In 2023, a total of 238,371 fraud crimes were reported, which according to crime-preventing counsel is an increase of roughly 22 percent compared to 2022. And in recent months there has been talk of a “fraud wave” in Sweden.
Several authorities, including the Tax Agency, the Social Insurance Agency and the Financial Supervisory Authority, have sounded the alarm when fraudsters pretended to represent them in order to trick them into sensitive information and subsequently money.
Even companies – for example Biltema, ICA, Tradera and Handelsbanken – have been hit by similar fraud attempts. Customers have then received text messages, emails or phone calls from the fraudsters.
Handelsbanken’s appeal to customers: “Save the money”
Photo: Emilie Holtet/NTB/TT
Tradera’s stark warning to customers: “Be careful…”
ARN accepts reports of fraud
In the best case scenario, the recipient of these scam messages realizes their inadequacy and aborts the fraud attempt before it’s too late. In the worst case, the fraudsters manage to complete the scam and come away with large sums.
In the event of the latter, there are many vulnerable people who try to get the stolen money back from their bank, and not infrequently the help of The General Complaints Board (ARN)which must impartially handle disputes between companies and consumers.
– The most common situation is that a consumer has notified their bank because the consumer has been exposed to a fraud that has led to the consumer losing money, explains Hanna Björkmanpress contact at ARN, for News24.
Here are the scammers’ favorite victims: “The most vulnerable”
The transaction must have been unauthorized
But there are no guarantees that you will get your money back if you have been the victim of a fraud. This is regulated in the Payment Services Act.
A first condition for the money to be refunded is that the transaction in question is unauthorized, notes Hanna Björkman.
– Slightly simplified, you can say that a transaction must be considered unauthorized if it is someone other than the account holder himself who made the transaction. If the account holder himself approved the transaction by signing it with, for example, his mobile bank ID or bank box, the transaction is therefore not unauthorized in the sense of the law.
– This applies regardless of whether the account holder has fallen victim to a fraud and has been tricked into approving a transaction himself, or if an account holder has a wrong idea of what a transaction entails or what a possible consideration should contain, or what he does in general when he uses his payment instrument .
Have you received this SMS? Now the Tax Agency is warning about the scam
Photo: Henrik Montgomery/TT
Ica’s stark warning to customers: “We would never”
If, on the other hand, it is the fraudster who carries out the transaction, it looks different.
– If, for example, the account holder has been tricked into giving out codes from his bank box and the fraudster then uses the codes to sign a transaction, the board has deemed the transaction to be unauthorized and then the Payment Services Act becomes applicable, which means that the bank is, as a starting point, obliged to restore the account. The size of the amount with which the bank is obliged to restore the account can, however, be affected by how the account holder handled his authorization functions.
Authorization functions must be protected
If you lose money in a fraud and the transaction is considered unauthorized, how much can you expect to get back?
– If the transaction is unauthorized, the main rule is that the bank must restore the account as if the unauthorized transaction had not taken place. However, there are exceptions to this rule, which are related to the fact that the account holder is obliged to protect his personal authorization functions, says Maria Björkman.
If you are not considered to have protected these functions, you are responsible for the transaction.
– Liability is limited to SEK 400, unless the account holder has acted grossly negligent or particularly reprehensible. It concerns situations where the account holder had no reason to suspect irregularities. An example is that an account holder received an SMS from the bank that his Bank ID needed to be updated. The SMS contained a link that looked credible and the account holder keyed in two response codes. This enabled the fraudster to transfer money, explains Björkman and continues:
– If the account holder is a consumer and has failed to protect his personal authorization functions through gross negligence, the liability applies instead up to SEK 12,000. The bank is then obliged to restore the loss with a deduction of SEK 12,000. It is about the situation where the account holder should have understood that there was a risk of unauthorized transactions taking place if he gave out response codes or the like in the current situation.
Sharpen the warning to BankID users: “Delete the message”
Photo: Martina Holmberg/TT
If the account holder’s actions are considered particularly reprehensible, he is responsible for the entire loss, regardless of size.
– The bank is therefore not obliged to pay anything. It often involves situations where the account holder realized the risk of unauthorized transactions but still failed to protect their authorization functions.
– An example of that is the account holder giving out response codes to a friend on Messenger. Even if it hadn’t been a scam, but if it had actually been the account holder’s friend, it is still not allowed to hand over authorization functions to that person. The account holder has therefore knowingly disclosed the information to an unauthorized person and must have realized the risk of unauthorized transactions.
Read more articles about scams here:
Postcode Lottery’s new stark warning: “Unscrupulous people”
Fraudsters pretend to be your bank – this is how you protect yourself
Scam emails cause the authority to alert: “Don’t be fooled”