Shrewd scammer dupes victim out of $50k
A scam artist transferred $50k from a man’s bank accounts after tricking him into downloading what he thought was anti-virus software.
It turned out to be remoteaccess software which was used to find the man’s username name and password when he logged into his internet banking.
The scammer initially rang the victim, claiming he worked for the man’s internet service provider and that it was doing work in the area which affected his internet. The man, who lived rurally, had been having slow connections.
The scammer then offered to help the man detect and remove computer viruses, which would also help with his internet connection.
He advised the man to download anti-virus software and then log into his internet banking to check the bank website had two padlocks in the corner. The victim did, and when he found there was only one padlock rang the scammer and was told to set up an international payment facility to strengthen the security.
When the man called his bank to set it up he didn’t mention it was for security purposes or that he had no plans to send money overseas. When asked how much he wanted to send, he said about $10,000.
The man then called the scammer repeatedly over a few days and, after becoming frustrated, called his service provider directly, to find it was not doing work in his area.
He realised he had been scammed and called his bank, which suspended his internet banking.
But by then the scammer had already transferred a total of $50,000 from the man’s bank account to international accounts.
The Banking Ombudsman, Nicola Sladden, said the recent case demonstrated just how clever hackers could be and how they were constantly developing ways to access personal information. She urged people to be suspicious of unsolicited emails or phone calls..
People should always double check with their service provider before giving out personal information or downloading software.
Sladden said people should also use two-factor authentication which required a code sent via text message to be entered before money could be transferred overseas.
“This means that not only will a hacker need your log-in details to access your account, but also the verification code which is sent to your phone before money can be transferred.”
The man’s loss might have been prevented had twofactor authentication been in place. But he had asked the bank to disable it two years earlier after having trouble using the system and complaining he did not receive the text messages.