Looking back with all the benefits hindsight brings, Stacey Nolan* feels foolish and embarrassed and can’t believe how easily she was conned by criminals pretending to be Coldplay singer Chris Martin.
But living alone and battling mental health issues in the spring of 2021, with much of the world in a Covid-19 pandemic lockdown, she was easy prey.
Her loneliness and vulnerability were ruthlessly and relentlessly exploited over four months and more than €20,000 of her pension fund was stolen.
The chances she’ll get redress are virtually non-existent, but she continues to fight her corner and remains convinced she’s been let down by her bank and the authority that polices it.
The whole business started with a tweet.
While doom-scrolling in early 2021, she noticed a post from Coldplay, a band she wasn’t too bothered with. Even so, she responded with a single word, a word so inconsequential she can’t remember what she said.
Almost immediately, something surprising happened. Stacey received a response from an account that looked like it belonged to the band’s lead singer, Chris Martin.
Intrigued, she engaged, and after a series of cheery over-and-backs, Stacey “stupidly” sent “Chris Martin” her number.
A flurry of WhatsApp and Skype messages followed. “He was just friendly and funny,” she says. “Then he started being kind and romantic. He told me he’d seen my pictures on social media and liked what he saw. I was flattered.”
She did ask herself – and indeed him – why a rock star with “access to all these women” would be interested in a middle-aged woman from Ireland. In response, he said “he was just looking for a quiet relationship”.
She started to buy into the fantasy – and the messages continued. A few weeks in, with the excitement of the exchanges fizzing, the first request for money came. It seemed innocent enough.
Stacey was told the singer had a charity supporting orphans and she was asked for a €500 donation. Afraid to say no and end the “thrilling” conversations, she agreed to make a donation.
“I didn’t really have €500, but didn’t want to lose contact because I was dazzled. I said I’d give €150," she says.
She transferred money to an account belonging to a woman in the UK – a manager of the orphanage, “Chris Martin” said.
The romantic and dazzling conversations continued, with dozens of flirty messages and pictures exchanged daily.
Then he asked for another €500 “for the orphans”.
“I got ensnared. He was being really romantic and sweet, he was grooming me,” she says.
Weeks passed, and an exciting message slid into her inbox. “Chris Martin” was coming to visit her and would be arriving in September. He even sent her a picture of his ticket.
But there was a problem.
He needed cash to cover the cost. He asked for €2,200 because his “touring income was messed up because of Covid. He sent pictures of screengrabs detailing how his accounts were frozen,” Stacey explains.
Smitten and all in, she sent the cash – this time to a different UK-based woman’s account – a member of the singer’s management team, she was told.
Any doubts she may have had that her “Chris Martin” was real – and really she didn’t have any – were allayed when she chatted to him via Skype as various band members wandered around in the background. “The audio was muffled, but I could see he was talking to me,” she says.
She now knows the footage was an AI-generated deepfake. Back then, she knew nothing of such things.
[ Deepfakes pose a particular threat, but they are not as dangerous as you thinkOpens in new window ]
Then the request for a loan came. “He told me he’d a film project, he needed cash,” she says.
He wanted €20,000 – later bumped up to €22,000. “I asked why his record label wasn’t paying. He said it was an independent project. I asked why he couldn’t access his own money and he said it was tied up. I asked him to go to the credit union for a loan but he said a celebrity like him couldn’t do that.”
She agreed to lend him the cash but sought “reassurance” she’d get it back. “I went to a solicitor and had a loan agreement drawn up at a cost of €600. The solicitor didn’t do any fraud checks on the ID that ‘Chris Martin’ sent me. There was a fake passport and a fake driver’s licence.”
The agreement was mailed to him and was returned signed. “He kept asking me to hurry it up, and when I’d transfer the money, ” she says.
In June 2021, Stacey transferred €22,000 from her credit union account to her bank account, and then to a woman in Minnesota. “I thought she worked for him,” she explains.
Weeks later, she was admitted to a psychiatric hospital, and lost contact with “Chris Martin”.
While in hospital, she confided in her brother. “He told me this guy was a scammer and that I was being defrauded.”
She came out of hospital at the end of September 2021 and the criminal “was still trying to talk to me on Skype”. She challenged him and he denied everything. He even asked for more cash.
Soon, the Garda, PSNI, US police and Interpol were involved. The trail led to the US, but the money was gone – withdrawn from the Minnesota money mule’s account.
Her bank in the UK ultimately agreed to refund just under €3,000 – but only after the intervention of Britain’s financial watchdog. It was a different story in the Republic. Her bank insisted it couldn’t give her the €22,000 back, although it offered €2,000.
She took the case to the Financial Services and Pensions Ombudsman, where a key pillar of her bank’s defence was that it had deployed key safety checks. It also said Stacey had not co-operated with them, a charge she denies.
“I accept that this event has been extremely upsetting and distressing for [Stacey],” the Ombudsman said in the ruling. “However, I am satisfied that the [bank] was not at fault in completing the payment transfer that she instructed and authorised in June 2021.”
She is angered at how she got a full refund from her UK-based bank, while her bank in the Republic offered her less than 10 per cent of her losses, a decision she plans to fight in the courts.
There are reasons for the differing approaches of the banks in the Republic and the UK. The latter involved authorised push payments (APP) – payments not done with a card using chip and pin, the method she used to transfer the money from the bank in Dublin.
Another reason is a voluntary reimbursement arrangement in the UK which makes it easier for scam victims to get redress.
In response to queries from The Irish Times, a spokesman for the Central Bank said it would support a reimbursement scheme here “while recognising that it must be properly calibrated, and careful consideration must be given to cost allocation”.
A spokeswoman for the Banking and Payments Federation Ireland said to effectively combat APP fraud in Ireland, social media companies, telecoms, financial services, the State and the Garda must “collaborate to devise appropriate strategies to better share intelligence, implement protections for consumers and develop barriers to criminals”.
“Ultimately, focusing only on the reimbursement of payments will fail to reverse the increasing incidents of fraud, will fail to protect consumers and businesses, and will only reward criminals and enable them to fund more serious and lucrative crime,” a spokeswoman said.
* Not her real name.
- Sign up for push alerts and have the best news, analysis and comment delivered directly to your phone
- Join The Irish Times on WhatsApp and stay up to date
- Listen to our Inside Politics podcast for the best political chat and analysis
