“My apologies in advance for sending you yet another complaint concerning the scamming of a Revolut account,” begins the mail from a reader called Caoimhe.
She recently lost more than €700 to fraudsters in 11 rogue transactions with all the amounts taken from her account in yen over the course of less than half an hour one morning.
“There was no notification from Revolut that there was suspicious activity in my account,” she says. “I immediately contacted Revolut and, when I eventually managed to talk to an agent on live chat, I was completely taken aback by their response. They claimed the amounts removed had been legitimately approved by me and that there was nothing they could do.”
[ Charity shock as Revolut customer donates more than €400 by mistakeOpens in new window ]
The chargeback team subsequently told her that “no trace of fraudulent activity” was found on her account.
“Naturally I denied that I had approved any of these transactions. They investigated the matter briefly and claimed that the amounts were verified through my Apple Pay account, which I do not have. The agents had insisted I had entered authentication codes to verify the payments, which I did not,” writes Caoimhe.
“In addition, they referenced the last four digits of a mobile number, 9012, not mine, which allegedly accessed the Apple Plus account that does not exist. I also tried to impress on the different agents I managed to speak to that I never click on emails, texts or answer calls that are suspicious but to no avail. No responsibility was taken for the complete lack of any robustness within their security system that clearly is not fit for purpose.”
Caoimhe spent several days trying to make progress. “Eventually I was blocked from contacting any of their agents by phone, and got passed around to different agents, who all gave me the same response: ‘The transactions cannot be considered unauthorised.’ Their customer care is clearly not a priority for them and wholly inadequate.”
Caoimhe contacted An Garda and says the people she spoke to were “sympathetic and told me they are aware of many other people scammed in a similar manner to me”.
Banks and other financial institutions should be the last line of defence, not the only line of defence
— Revolut in a statement
We contacted the company and received a response, which readers can judge for themselves. We do not think our reader will find much comfort in it.
“We are sorry to hear of [Caoimhe’s] case and any instance where our customers have been targeted by ruthless and sophisticated criminals,” it begins.
“Revolut takes fraud and the industry-wide risk of customers being coerced incredibly seriously. The Banking & Payments Federation Ireland (BPFI) recently highlighted the severity of the issue across the industry, reporting that almost €100 million was lost in 2023,” it continues.
“In the same year, we prevented over €550 million of potential fraud against our customers globally. We have robust protections in place for our millions of customers, which include more than 2.8 million in Ireland, and analyse over half a billion transactions a month.”
The statement adds that Revolut’s “security features include AI models, over 4,000 trained anti-financial crime professionals as well as experienced data scientists. Where we detect signs of fraud, we intervene and investigate, and where customers do fall victim to fraud, we have front-line staff on hand 24/7 to provide support.”
The statement adds that Revolut encourages “all our customers to always be wary to never share their password, passcode, PIN, selfie, or one-time passcode (OTP) with anyone else, even if they claim to be from Revolut or another financial institution. Similarly, we recommend that all customers be extra wary of any potential phishing attempts via phone calls, text messages or emails.”
It concludes by saying that while it is “fully determined to protect our customers as best we can through our fraud prevention technologies, there is no denying that fraud needs to be tackled at source. The full chain of events must be considered with specific reference to the originating platforms. Banks and other financial institutions should be the last line of defence, not the only line of defence.”