AIB fraudulent transactions

Interesting. From the two cases mentioned here today it sounds to me like they know they may actually have a weakness somewhere in their processes and they can't 100% stand over all of the payments being authorised properly. That would tally with the posters saying they definitely didn't click on the push notifications despite AIB saying they did. If it was just a goodwill gesture they wouldn't do it so quickly.

I found it frustrating when they changed the app to require the full 5-digit PAC, previously it would only ask for a random three digits. They were saying for years that they'd never ask for the full PAC and now it's being done "to improve security". If anything, it's less secure now.

All I can say is Jaysus! If you followed that through they'd have everything. I got the original text a couple of days ago. I bank with AIB but obviously didn't reply. I wonder would they send someone to pick up the card? Would be great to have the guards there to nab them!

The idea that they'd send an "AIB trained dispatch driver" out to collect one card should be a red flag but the damage is pretty much done at that stage. I have visions of a unit in AIB training up drivers to drive at high speed to collect these radioactive cards.

I worked both in B of I branches in the 80s, and the call centre in the late 90s. It wasn't too bad then, but I'd hate to be in any kind of a role like that now. Staff have very little authority to do anything and as for a manager taking responsibility!!

Reading the whole thread, there are a few things I think need pointing out, which may be obvious to some of us (Im clearly now in an older generation).

1. Dont answer/reply/click on out of the blue links/any form of what might be best described as cold calling links, Dont do it.
2. If verifying a contact or communication, look up the banks contact number separately and contact them by a different means, ie dont reply to the contact
3. That said, there is no rush or urgency in replying to valid enquiries, and anything that puts the pressure on is clearly trying to put the pressure on,so be even more cautious.
4. Have another or multiple other unconnected means to access payments or cash, such as a different debit card from a different organisation or simply have a credit card (I feel there is better protection there anyway) OR both AND/OR access to cash, and while I dont use a CC regularily, I mostly, possibly only use my Debit Card for known physical transactions at supermarkets/petrol stations etc.
5. I think this could be a big one, DONT keep all your money in one account ie like your current account, or the account associated with or linked to your debit card. It seems to me that if someone does access that, they can only get the money from there, if you have the bare minimum in it (they usually give no or appalling interest), so why keep every cent you have in that account?? Id say dont keep everything you have in one account for security reasons, you could transfer money into it if required, and even have a Revolut (or similar) account/physical card for making transactions outside known established organisations, not sure if the thinking is correct, but I treat it like having layers of security, if someone does gain access to your revolut, then they can only take whats there, so like your Current Account, limit that amount to what you need.
6. Its possible if someone clicks on links and provides enough information, then a scammer may be able to transfer funds from other accounts.

Big problems I see, are that people are used to clicking on links to do things, So they just persist with the same response unquestioningly. In my own experience, the Banks (well BoI for sure) has contacted me out of the blue OR in response to an enquiry AND then asked for verification information after effectively cold calling me, so it isn't the customers that just do it (although it is poor), while one arm of the bank is saying dont do a certain thing (like responding to out of the blue correspondence) In my experience at least, one Bank has done to me, the very thing they advise customers to not respond to, where they asked for security details, I have highlighted and complained about that,but got no response back on it.

Be cautious and treat communications with suspicion, if they are genuine, any communication shouldnt be so urgent to require a response immediately OR mean you couldnt simply locate a number for the bank or have them saved on your phone already (if only I was so organised) and contact them by a different means.

In a couple of instances, where I was 99% convinced I was being contacted (over the phone) by my Bank, where I was not 100% or just unhappy they were undermining their own advice and the sensible thing to do, I have insisted on a postal correspondence.

I'm astonished Banks (and other organisations) for which people have accounts, dont highlight postal correspondence with a reference number for each document sent, so you can even cross check through an online account when a hardcopy item has been sent so you know everything sent has been received, it would be a very simple thing to do imo.