won’t use it to send (or link my accounts to it for more than receiving  — I’ve only had a couple people at most send me that was several years ago). 

    The banks better start addressing this issue or they will see their investment go down the toilet as people flee their service as word gets around. 
    magman1979watto_cobra
  • Reply 2 of 13
    mike1mike1 Posts: 3,275member
    Banks are ignoring the widespread problem of fraud on Zelle, a report claims, with the major financial institutions that founded the service seemingly not caring about issues with the payments platform.

    Customers who are victims of fraud that involves Zelle are being told there's little that the banks can do, and in some cases saying it wasn't fraud at all, despite the backing.

    In one example told by the New York Times, customer Justin Faunce lost $500 to a scammer pretending to be a Wells Fargo official in January, one that occurred through Zelle. However, Wells Fargo says the payment wasn't fraudulent since it was authorized by the user, despite being tricked into the transfer.


    Wow. Talk about not taking responsibility for your own actions.
    The first example is the worst if you are looking to place blame. The idiot was scammed out of $500. What difference does the form of payment make? Change the transaction type from Zelle to Apple Pay to cashier's check to cash. You'd have the same end result. Problem has nothing to do with Zelle.
    shareef777bbhwatto_cobra
  • Reply 3 of 13
    larryjwlarryjw Posts: 1,031member
    I've had to deal with both Zelle, and Venmo because that was the only way a few vendors wanted to be paid. I don't like either. 

    In some cases, some vendors want me to send a check. I don't write checks anymore but my bank issues a check on my behalf. But, my bank takes week just to think about it, then mails it, which takes another week. In one case, the vendor who received the check took another week to cash it, then it takes time for the Fed do all this interbank transfers. 

    The Fed recently published a working paper on the pros and cons of the Fed issuing CBDC (Central Bank Digital Currency). It's an interesting read at https://www.federalreserve.gov/central-bank-digital-currency.htm

    In 2023 the Fed will implement the FedNow service that will allow almost instantaneous financial transactions 24x7x365. See https://www.federalreserve.gov/paymentsystems/fednow_about.htm

    You can be sure Apple among others are not sitting on their hands. 
    watto_cobra
  • Reply 4 of 13
    shareef777shareef777 Posts: 136member
    mike1 said:
    Banks are ignoring the widespread problem of fraud on Zelle, a report claims, with the major financial institutions that founded the service seemingly not caring about issues with the payments platform.

    Customers who are victims of fraud that involves Zelle are being told there's little that the banks can do, and in some cases saying it wasn't fraud at all, despite the backing.

    In one example told by the New York Times, customer Justin Faunce lost $500 to a scammer pretending to be a Wells Fargo official in January, one that occurred through Zelle. However, Wells Fargo says the payment wasn't fraudulent since it was authorized by the user, despite being tricked into the transfer.


    Wow. Talk about not taking responsibility for your own actions.
    The first example is the worst if you are looking to place blame. The idiot was scammed out of $500. What difference does the form of payment make? Change the transaction type from Zelle to Apple Pay to cashier's check to cash. You'd have the same end result. Problem has nothing to do with Zelle.
    Exactly what I was thinking. Being suckered is indeed fraud, but that happens (and has been happening since the dawn of man) with all forms of currency.
    watto_cobra
  • Reply 5 of 13
    ronnronn Posts: 653member
    "....customers [should] treat Zelle as they would cash. 'Don’t hit the button to send this money unless you would hand this person $100 and walk away, because the moment you send it, it’s gone' said Peter Tapling, a former executive at Early Warning who is now a payments consultant"

    It's just common sense. Except for the hospitalized customer who had his phone stolen, others in the news article were careless and should learn from the experience. I assist several elderly people with online transactions and issues, and I have to constantly remind them to not give out personal information to random callers/texters. My grandmother never falls for BS like this. If anything, she likes to give scammers the run-around. Keeping them on the phone for several minutes till they're frustrated and hang up on her. She's helped her friends avoid scams as well.
    watto_cobra
  • Reply 6 of 13
    bonobobbonobob Posts: 382member
    My bank keeps pushing me to use Zelle.  The first time, I wondered why they were doing this, since I was in the middle of doing a normal banking transaction.  So I read the terms & conditions.  First, it's not a bank, so banking laws don't apply.  Next, I read about the finality of all transactions, and no protection against fraud.  So I declined to use Zelle.  

    Zelle provides no functionality that I can't get by doing traditional banking.  The only reason these banks created Zelle is to bypass banking laws and regulations, and stick it to their customers instead.
    watto_cobra
  • Reply 7 of 13
    MicDorseyMicDorsey Posts: 100member
    mike1 said:
    Wow. Talk about not taking responsibility for your own actions.
    The first example is the worst if you are looking to place blame. The idiot was scammed out of $500. What difference does the form of payment make? Change the transaction type from Zelle to Apple Pay to cashier's check to cash. You'd have the same end result. Problem has nothing to do with Zelle.
    Idiot, huh? The scheme was actually quite elaborate, which you would know if you bothered to research the widely-reported details. But no, it's easier to be smug about it because it didn't happen to you. You're way too smart for that.
    watto_cobra
  • Reply 8 of 13
    bbhbbh Posts: 134member
    MicDorsey said:
    mike1 said:
    Wow. Talk about not taking responsibility for your own actions.
    The first example is the worst if you are looking to place blame. The idiot was scammed out of $500. What difference does the form of payment make? Change the transaction type from Zelle to Apple Pay to cashier's check to cash. You'd have the same end result. Problem has nothing to do with Zelle.
    Idiot, huh? The scheme was actually quite elaborate, which you would know if you bothered to research the widely-reported details. But no, it's easier to be smug about it because it didn't happen to you. You're way too smart for that.
    No, the Bottom Line from that comment was that the victim got suckered into making a LEGITIMATE transaction. I don't see Zelle's fault in this either. 
    ronnmike1watto_cobra
  • Reply 9 of 13
    macguimacgui Posts: 2,350member
    bbh said:
    MicDorsey said:
    mike1 said:
    Wow. Talk about not taking responsibility for your own actions.
    The first example is the worst if you are looking to place blame. The idiot was scammed out of $500. What difference does the form of payment make? Change the transaction type from Zelle to Apple Pay to cashier's check to cash. You'd have the same end result. Problem has nothing to do with Zelle.
    Idiot, huh? The scheme was actually quite elaborate, which you would know if you bothered to research the widely-reported details. But no, it's easier to be smug about it because it didn't happen to you. You're way too smart for that.
    No, the Bottom Line from that comment was that the victim got suckered into making a LEGITIMATE transaction. I don't see Zelle's fault in this either. 
    This is the unfortunate truth in one type of fraud. If someone with an empty gas can came up to a victim with a phony sob story about needed money for gas, and that someone forked over money, who's fault is that? First off, it's the one perpetrating the fraud. Secondly it's shared by the person giving up the cash. So it's the same as falling for any scammer's ploy.

    But there's also the stolen phone being used to access someone's account. Is it always the fault of the account holder if it's a thief pushing the buttons and not the account holder? Do Zelle and its ilk use 2FA? 

    AI recently published a story about a kid borrowing a stranger's phone under the pretense of needing to phone home. In reality he accessed the owners Zelle account and sent upwards of $3000. I a fairly short period of time, the kid had to search the phone for a Zelle account, access it and set up a transfer, all without the owner getting suspicious until it was too late. 

    What didn't the owner do that the could have done to protect the account, besides not given a street urchin their phone? Can the Zelle app be password protected?

    Getting played, be it falling for a scammer's ploy or your kid accessing your account for game level ups or whatever, isn't someone else's responsibility or accountability. 

    I don't have Apple's equivalent set up in Wallet mainly because I don't have a need to send "my grandson rotting in a Mexican jail" bail money etc. If my phone were stolen and somehow unlocked a thief would have access to my wallet. I wouldn't mind having an additional 5-digit PIN to access the Wallet, or payments from anything in it for an amount I choose.

    There's the possibility of getting to another Apple device to erase the stolen phone before somebody starts dipping into accounts, but that's not a given. So maybe there's something the Zelle cartel can do to restricting access better. Whether or not the owner uses any additional safeguards would be their responsibility. Inconvenience is the price of enhanced security, but I'd like the option.
    muthuk_vanalingamwatto_cobra
  • Reply 10 of 13
    mike1mike1 Posts: 3,275member
    macgui said:
    bbh said:
    MicDorsey said:
    mike1 said:
    Wow. Talk about not taking responsibility for your own actions.
    The first example is the worst if you are looking to place blame. The idiot was scammed out of $500. What difference does the form of payment make? Change the transaction type from Zelle to Apple Pay to cashier's check to cash. You'd have the same end result. Problem has nothing to do with Zelle.
    Idiot, huh? The scheme was actually quite elaborate, which you would know if you bothered to research the widely-reported details. But no, it's easier to be smug about it because it didn't happen to you. You're way too smart for that.
    No, the Bottom Line from that comment was that the victim got suckered into making a LEGITIMATE transaction. I don't see Zelle's fault in this either. 
    Can the Zelle app be password protected?

    I have only used Zelle through my banking app, so yes, it is behind another password/Face ID cerification.

    watto_cobra
  • Reply 11 of 13
    WCMSWCMS Posts: 1member
    Those that are calling people idiots clearly don't understand how the scam works. This fraud is being done by folks on the inside. First they send the person a text alert just like the banks do when your account has been comprised. Once you reply now they know they have the correct information somehow. Then they have an automated system call you to verify the recent charges just like the banks do. Then once you go thru the automated questions a live person comes on the line just like when there is real fraudulent transactions taking place on your account. The person provides his name & ID number. They spoof the actual bank's 800 number that is on the back of your debit card so when you look at your caller id you really believe you are speaking with your bank. They even spoof the bank's email so that the email they send you looks like it came from your bank. They have your information so they provide you with all the right information to further convince you that you are indeed speaking to your bank's representative. You send yourself a Zelle payment (like you have done many times in the past without any issues) thinking you are protecting your money only to find out that they have somehow hacked the entire system & your money never makes it to your account! So no it ain't just about having commonsense in this situation. Given how sophisticated the scam is the only conclusion one can make is that it is defiantly an inside job! Someone or someone's with inside knowledge of how the banks & Zelle process transactions are the only ones who could pull this off. The average person doesn't no how to send spoof text alert messages, spoof actual businesses 800 numbers, spoof businesses emails, etc. You say well person should have just hung up. Well how many times have you had to call your bank for something only to go through multiple props, get transferred around from dept to dept, left on hold or after holding for 30 to 45 minutes have the call dropped by the customer service agent either accidently or on purpose?? I've gotten the run around many times by banks and other large companies when trying to settle a dispute, order a product etc. Keep in mind we are talking about someone's money so after getting a fraud text alert, email and then phone call the last thing a person is thinking is that they are going to hang-up and try calling back an 800 number risk getting transferred around or hung-up on.
    watto_cobra
  • Reply 12 of 13
    mike1mike1 Posts: 3,275member
    WCMS said:
    Those that are calling people idiots clearly don't understand how the scam works. This fraud is being done by folks on the inside. First they send the person a text alert just like the banks do when your account has been comprised. Once you reply now they know they have the correct information somehow. Then they have an automated system call you to verify the recent charges just like the banks do. Then once you go thru the automated questions a live person comes on the line just like when there is real fraudulent transactions taking place on your account. The person provides his name & ID number. They spoof the actual bank's 800 number that is on the back of your debit card so when you look at your caller id you really believe you are speaking with your bank. They even spoof the bank's email so that the email they send you looks like it came from your bank. They have your information so they provide you with all the right information to further convince you that you are indeed speaking to your bank's representative. You send yourself a Zelle payment (like you have done many times in the past without any issues) thinking you are protecting your money only to find out that they have somehow hacked the entire system & your money never makes it to your account! So no it ain't just about having commonsense in this situation. Given how sophisticated the scam is the only conclusion one can make is that it is defiantly an inside job! Someone or someone's with inside knowledge of how the banks & Zelle process transactions are the only ones who could pull this off. The average person doesn't no how to send spoof text alert messages, spoof actual businesses 800 numbers, spoof businesses emails, etc. You say well person should have just hung up. Well how many times have you had to call your bank for something only to go through multiple props, get transferred around from dept to dept, left on hold or after holding for 30 to 45 minutes have the call dropped by the customer service agent either accidently or on purpose?? I've gotten the run around many times by banks and other large companies when trying to settle a dispute, order a product etc. Keep in mind we are talking about someone's money so after getting a fraud text alert, email and then phone call the last thing a person is thinking is that they are going to hang-up and try calling back an 800 number risk getting transferred around or hung-up on.
    I admit that this is an elaborate scam. However, everyone SHOULD know that you NEVER provide info to anyone who calls you. You call the number on the back of your card or statement etc. Every time I have received a call/message about possible unauthorized credit card use, the message said to call back the # on the card. Not a phone # they leave.

    ronn
  • Reply 13 of 13
    A scam can happen to anybody especially if they are as complicated  as this one. I went another route that people often avoid going through: I read the fine print. 
    I realized that even though  I had gone through my bank’s app, they would not refund any money should my merchandise not be received.  I quickly closed the signing up process and warned my husband about it. He was the one who wanted to use it to buy something online.  My bank does send text messages and asks to press “ Y” if I have authorized the transaction or “N” if I haven’t and call the bank. They don’t call you directly. I dont know if they would follow the same procedure with Zelle since it is a transaction initiated by me.  Each bank has different red flag policies  and if one has never had a fraud alert from their bank, they are not aware of their bank’s procedures. I feel bad for these people. I’ve been scammed myself and it doesn’t matter how insignificant the amount is, it is always a punch in the gut. The “I can’t believe I fell for that” lingers for a while even if the amount was as insignificant as $30.00. I can’t imagine what it would feel like being scam a chunk of your earned wages. 
    edited March 2022 muthuk_vanalingam
Sign In or Register to comment.