The European Payment Services Directive - a charter for fraud criminals!

InterFraud
The Internet Fraud Advisory Group
A not for profit group based in Britain
Please consider a donation

The European Payment Services Directive - a charter for criminals.

Why should Western Union have a right to deny fraud victims information about the collection of money by criminals? If you live in the USA, can you please explain why, in this era of freedom of information, even American victims have no right to know where their money was collected.

UK CITIZENS - Please sign our petition to the Prime Minister.
Internet fraud criminals depend upon Western Union. The company will refuse to give victims the address at which their money was collected. If you are a UK citizen, you can now petition the Prime Minister to ask that money transfer companies be made more accountable to fraud victims. Please join the fight against Internet fraud by signing the petition here. The form will ask for some personal details in order to prevent any abuse but only your name will appear in the list of signatories.

We recently became aware that the Payment Services Directive has to be incorporated into British law by 1 November 2009. It seeks to establish fair and open access to payments markets, and to increase protection for consumers. In fact, big business may well benefit, but consumers - and especially Internet fraud victims - have a right to feel betrayed.

The mechanics of Internet fraud. Such fraud depends upon the secrecy of the money transfer companies. We can use Western Union as an example because that company is responsible for processing most fraud payments. You can check the evidence for this here. Fraud victims from around the world report to us because in many cases they have sent money to be collected at Western Union agencies in Britain. We ask victims to contact Western Union for details of exactly where the money was collected but the company will flatly refuse to give the information.

This is how the fraud criminals instruct victims to make payment.
(From a fraud mail of November 2008)

"The delivery option payment should be made to the HILTON POST COURIER SERVICES Account Manager. Moreover, remittance is to be made by Western Union Money Transfer to our Account Manager only.

WESTERN UNION MONEY TRANSFER DETAILS:
Name of Receiver: ======== Mr. Akudo Ben
State/City of Receiver: ===== London
Country of Receiver: ====== United Kingdom

Furthermore, Western Union Money Transfer is our preferred means of receiving payments from customers, as it is less cumbersome and faster*. If you insist on paying via this means to let your Parcel to be delivered to you, quickly go to the nearest Western Union Money Transfer and make the delivery option payment which you have chosen as your preferred Shipment Option. "

*He means that this method of payment offers him complete anonymity!

Why are the money collection details so important? By refusing to divulge the money collection locations, Western Union protects fraud criminals from unwelcome attention. It is well known that victims of Internet fraud do not often report cases to the police. It is suspected (on good grounds) that police forces do not have the resources to tackle cross border fraud of this sort. If victims were entitled to know exactly when and where their money had been collected, they could report to us and enable us to pass on to the police the locations of fraud hot spots. These would, no doubt, include the premises of agents who collaborate with the fraudsters. The police (or other enforcement agencies) would be able to visit such premises and ask to see video footage of fraud collections. We might even see some overdue arrests. The Home Office is unable to supply statistics on arrests for Internet fraud offences - we suspect that such arrests are very rare and we know that the scammers can operate with impunity.

What does the Payment Services Directive say about consumer rights? Precious little! There is much guff about transparency in regard to commission costs and exchange rates but we need only look to Article 38a in order to find the fraud criminals' charter.

Article 38(a) of the PSD
as it appears in the Official Journal of the European Union.

Information for the payer* after receipt of the payment order.

Immediately after receipt of the payment order, the payer's
payment service provider shall provide or make available to the payer, in the same way as provided for in Article 36(1), the following information:

(a) a reference enabling the payer to identify the payment transaction and, where appropriate, information relating to the payee*;

*Note - In fraud cases "the payer" is the victim and "the payee" is the criminal who collects the money.

So, the money transfer company has the right to decide what information it should release to fraud victims - who are also paying customers!

Changing a simple sentence would cut Internet fraud at a stroke. If we could change "and, where appropriate, information relating to the payee" to something like "and, on request, information relating to the exact time and place of the money collection", fraud criminals would be deprived of the protection they presently enjoy.

We would all receive less spam! If the fraud criminals find it too risky to collect victims' money from, for example, Western Union agencies, why should they bother to deluge us with "lottery winner", "fake loan" and "work at home" junk mail?

But those who should be protecting us are asleep on the job. We have raised our concerns about Internet fraud and the secrecy of the money transfer companies with HM Treasury, the Home Office, the Office of Fair Trading, Consumer Focus and the Financial Services Authority. It is fair to say that not one of those showed any interest in supporting our campaign for transparency, some of them did not even appear to know about the PSD. It was also disappointing to find that the Home Office was quite unconcerned by our report that the present situation encourages foreign fraud criminals to settle in the UK.

We contacted the European Commission and this was the relevant part of the response: "The Payment Services Directive does not deal with this issue. Article 38 indeed lists the information that Payment Services Providers must provide or make available to the payer immediately after the payer has given his payment order to the Payment Service Provider, ie at the latest before he leaves the provider's office. It therefore does not cover situations where a payer would come back after realising he had been victim of a fraud. It is up to national authorities to regulate such situations. We therefore kindly invite you to discuss this issue with the authorities in charge of such legislations in the United Kingdom.".

Recent research (2008) demonstrated that the UK electorate has a diminishing faith in the administration of Britain's crime and justice system. People feel that the scales are tilted in favour of the criminals. If the PSD enters British law without the amendment we suggest it will indeed favour the fraud criminals - and the money transfer companies who profit from their activities.

UK government attention to Internet fraud should be a priority for your Member of Parliament. You can help by drawing the attention of your MP to this issue in a surgery appointment or via e-mail. You can e-mail your MP via the WriteToThem website.

Can our Houses of Parliament take a stand - and make a difference to the world? If money collection locations were revealed to fraud victims (in cases where money was sent or collected from UK agencies of the money transfer companies), vulnerable people around the globe would have cause to be eternally grateful. We know that the House of Lords is very concerned about the extent of Internet fraud - will the Commons stand up for the consumer when the PSD comes before them?

For more information about the Payment Services Directive check HM Treasury website

and The European Commission website.

John Weston, Chairman, IFA Group, October '08

InterFraud / IFA Group, UK. Please, before forwarding suspicious mail, check that you have included FULL INTERNET HEADERS (see below). It is not always possible to respond to reports of fraud mail, but appropriate action is always taken.

N.B. If you need to send suspicious mail for examination, please be sure to forward it complete with its full Internet headers. If you are not sure how to do this, check the help file of your mail software, see the note below or visit www.haltabuse.org/help/headers/ for instructions on revealing headers in e-mail. Please do not forward the pictures of forged documents (e.g. jpegs of "cheques") that accompany these scams, unless by request.

I'm not familiar with e-mail headers - show me what you need ...

MAIL HEADERS. You will not normally see full headers when you read your mail but these can be important in investigating Internet fraud.

Microsoft Outlook Express for Windows: Right click on the message and select Properties. Choose the Details tab and select the Message Source Button. Copy the headers and send them along with the body of the email.

Microsoft Outlook: Click the View menu and select Options. You should see a pop up window "Message options" or similar. Notice the box called Internet headers near the bottom of the window. This box contains the full headers. To extract the contents, put your mouse pointer in the box and right-click then choose Select All. All the text in the box will then be highlighted.

Right-click in the box again and this time choose Copy to copy the selected contents to the clipboard. You can then paste the full headers to an email you may be forwarding.

Gmail: (Thanks T.W.) "It took me a little while to work it out, one needs to click the "down arrow" next to the "Reply" indicator at the top-right of the message pane and select "Show Original", a new window page opens with all the header details. You then need to cut/copy all the text and paste it into your forwarding email."

Netscape Messenger 4.7 - 6: Open the email; go to the view menu; pull the 'Headers' menu over and click on 'all'. Highlight the message and headers displayed in the email and copy them into the email you send to us.

Netscape Messenger 6.2 and higher: Go to Netscape Messenger Inbox. Select View - Headers - All. Highlight the message and headers displayed in the email and copy them into the email you send to us.

Pegasus: Users of the excellent Pegasus for Windows will probably not need me to remind them of the Raw View tab and the option to include headers in the Reply and Forward dialogues.

Incredimail: In your mail program double click the email you would like to view, when it is open click on the FILE menu and choose PROPERTIES. When in the properties menu click on the DETAILS tab to view the Full Headers .

WEB MAIL HEADERS:

Yahoo! Mail:
1. Open the message in question.
2. In the top-right corner of the message, click the link/pull-down menu "Standard Header."
3. Select "Full Header". A pop-up window will appear with complete message headers.
4. Copy the contents of that entire screen
5. Click "Forward" on the message in question.
6. Paste the copied full headers into the body of the message above the actual email message.

Yahoo! Mail Classic:
1. Open the message in question.
2. In the bottom-right corner of the message, click the link "Full Headers."
3. The screen will refresh and will display the complete headers above the message itself.
4. Copy the entire Full Header section.
5. Click "Forward".
6. Paste the entire Full Headers into the body of the message above the actual email message.

Hotmail: First, configure your options: On the upper right "Options | Help" links, click on "Options." Click on the "Mail Display Settings" link, find the item "Message Headers." Choose "Advanced" and click the "OK" button.

Data Wales Index