Mum has email cloned by scammers who ordered £60 McDonald's takeaway

A MUM lost £60 after scammers cloned her email address and ordered £60 worth of McDonald's food.

Clare Rosewarne, from Derbyshire, used the app to order a takeaway for her family but several weeks later she got an email about an order she hadn't placed.

She logged on to her bank account and saw a transaction for £58.45 had left her account and gone to McDonald’s.

Speaking on BBC One’s Rip Off Britain, she said: “I thought it was a fake because of what had been ordered on it.

“10 portions of large fries, 4 lots of 20 chicken nuggets, 12 BBQ dips, 4 sweet curry dips, 4 large Fantas, 2 large Sprites, 1 large Coke, 2 chicken sandwiches, 2 hamburgers, 2 cheeseburgers, and 2 double cheeseburgers.

“It is just a ridiculous order. My stomach dropped when I saw it was the same amount going out of my bank account that was on that receipt.”

Clare said she noticed the order had been made for a branch in London, 150 miles away from her home.

“I rang the store, told them they should not let that order go out as I haven’t authorised it. The lad said I must’ve authorised it.

“I asked him how he was allowed to let a £60 order go through when it’s a £25 limit, he hung up the phone on me."

The amount is unusual as the fast food chain has a maximum of £25 that’s allowed to be ordered on its app.

But McDonald's said the limit was put in place to help orders be managed safely when they first reopened.

Larger orders can be accepted now so that families could order more food.

McDonald's claimed that scammers hacked her email address and used it to log into her My McDonald's app account.


They told her to contact her bank about a refund.

“It is appalling to be honest with you,” Clare said. “I think McDonalds should look at their app. I would expect better from such a global brand."

Rachael Riley, from Derby, also fell victim to fraudsters. She had three orders placed in the space of 10 minutes for a McDonald’s branch more than 50 miles away in Birmingham on her account.

In total, these orders cost £91.13 When she contacted McDonald’s, they gave her the same advice as Clare.

Rachael said: “This whole experience has made me feel like McDonald's is not the company I thought that they were.

"It's just not right at all. They must be held accountable for this."

A McDonald's spokeswoman said: “After investigating both of these cases, we understand that the unwanted transactions were due to the customers’ details having been compromised on another website, not by the My McDonald’s App.

“This was communicated to both customers, and for added security, details were shared on how to change their App password.

“Cyber security is of the utmost importance to us, and during the summer, we released a forced upgrade of the App that includes two additional layers of fraud protection, including device identification and additional fraud detection software.

"We also have a number of measures in place to mitigate any breaches, such as Bot Protection.”

Tech expert David McClelland said on the programme: "A lot of people think crime only takes place on the dark web, these hidden corners of the internet that search engines can't find.

"It's not really the case anymore. You just need to know where to look.

He added: "To protect yourself, never use the same password across multiple sites. At the end of the day, there's a credit card or a bank card usually attached to these services.

"If you don't order from one of these services very often, then remove that card."

How to protect yourself from fraudsters

ACTION Fraud recommends taking the following advice to stay safe:

  • When making a purchase, be suspicious of any requests to pay by bank transfer or virtual currency instead of safer methods, such as credit card or payment services such as PayPal.
  • Listen to your instincts: If something feels wrong then it is usually right to question it. Don’t pay for goods or services unless you know and trust the individual or business.
  • Personal information obtained from data breaches is making it increasingly easier for fraudsters to create highly targeted phishing messages and calls – watch out for these.
  • You shouldn’t assume the caller is genuine just because they’re able to provide some basic details about you.
  • Always be suspicious of unsolicited requests for your personal or financial information.
  • Contact your financial provider as well as Action Fraud on 0300 123 2040 if you think you've been scammed.

It’s not the first time thieves have stolen money from app users.

Daniel Bird, 23, claimed he lost £150 when fraudsters hacked into his phone app and placed 14 orders in just four days.

Meanwhile, Deliveroo has also been faced with accusations that users’ accounts have been hacked.

Some Deliveroo account holders have warned that hacked accounts are being sold on the dark web for as little as £5.

Another woman told The Sun how she spent weeks waiting for a refund when her account was hacked.

Meanwhile, UK Finance has said Brits were scammed out of £208m via bank transfers in first half of 2020.

NatWest has also been revealed as the worst bank for scam claims as 70% of valid complaints to banks are rejected.

And shoppers have been warned about hot tub scams where crooks advertise products that don't exist to steal your money.

Source: Read Full Article