Jordon Judge received a call on his phone last October while sitting in a Vancouver coffee shop, with the caller ID showing Scotiabank. Unbeknownst to him, the caller was actually a fraudster using caller ID manipulation, a tactic known as phone call “spoofing.” The fraudster claimed to be from Scotiabank and mentioned two suspicious charges on Judge’s Scotiabank Visa card, which he denied approving. Despite the assurance that the charges would be blocked, Judge later discovered two significant unauthorized charges totaling nearly $20,000 on his credit card statement.
This incident marked the start of a frustrating ordeal for Judge, as Scotiabank persisted in holding him responsible for the fraudulent charges, despite his protests. Credit card fraud is on the rise, with a growing number of identity fraud cases involving compromised credit cards, as reported by the Canadian Anti-Fraud Centre.
The Ombudsman for Banking Services and Investments highlighted that fraud-related complaints are the most common issue they handle, with only e-transfers surpassing credit cards in terms of fraud complaints. According to federal law, an individual’s liability for unauthorized credit card transactions is typically limited to $50 unless the bank can demonstrate gross negligence on the customer’s part in safeguarding their card.
In response to the increasing complexity of fraud and technology, a cybersecurity expert emphasized the importance of financial institutions conducting thorough investigations and providing clear evidence before holding customers accountable. Despite Scotiabank’s refusal to be interviewed, they issued a brief statement urging customers to protect their personal information.
The incident with Judge involved the fraudster obtaining personal information such as his birth date and mother’s maiden name, as well as attempting to trick him into sharing a “one-time passcode.” While Judge refused to provide the code, subsequent unauthorized charges appeared on his statement. Despite Judge’s appeals, Scotiabank maintained his liability for the charges, citing the use of the passcode as evidence.
Experts criticized Scotiabank for lacking transparency and failing to conduct a proper investigation before accusing Judge of negligence. The use of one-time passcodes via SMS or email was deemed less secure compared to authenticator apps, which generate time-sensitive codes and are less susceptible to interception. The Canadian Anti-Fraud Centre recommended the use of authenticator apps for enhanced security.
Following media involvement, Judge eventually received reimbursement for the unauthorized charges after Anglia Ruskin University confirmed the refund. Scotiabank credited Judge’s account to cover the charges and interest accrued. Despite the resolution, Judge expressed disappointment at the lack of communication from Scotiabank and the need for external intervention to rectify the situation.
While Scotiabank initially offered a nominal sum as a goodwill gesture with conditions, Judge refused to accept it without a full resolution. Despite the eventual compensation, Judge emphasized the need for greater transparency and accountability from financial institutions in handling fraud cases to prevent innocent customers from being wrongly held accountable.