22.02.2025 13:40
In Istanbul, a fraudster posing as a bank officer withdrew 1 million lira from the account of TÜBİTAK Science Award winner Prof. Dr. Mehmet Güneş, claiming that he would cancel an insurance policy. After the bank's customer service number was copied, Güneş's account was emptied. He stated, "It's done so professionally that the bank's system is being used."
Prof. Dr. Mehmet Güneş, who received the TÜBİTAK Science Award, was called by fraudsters claiming to be bank personnel. The bank's customer service number was copied. The callers told Güneş that they would guide him through the insurance cancellation process. However, under this guidance, Güneş applied for a loan of 500,000 lira. The fraudsters, who had his identity information, lost their trace after gaining his trust through various methods and transferring the 500,000 lira in his account. Güneş was defrauded of 1 million lira.
"I TRUSTED BECAUSE IT WAS A BANK NUMBER" Prof. Dr. Güneş stated, "I had been receiving calls from the bank we work with for the last week, from customer service, but I wasn't answering. Then I was called from a mobile phone, and I was told that I was being contacted for the cancellation of my bank account's insurance. Meanwhile, they said they couldn't reach me because I had blocked the customer service number. They asked me to turn on my mobile internet and lift the block on my phone. Once I lifted the block, they had me perform transactions through mobile banking while simultaneously having customer service call and send messages for the transactions I needed to complete. They were saying things like, 'We will approve the insurance cancellation, follow these steps, press this button, accept this, confirm that,' and they were instantly taking out a loan. However, I didn't realize it at that moment because I thought we were doing the transactions very quickly. A bank employee called me and said the transaction you made is suspicious, a transaction of 500,000 lira is being made, it was done twice, and I was never warned. During the transaction, I wasn't given an IBAN number. Just a Turkish ID number, but they didn't even say it was a Turkish ID number. They said, 'I'm giving you a number now, write it down.' Then while they were having me write down 500, they said 50-00-00 so that I wouldn't understand it was the amount. This was the nature of the transaction, and in the meantime, I received no warning from the bank. As I said, they just asked if I approve the transaction. I was already doing that transaction there, meaning they didn't say anything else I didn't know. They didn't say, 'This transaction you made is suspicious, are you doing this?' or I wasn't contacted in any way. I understood this issue, and I also had a professor friend with me. He even asked me, 'Mehmet, how did you understand this?' It was done so professionally that the bank's system was being used, and at that moment, I completely trusted the bank, thinking they wouldn't defraud me. Such a sophisticated operation is being carried out," he said.
"1 MILLION TL WAS EMPTIED FROM MY ACCOUNT" Güneş stated that he did not receive a confirmation code for one of the transactions, saying, "As soon as I realized, I told them to stop everything. Because I still wasn't 100% sure if it was the bank. When they said they couldn't stop it, I said I would call the prosecutor's office, and they immediately hung up. After I realized, I called the bank from the same customer service. I said, 'Look, a transaction was just made, my account was emptied, please stop the transactions quickly.' They didn't stop it; within half an hour, two transactions of 500-500 were made, totaling 1 million lira, and no one cared. When I complained to the bank, they told me, 'We sent you a confirmation code.' The confirmation code you sent is for the transaction I made; if I knew it was wrong, I wouldn't have done it. You need to warn me; you leave me alone with the people trying to defraud me and say that after sending the confirmation code, the rest doesn't concern me. I also call on all authorities from here; they should not allow the public to be left defenseless by banks in this way. While I was making these transactions, I received a confirmation code for a transaction of 500,000 lira, but for the other transaction of 500,000 lira, I did not receive a confirmation code. When I went to the bank manager and told him this, he looked and said nothing. He said, 'Let me investigate this,' and closed the case. No one got back to me again. In this way, completely out of control, two transactions of 500-500 were made, totaling 1 million TL from my account. As I said, the person who called me spoke to me by saying my name and surname. So they knew who they were talking to, and they also knew that my instant credit limit at the bank was 500,000 lira. They know the system very well. Of course, I can't say anything for sure, but I am sure this was done by someone who is an expert in the banking field," he expressed.
"BANKS' SECURITY SYSTEMS NEED TO BE ACTIVATED" IT Expert Prof. Dr. Ali Murat Kırık stated that the numbers were copied through foreign lines, saying, "They present the information, personal data, and identity information can also be easily obtained from the virtual environment. After providing this information, they convince you and then ask you to perform transactions through the mobile application in the later process. In fact, this transaction is carried out completely after trust is established, and a loan is taken out in your name. And later in the process, they insist that the password sent to your phone must not remain with them. They say never to share it. The main reason for this is to establish trust. When you call a professional customer service, they provide the same information. Up to this point, everything is normal, but in the next process, after you log into the mobile application, the goal is to transfer the money to the desired account. But here, they work in a professional manner, stating the amounts one by one. If a loan is being taken out from an account that has never had this much credit before, the banks' security systems need to be activated. Of course, the existing person like a customer representative enters the code into the system, but the system itself needs to create a self-control mechanism. When you are called from landline numbers and see the bank's number, you inevitably start to trust."
However, scammers, especially through lines they have obtained from abroad, create the same bank numbers. But what do they do to trap the citizen there? They put the code of that country at the beginning. For example, they add the number 9, and they also add the number 0 extra. Of course, when that call comes, you don't look at it; you directly say, "Okay, this is a call from my bank's customer service," and that's where they trap you," he said.
"IF THERE ARE CODES AT THE BEGINNING OF NUMBERS, YOU MUST BE SUSPICIOUS" Kırık stated, "The use of artificial intelligence in the banking sector is extremely important. Because artificial intelligence analyzes the customer's information. It takes the average of how much credit has been taken so far and how many transactions have occurred. And when there is an abnormal transaction, it can immediately alert customer services and the relevant bank, actually preventing the transfer of that account. Of course, sometimes they apply very different operations. 'Potato' lines are used very intensively. What are these potato lines? They especially use numbers that are registered under someone else's name or those that are registered under deceased individuals. They do not close those lines; they use them, but when you call, you never have a chance to reach them. If there are codes at the beginning, you must be suspicious. If there are codes starting with 09 or 08, you should be suspicious. Also, if someone says, "I am a banker, I am calling you from the bank, we need to do these transactions," you should always approach it with suspicion. You will hang up the phone and directly call the relevant bank's phone number yourself. You will confirm, "A person called me just now at this minute, saying they were calling from you. Is this transaction related to you?" If you do not get confirmation, you could lose significant amounts of money to phone fraud. You know that scammers use foreign lines, so sometimes it is beneficial to have location information open. Because when a call comes, if the location information is open, you can automatically see which country the call is coming from. Because you know that virtual numbers are also used a lot, obtained from application stores. These can actually save our lives. And we must always say this: Whether from e-Government or mobile applications, it is very important to always use two-factor authentication. You should never trust people who say they are calling from the bank or the prosecutor's office. You must definitely hang up the phone and quickly return through the official number of the relevant bank," he said.