HELP PLEASE! Scammed out of nearly $100K

[Deactivated] on 15/03/2021 - 17:50
Last edited 10/06/2021 - 00:15 by 1 other user

Hi everyone,

So I'd like to precede this by saying I already feel absolutely horrible. I feel like throwing up constantly just thinking about this, but thought I would put it out there to see if anyone in the OzBargain community might have had any similar experiences or any advice.

Long story short, it appears a scammer hacked either my conveyancer's or the other side's conveyancers email accounts. and from doing so, got my details as well as the details of my upcoming property settlement. They knew the amounts due in terms of stamp duty payments etc, as well as the dates these amounts were due. They created a near identical email account to my Conveyancer, who I was emailing around 5-10 times a day and so simply didn't notice anything out of the ordinary when I received the scammer's email. It popped up only with my Conveyancer's name and the email address didn't come up as 'new sender' or anything. I know that I should have checked the email address before doing anything, but I had just answered about 3 other emails from my Conveyancer and still had about 3 to go. I had 6 emails in a row from her on different matters and it didn't at all enter my mind that 1 of these 6 might not be like the others.

In short, I transferred nearly $100K at the direction of this scammer who I believed to be my Conveyancer to the account they directed in the email. I called the Conveyancer later that afternoon to discuss another matter, and mentioned to her I had transferred the stamp duty payment for this property. It was then we both realised what had happened.

I searched the BSB and realised it was a Bank X account. I called Bank Y first (my bank) to ask them to commence a scam investigation and try recover the funds immediately. They advised the funds had already reached the other account but they opened the Scam investigation immediately. I then went to Bank X and tried to have them freeze the account the funds were received into. They said the account was already closed and for some reason, they couldn't see any details in the system about who had opened or closed it (how is that possible?). That night, I attended the Police Station and filed a fraud/scam report.

I now have the Conveyancer's insurer, the Police and Bank Y/Bank X working on this case but I'm accepting the worst and not expecting to get anything back. In the off chance anyone here might have had similar experiences and have any advice, I thought I'd raise it to the OzB community. Again, please don't pile on me. I know and I feel horrible. I've barely been able to sleep and I am just hoping there may be some avenue I haven't thought of, even if its not likely to succeed.

Thanks in advance everyone

Mod: Edited for privacy

Financial

Comments

- jv on 16/03/2021 - 11:08
  
  +1
  
  NAB should pay this for being incompetent and not doing their job.
bigbadboogieman on 15/03/2021 - 23:15

+7

Condolences for you OP. I almost got done in last year when I was about to settle our home. My solicitor was already aware that he was hacked and told us from the beginning that we needed to settle directly through our own account and not use his trust account. This basically required me to give an authority to the bank to deduct any settlement amounts directly for the account. He also said that he would never email me for any monies and that in the rare chance that he emails, it will be followed by a phone call.

Since his O365 tenancy was already hacked and he couldn't workout how or why, out of the blue, one day close to settlement I got a request from his email address that I needed to transfer $XX,XXX amount of monies to an account for stamp duty and to allow him to complete the PEXA process. I was kind of shocked because it was out of no where so I called him and found out that it was some a$$h0le trying to take me for a ride. I worked with the solicitor, played along to get the banking details and then reported those details to the police.

Regarding the earlier 5% amount to the real-estate agent, I physically visited their office to get the account details and then transferred the monies. The bank also kept the money on hold for like 3 days before transferring since it was a new payee added to my bank address book.
- SF3 on 15/03/2021 - 23:26
  
  +4
  
  I physically visited their office to get the account details and then transferred the monies.
  
  I reckon this is the way to reduce risk of fraud, whether email accounts has been compromised or not…
- Zachary on 16/03/2021 - 12:46
  
  +1
  
  I worked with the solicitor, played along to get the banking details and then reported those details to the police.
  
  What happened after that?
  - bigbadboogieman on 20/03/2021 - 22:32
    
    The solicitor passed on the details (along with the email trail attempting to defraud us) to the police and the bank's cyber security team.
    - Zachary on 20/03/2021 - 23:29
      
      what happened then?
OrderedChaos on 15/03/2021 - 23:25

Really sorry to hear what happened OP. Looks like you've done the right things by alerting both banks, the conveyancer, and police. Highly recommend you get yourself legal advice. The concern would be if your email were hacked. In that case, it's doubtful that the conveyancer's insurer will entertain a claim. That would be, to me, the worst case scenario. I'd also pursue the situation at NAB. They have a responsibility to perform KYC (know your customer). They should be able to trace the scammer, unless it's a very sophisticated scam with fake ID being used. If that's the case, then I'd expect the AFP could be asked to step in.
Snoochem55 on 15/03/2021 - 23:55

+1

Totally feel for you OP. To think how long it takes to save that much and to lose it just like that…

It reminds me of one of the annoying features of mobile email apps I have used. They tend to hide the email address and you normally need to press on the name of the sender for the address to be displayed.
FareEvader on 15/03/2021 - 23:57

This is so shit, I hope you get your money back OP. Please keep us posted.
GuitarXXX on 16/03/2021 - 00:00

Really sorry to hear that OP, try a "go fund me" thing to get more help?
KingJuf on 16/03/2021 - 00:19

I hope you get your money back OP and try to keep positive thoughts.

I really don't know how people who do these types of things can sleep at night honestly its sickening.
Commander Shepard on 16/03/2021 - 00:33

+2

I lost $550 once in a scam. Trusting people I thought I could. I cant imagine how I would feel losing the amount you did.

I wish you all the best and take care of yourself.
lainey13 on 16/03/2021 - 00:48

+2

So sorry this has happened to you, this is quite a sophisticated scam that has been around lately and I've seen it targeted at companies mainly, duping accounts into paying large invoices into the wrong account using the same method. Now they're onto conveyancers as well due to the large amounts.
Something similar happened here: https://www.9news.com.au/national/masterchef-contestant-dani…
Unfortunately that required publicity and was the fault of the conveyancer not the customer, but I really hope you can get it back. Definitely shame NAB widely and publicly for being a party to fraud!!
jayzee on 16/03/2021 - 00:49

+1

Sorry to hear this happened to OP, really wish you can get your money back.

Shouldn't the correct settlement procedure be:

You first pay 10% deposit to Real Estate Agent's trust account.

If you need mortgage, you would be setup an account under your name by the bank offer the mortgage, or use an existing transactional account under your name in the same bank, and you deposit/transfer whatever the shortfall amount that your lawyer/conveyancer calculate for you to that account. On settlement day, bank will withdraw the agreed loan amount from their loan book and the balance from this account, wire through the PEXA to complete
the settlement, the stamp duty is included in that sum of money.

If that's the correct procedure, fellow OzBargainers, please be extra vigilent if you get an instruction to transfer large sum of money to an account not under your name during the settlement process.

Hope this can help other OzBargainers.
Bayleaf on 16/03/2021 - 01:36

I'm sorry to hear about the trauma you are going through right now. I hope you get back your money soon. I have a question here: for the fake email you received, what does the end of the email address look like? eg: @gmail.com? @companyname.com?
Roary on 16/03/2021 - 01:56

+6

Internet Security Administrator here.

It sounds like that the scammer had knowledge about the sale. Therefore I assume either you were hacked or your Conveyancer for this information to be available.
It would of been an email account most probably that was comprised and I am suspecting its on the conveyancer side. If you could prove or confirm this then you are not at fault and its the conveyancer or their insurance that's liable.

As one said look at the email headers (not just the account the email came from) and see if it actually came from the conveyancers email systems.

Have you done a check of your email systems for any suspicious activity?

Good luck, I feel for you…
- SteveB00 on 16/03/2021 - 08:44
  
  +12
  
  It’s unlikely someone would take the trouble to hack into the email account of a random individual on the off chance they’re going to transfer a large sum sometime soon. It’s astronomically more likely they would hack a conveyancer.
  - smartblaa on 17/03/2021 - 12:45
    
    Mod.Delete Incorrect reply chain
- caitsith01 on 16/03/2021 - 10:23
  
  -1
  
  Agreed, the fact that information about the transaction was known to the scammer means either this is someone OP knows (hopefully not) or that the conveyancer for one or other party has been compromised.
  
  OP really, really needs to go and talk to a competent lawyer ASAP. They will be much more helpful than the cops.
quanticism on 16/03/2021 - 02:15

+2

Best of luck to you and hope you get the funds back. Shocked that NAB has so many red flags and would be disgusted if there's no accountability behind letting this happen. Thanks for sharing and spreading awareness about these types of scams.
Succulent on 16/03/2021 - 02:18

+1

I am sorry to hear that OP.

All bank should have 100 point check as part of standard procedure for years. Bank like NAB would have this as well. I think it is more of the case that they cannot divulge that information to you without police report/directions. So when they say they cannot see who opened or closed the account, it means they are not authorised to see it on their screen.

I think your primary priority would be contacting the police again and tell them that you got live westpac account of the scammer and we might be able to catch them this time round where the account is still active and the money can still be traced? Maybe that would speed up the police actions if they know that they have a chance to catch them?

All the best and i hope you get your money back!
ShannonN on 16/03/2021 - 05:16

+2

Oh Sh^t! Mate like everyone else I am so sorry you have had this happen. I can only imagine the gut wrenching this is caused. Souinds like you have acted as quick as possible, contacted all the correct authorities and done all you can, now its up to the various organisations to co ordinate the investigations etc.

This is the painful part, getting them all to talk to each other share info and come up with answers. Banks are the hardest to deal with as they are so secretive and always are in damage control mode, admitting nothing!

As others have said if it were their 100k , they'd have found the hacker, had them charged and gaoled for life LOL

But as its your hard earned they don't care
Again time to reflect sit back and say to yourself, it will be fine, money will come back, just takes time

Hope you are married and have someone to support you through all this
whytd on 16/03/2021 - 06:42

+1

So sorry for you OP. Hope you get your money back and this stress can end soon for you.
Muzeeb on 16/03/2021 - 07:10

FU scammer.

Sorry for your story OP.
moneyhungry on 16/03/2021 - 07:16

+3

Asking for the stamp duty to be paid separately should of given you a hint somethings not right.
pinnacle on 16/03/2021 - 07:22

OP, very sorry to hear. Prayers for you to get back your hard-earned money.
Breno785au on 16/03/2021 - 07:42

+4

I don't get it. I send $20 to a mates account, take 1-2 days for the funds to clear. You send $100,000, immediately reaches the other account :/
- Brendoo on 16/03/2021 - 08:55
  
  I send $20 to a mate's account, they have it within a few seconds from savings account to savings account, including on weekends. This is between CBA > CBA, Westpac > Westpac, CBA <> Westpac. I haven't tried the others.
  
  I also regularly send thousands (less than $10k) in single transactions between banks (e.g. CBA to Westpac) and it is at the other account within seconds. I press send and ask the other person to check at the same time, they can always see the amount appear in their account a moment later.
  
  I do presume larger amounts, like almost $100k, aren't instant, but i dont know for sure.
  - Thor Bargain God on 17/03/2021 - 02:24
    
    +1
    
    Most banks set conservative pay limits on customer accounts to begin with and this is even more so with regards to OSKO, since it has been implemented. I know of some banks that initially set the OSKO limit at $1,500 for all customers and then in time increased it to only $2,000 after becoming comfortable that the new system was not exposing its customers to increased rates of fraud and loss. I am a little surprised that the majors are permitting such large real-time transfers, unless you specifically asked for their usual payment limits to be increased permanently for your own accounts. I'd wager that the transfer of $100k was too large to be processed via OSKO and would have rather settled overnight.
- caitsith01 on 16/03/2021 - 10:24
  
  Since Osko became a thing most major bank transfers are instant. Including at least tens of thousands.
  - BartholemewH on 17/03/2021 - 22:27
    
    Not in the first instance?
Bid Sniper on 16/03/2021 - 08:24

+2

https://www.cyber.gov.au/acsc/report/are-you-a-victim-of-cyb…

ok this one was a sophisticated scam, seems almost someone who knew either party. This isnt your typical scammer here.
- shaybisc on 16/03/2021 - 08:27
  
  +2
  
  Does smell like an inside job, doesn't it, Watson?
  - Bid Sniper on 16/03/2021 - 08:37
    
    Unless hackers target the lawyer, with open access to their emails can do this, which ok can see this being done.
    
    However scammer had a NAB account, which means in Australia and had to supply ID to open that account. NAB should be able to easily look up owner of account.
    
    Either way still fishy
    - Zachary on 16/03/2021 - 12:49
      
      +1
      
      NAB should be able to easily look up owner of account.
      
      Unless the account was created with no ID….so all the fields would be empty….
- Franc-T on 16/03/2021 - 15:58
  
  Its really not, if you have access to one parties emails you can copy letterheads etc and send up an email with fake details.
  
  Dosent need an elaborate scheme to do so, though you need someone to get the funds and send it across which is probably a lot harder to do.
shaybisc on 16/03/2021 - 08:26

+1

It pays to be paranoid.
User210686 on 16/03/2021 - 08:27

+3

These bottom feeder scums should be beheaded. Media might be able to help; current affairs comes to mind.
Bob Svargis on 16/03/2021 - 08:32

So sorry to hear that. Make sure you get your state's Police force cybercrime division involved. This is what they do.

I'm currently going through a property purchase now so I can totally sympathise - there's e-mails flying around all day every day, it would be so easy for this to happen to anyone.

I suspect my conveyancer may have had this happen to her at some point because her e-mail signature specifically states not to pay money into bank accounts unless the details come from her in writing - which makes me believe that this is a fairly common situation, not that it will make you feel better but you can at least know that many others have probably been targeted for this type of scam.

Get the cops onto it and hopefully they'll track the b*stards down.
- djkelly69 on 16/03/2021 - 21:34
  
  +1
  
  I suspect my conveyancer may have had this happen to her at some point because her e-mail signature specifically states not to pay money into bank accounts unless the details come from her in writing - which makes me believe that this is a fairly common situation
  
  The scam is well known in the property industry, which will be why it is on the email footer. A lot of firms have this, not because it has happened to them, but through an abundance of caution because of the potential high $$ value if the scam is successful.
jsb on 16/03/2021 - 08:33

+1

You received the email directly from Conveyancer and you did what your were adviced to do. You need to go after Conveyancer for getting the money back. When you went to the police, you should have mentioned that Conveyancer instructed you to transfer the money and now he is refusing to accept responsibility.
It's likely that the Conveyancer's mail was hacked. If you approach it this way and start blaming Conveyancer to reclaim the money, their insurance will prob. reimburse the amount because they will be protecting Conveyancer as per the policy terms.
- Brendoo on 16/03/2021 - 09:06
  
  +2
  
  The OP said this about the scammer: "They created a near identical email account".
  
  The email from the scammer wasn't from the same email account as their conveyancer. It was just that the OP unfortunately didn't notice, because it was so similar, until it was too late.
  - TilacVIP on 16/03/2021 - 15:45
    
    probably something like an "o" [orange] and 0 [the number 0]
shaybisc on 16/03/2021 - 08:37

Very sloppy practice by the conveyancer in any case, if the account to be paid into was not conveyed to the client in person early in the process.
snirodha on 16/03/2021 - 08:50

+8

Something is not adding up here.

OSKO max limit is 30k.
PayId is 10k.

If OP has transfered money via bank transfer it wont process untill 6pm and most likely payment will flag up for security. Unless OP do lot of large amount of transfers on daily basis and didn't trigger any security alerts.

100k stamp duty can buy a 2 million $ property.

NAB do have the details. It is a must if not AUSTRAC can give them a big fine.
- john_conner on 16/03/2021 - 12:16
  
  +1
  
  Osko and payId are the same thing I believe.
  But agreed that in any case CBA isn’t going to let you transfer $100k by internet banking without some sort of special process, or requiring you to go on branch.
  Even in osko CBA has a hold the first time you transfer to a new account.
  
  $100k is a lot of stamp duty- this should have rung alarm bells that it didn’t add up with property purchase price…
  - nedski on 16/03/2021 - 15:57
    
    +1
    
    OSKO is the network, PayID is the ability to pay someone via Mobile number, Email, ABN etc on the OSKO Network.
  - vid_ghost on 16/03/2021 - 16:42
    
    I've sent $150 with payID and $150 standard transfer with CBA.
    
    Both times there was a 24 hours processing time..
    
    This is a standard thing for new accounts i was told over the phone when i called to ask them about it.
    They said they next time i send money to those SAVED accounts it should be much faster then 24 hours….
  - gromit on 16/03/2021 - 17:31
    
    Maybe it gas changed but the had no problems transfering 100k from my cbza account last year without any special process ( apart from making sure my limit allowed it). Certainly didn't need a special process or to visit bank
Lordarainyday on 16/03/2021 - 09:09

-3

Hey Mate
Sorry to hear what you have been going through - 100K is a lot - Hopefully u recover the entire amount and the only suggestion I can give you - probably better to install a VPN on the computer and connect it every time before you do any financial transaction - I am 100% sure u will get your money back - the question here is when - it's pretty strange that when NAB does not have any ID - sounds sketchy and fishy - Might be an internal fraud too - never NO
- suchan on 16/03/2021 - 15:15
  
  -2
  
  not sure why you are negged. That's a reasonable comment, though some may disagree.
  - fefris on 16/03/2021 - 15:37
    
    +3
    
    how would a vpn have prevented this? apart from giving him another company with his details that can be hacked.
    
    FFS NordVPN was hacked…..
    - Castcore on 16/03/2021 - 16:36
      
      Is it so that every transaction you make can look like it was done from overseas and therefore your account got "hacked"?
      
      That's probably wrong haha cus that seems like it could get you in a lot of trouble if you said it wasn't you when it was infact you with a VPN.
      - suchan on 18/03/2021 - 09:17
        
        @Castcore: geez this community is extremely harsh. Then explain it to the poor guy (and me) what went wrong instead of negging away.
        he's being kind and offering his view, which is much more then what the neggers can say for themselves.
        
        Blitzfx on 18/03/2021 - 11:53
        
        +2
        
        @suchan: The question should be for YOU and OP to explain why you think a VPN would help.
        Because the basic understanding of a VPN seems to be lacking on multiple points. Otherwise default answer is to read VPN for Dummies.
capslock on 16/03/2021 - 09:33

I hate to say this but unfortunately I think that this could be a very expensive lesson in being very careful when doing bank transfers. As we all know, bank transfers are not reversible. Any scammer sophisticated enough to pull this off would have hidden the money by now. I think your only chance is if CBA or NAB takes pity on you and they agree to wear the loss, although it's hard to think they would since you typed in the account numbers and submitted the funds transfer yourself.
pogichinoy on 16/03/2021 - 09:56

Good luck mate. I hope you get your money back :(
Kokobean02 on 16/03/2021 - 09:59

+18

No advice unfortunately, but I just wanted to say that I am so so sorry to hear this, OP.
Sending my love, condolences and good wishes.
I felt sick just reading your post - I can’t even begin to imagine how you’re feeling right now :(
I‘m sure you’re super busy trying to chase up all the relevant parties for updates and the like, but please please please don’t neglect your mental health and seek professional help if required.

https://www.lifeline.org.au/crisis-chat/
Lifeline: 13 11 14
Beyond Blue: 1300 22 4636

Hoping like hell that you get your money back! Hang in there OP!
caitsith01 on 16/03/2021 - 10:21

+6

They said the account was already closed and for some reason, they couldn't see any details in the system about who had opened or closed it (how is that possible?).

The answer is that this is not possible. You need to go and see a lawyer immediately, who will be able to assist you in getting access to these documents (whether by pre-action discovery, subpoena or just making clear to NAB that this is what will happen if they don't play ball).

Banks have legal obligations to keep this information for years. There is no way known that this information would not be available to NAB. Also, there is something extremely suspect about the account being closed so quickly - this process ordinarily takes time.

If I were you, I would be very suspicious that someone with access to NAB's systems is involved. But regardless, NAB is your obvious first port of call here. Via a lawyer.

Correspondingly, the fact that this person had details of your purchase (stamp duty etc) indicates that either you or your conveyancer, or possibly the other party's conveyancer, have been hacked. Either that, or this is someone in your life or the vendor's life who has done this to you.
- capslock on 16/03/2021 - 10:31
  
  +3
  
  NAB is your obvious first port of call here.
  
  There is no direct relationship between OP and NAB. NAB has zero obligation to OP. NAB's obligations are to protect the privacy of its customer and respond to queries by CBA and the police.
  - caitsith01 on 16/03/2021 - 10:34
    
    Incorrect. There is a direct relationship: NAB received funds which had been stolen from OP, albeit unknowingly. Also, NAB has in its possession the best evidence available to OP.
    
    Private parties get information from banks every day of the week through the courts. Not sure what state OP is in, but every state civil system has an equivalent process for seeking orders for pre-action discovery of documents or pre-action investigation. The civil subpoena process is similar. These orders are often made against parties (like NAB) who are not necessarily the wrongdoer but nevertheless have potentially relevant material in their possession.
    
    If you don't believe me go and sit down at court and watch a few civil matters, particularly in the callover list. You will see quite a number of orders made for banks to produce documents.
    - capslock on 16/03/2021 - 10:43
      
      +1
      
      By your logic, I can deposit money into your account and claim that it is stolen which then gives me the right to call up your bank to get your personal details.
      - jayzee on 16/03/2021 - 10:51
        
        +4
        
        @capslock: You need to go through the court system to get bank to divulge information to you, in doing so, you need to provide affidavit to explain the reason for your request, if you lie, you would commit criminal offence.
      - caitsith01 on 16/03/2021 - 12:42
        
        @capslock: You appear to have reading comprehension issues.
    - wyrmy on 16/03/2021 - 13:06
      
      If you have to go throught the courts to get information, wouldnt that be considered an indirect relationship?
      - caitsith01 on 16/03/2021 - 15:36
        
        -1
        
        @wyrmy: Legally, if A defrauds B and hands the money to C, C can potentially be directly liable to B depending on the circumstances. I'm not saying it sounds like that here, but it's not accurate to talk about a 'direct relationship' as though OP had any sort of deliberate 'direct reliationship' with the scammer either.
        
        And parties who have contracts, marriages, family relationships etc with each other still end up in court fighting over things like access to one another's documents every day of the week.
        
        All of which is irrelevant, because the point of my post at the top of this thread of comments was that NAB is the logical place to start getting information because OP (a) knows who they are and (b) can be sure they will have some information.
casho on 16/03/2021 - 10:28

+7

Last time I paid a conveyancer they insisted I send $100 as a first transfer. If the $100 successfully gets to them, save those details in your bank app. Only then send the full amount using those same details, ignore any emails with new account details. I know too late for yourself (feel for you), but may save someone else.
- wordsmith on 16/03/2021 - 10:34
  
  +1
  
  Totally recommend this tip, a Test transfer that you get a verbal or email confirmation on from the intended (correct) party. Proceed with a larger transfer only afterwards. I kind of follow this for my personal transactions too.
- watson4884 on 16/03/2021 - 11:09
  
  +2
  
  Normally I do $1 and see if it's the correct account
  Then do the larger amounts
  - Zachary on 16/03/2021 - 12:52
    
    +2
    
    one cent is better…
    - Myone888 on 16/03/2021 - 13:07
      
      +2
      
      ING does the 1cent test. It’s definitely a good test.
    - vid_ghost on 16/03/2021 - 16:40
      
      +3
      
      Bank check made out to the person and hand delivered is best…. are people THAT cheap they don't want to pay the $15 FEE when buying a house?
      - Zachary on 17/03/2021 - 12:19
        
        +1
        
        @vid_ghost: apparently yes….this is ozb the place for tightarses, cheapasses and freeloaders after all…..
Witchdoctr on 16/03/2021 - 10:30

+3

Really really common hack scam. Hackers often target conveyancers, law firms and real-estate agencies to pull stuff like this off.

There is a very high likelihood that the Conveyancer's or your computer has been hacked.

I would give your computer a good deep scan and change your password on your email if you haven't already.

If you are on friendly terms with your conveyancer I would recommend for them to do the same.

It just pisses me off that some (profanity) could get away with this and I really feel for you OP, best of luck
- pformag on 16/03/2021 - 10:43
  
  +1
  
  Go further then a deep clean, wipe the HD, and start fresh.
  - UrbanLegend on 16/03/2021 - 13:10
    
    No amount of wiping will help if, as suggested, O365 systems were first compromised through phishing and then further exploited through hidden email rules and forwards.
- netjock on 16/03/2021 - 14:58
  
  There is a very high likelihood that the Conveyancer's
  
  more likely. Target with plenty of opportunity. How likely you are to hack an individual that so happens to make large purchases.
pformag on 16/03/2021 - 10:39

Similar happened to our company (well, accounts person like to click on cat video links in emails).

The hacker transferred 25K from one of our business accounts to one of our rather small customers, someone that spends 1K / month with us. They then proceeded to send a fake email advising the customer that we accidentally deposited the money in their account, and if they can please send the money back, but they provide a different bank account. Luckily, our customer noticed the difference in accounts numbers, so they called us and we proceeded to freak the f*** out.

Long story short, the bank froze our customer's account, and our account for 24 hrs, then took 10 days to transfer the money back.

We also forwarded the scam email to the AFP, as we could see the hackers IP address on the original email, and it was someone in our state (WA)

The account person now can't open any links.

We have invested a lot in cybersecurity.

This doesn't help you, but it can show that it happens all the time.
- burningrage on 16/03/2021 - 12:28
  
  Ooh… did this hacker use the html script editing trick thing?
  - pformag on 16/03/2021 - 12:39
    
    Have no idea, but the email look like it came from us, but old mate had really bad syntax and spelling, so that also tip our customer off.
    
    Our customer forwarded the email to us, then I used https://whatismyipaddress.com/trace-email and found out it was local. Sent this all to the AFP and they opened an investigation.
    - Zachary on 16/03/2021 - 12:54
      
      What happened after that?
payless69 on 16/03/2021 - 10:41 Comment score below threshold.
- netsurfer on 16/03/2021 - 10:47
  
  +11
  
  Why do we have to read this ?
  
  Why did you click on it? You clicked on it and then whinged about it?
  
  Not enough bargains for you so you are so bored you start reading these?
shaybisc on 16/03/2021 - 10:48

+1

Email is insecure by design. If you're using it to send bank details for large transfers the test deposit to test authenticity should be a few cents. Even if the "From" address was the same as the OP had used to communicate with the conveyancer it can be spoofed.
UrbanLegend on 16/03/2021 - 11:01

The goosebumps when you double checked the email address and realised what has happened. I would've probably passed out.
USER DC on 16/03/2021 - 11:05

Man I really feel sad for you, I get upset loosing as little as 200$ but you lost $100,000.

I really hope that scammer gets punished for the crime he tried to commit.

It's so sad to also probably even think of that you might not be able to get the property you were trying to get, after loosing 100K.

It takes ages to earn that much money, and you have lost it.

I don't know what I'd have done in that scenario, honestly I'd be feeling so hopeless.

But for the very least you'll be more careful in future.

But I'd always make sure that bank I am sending money to is the intended recipient, by depositing like a tiny $1 or something amount before making the final deposit.

And also make sure that any email I receive is from the intended domain i.e. means checking the email of person who sent you that email.
Zondor on 16/03/2021 - 11:08

TBH as long as you were on this and reported it straight away I think you should be fine. It will take some time and delay settlement.

I'd say most likely it was your conveyencer that was hacked over you. I work for an MSP and the amount of people that fall for fake email login phishing is crazy.
shaybisc on 16/03/2021 - 11:26

I can't see how this could have happened without bank negligence.
- netjock on 16/03/2021 - 15:01
  
  Blame the banks too for high house prices, obviously they have been forging our signatures and bidding at auctions pretending to be us.
Tigercjn on 16/03/2021 - 11:34

I would also complain to the banking ombudsman as you picked up the problem quick smart and informed the receiving bank but they did nothing.
unfinishedsentenc on 16/03/2021 - 11:37

+1

Shouldn't first time transfers be held for 24 hours?
Darayus on 16/03/2021 - 11:43

+1

Check did the hacker has hacked your email system or conveyancer email.
Have you change your email PW yet? if not then he is still reading your email. Also ask conveyancer to change his email PW.
If conveyancer email has been hacked then thier insurance company will pay for you loss.
This has become very common nowadays and you have to be very careful when transferring money to anyone it would be better if you can call the company and ask thier bank account to confirm before transferring.

The reason I love OZB is that its like a street school where people express their problem and we get some real good guides and advice where we become smart day by day for free and I thanks to them.
echelon6 on 16/03/2021 - 11:58

Wouldnt NAB have KYC'ed the hell out of every new signup these days?

And also could it have been the conveyancer's email that got hacked instead of yours? if it's their account, maybe you can get covered under their insurance easier.
- netjock on 16/03/2021 - 15:03
  
  Wouldnt NAB have KYC'ed the hell out of every new signup these days?
  
  Probably money mule scam. Account sent to is a recruit who makes a few % transferring money offshore believing they have a real job.
jonkvh on 16/03/2021 - 12:22

+5

This is NAB's fault. All banks have auto/bot checks on large transfers now. I went through a frozen bank account scenario, where the bank phoned the person and got all the relevant accounts frozen.

NAB has always had serious security problems going back years amongst other things. The bank will have to cover this, so you'll get you money back just stay away from Court.
- Snoozer on 16/03/2021 - 15:53
  
  I agree. They could implement some very simple, completely automated checks to prevent this kind of thing happening.
- capslock on 17/03/2021 - 09:55
  
  It's actually CBA's fault for
  a) allowing such a large amount of money to be transferred out so easily from internet banking
  b) not calling up OP to ask if they were sure they really wanted to transfer such a large amount of money and warning OP about potential scams
  c) processing the transfer even though the account names didn't match (assuming the scammer didn't give out the real account name)
  - greennick on 17/03/2021 - 15:09
    
    +1
    
    a) it is up to the customer to determine the amount they are willing to transfer online
    b) you expect them to real time call up and challenge internet bank transfers? they do tens of thousands a day more than this, the NPP allows instant transfers, how would that even work?
    c) account names mean nothing and a warning message should come up noting they are not matched, it is impossible for a sending bank to check the account name, they don't have this info when transferring to another bank. the only way this could work is for the receiving bank to do the check.
Zachary on 16/03/2021 - 12:56 Comment score below threshold.
- Zondor on 16/03/2021 - 14:50
  
  +1
  
  Try carrying 100k around and see how that goes for you.

HELP PLEASE! Scammed out of nearly $100K

Comments

New Forum Topics