HELP PLEASE! Scammed out of nearly $100K

Hi everyone,

So I'd like to precede this by saying I already feel absolutely horrible. I feel like throwing up constantly just thinking about this, but thought I would put it out there to see if anyone in the OzBargain community might have had any similar experiences or any advice.

Long story short, it appears a scammer hacked either my conveyancer's or the other side's conveyancers email accounts. and from doing so, got my details as well as the details of my upcoming property settlement. They knew the amounts due in terms of stamp duty payments etc, as well as the dates these amounts were due. They created a near identical email account to my Conveyancer, who I was emailing around 5-10 times a day and so simply didn't notice anything out of the ordinary when I received the scammer's email. It popped up only with my Conveyancer's name and the email address didn't come up as 'new sender' or anything. I know that I should have checked the email address before doing anything, but I had just answered about 3 other emails from my Conveyancer and still had about 3 to go. I had 6 emails in a row from her on different matters and it didn't at all enter my mind that 1 of these 6 might not be like the others.

In short, I transferred nearly $100K at the direction of this scammer who I believed to be my Conveyancer to the account they directed in the email. I called the Conveyancer later that afternoon to discuss another matter, and mentioned to her I had transferred the stamp duty payment for this property. It was then we both realised what had happened.

I searched the BSB and realised it was a Bank X account. I called Bank Y first (my bank) to ask them to commence a scam investigation and try recover the funds immediately. They advised the funds had already reached the other account but they opened the Scam investigation immediately. I then went to Bank X and tried to have them freeze the account the funds were received into. They said the account was already closed and for some reason, they couldn't see any details in the system about who had opened or closed it (how is that possible?). That night, I attended the Police Station and filed a fraud/scam report.

I now have the Conveyancer's insurer, the Police and Bank Y/Bank X working on this case but I'm accepting the worst and not expecting to get anything back. In the off chance anyone here might have had similar experiences and have any advice, I thought I'd raise it to the OzB community. Again, please don't pile on me. I know and I feel horrible. I've barely been able to sleep and I am just hoping there may be some avenue I haven't thought of, even if its not likely to succeed.

Thanks in advance everyone

Mod: Edited for privacy

Comments

  •  
    • +1 vote

      gakko beat you by an hour and 51 minutes. Three comments above yours.

      •  

        Which statement of fact are you negging? If it's the second one, at the time I published my comment, there were no comments by Buckshot, jmi, nor gakko (responding to Buckshot's first comment), so gakko's comment containing the ABC News link was, in fact, "three comments above yours".

  • +1 vote

    these days transfer between 2 banks takes no time to get into the account (even if its a large amount), I'm shocked, however, is that it leaves no trace of opening and closing account let alone there was a $100k withdrawal in between, hard to believe it was not an inside job or downright criminal negligence on their end, fight to the end OP and all the best!

  •  

    I feel for you man - hope it works out in the end. Good luck

  •  

    I almost got scammed the same way. On the day of the settlement, the scammer pretended to me as my real estate agent and emailed me asking for my conveyancer e-mail address. I replied and copied my other real estate agent that I was dealing with. She immediately replied, saying it is spam.
    A few hours later, I got an email from the scammer pretending as my conveyancer asking if the funds are ready for the settlement and asked to transfer the funds to a CBA account.

    Since I agreed to my conveyancer that they are going to use the fund that is already in my account, I didn't respond to that email and called the conveyancer directly.

    I usually check my emails on the phone, and it only shows the first and last name of the person. It's an easy trap.

  •  

    Years back banks used to reject transfers when the account name is not matching.
    They should bring this back even though it is inconvenient at times.
    This give at least another layer of scrutiny..
    Wish you Luck OP

  • +2 votes

    but I'm accepting the worst and not expecting to get anything back

    No. There is a very good chance you will get this money back, don't give up.

  • +1 vote

    Seen this before. Guessing that one of the conveyancer parties got compromised via phishing, they were then impersonated via similar domain and mail rules. As others have said, check the headers and audit logs.

    They start by automatically (scripted) phishing large tranches of email addresses. Then when they steal their credentials (via fake ms login pages) then move into these more sophisticated activities, spin up similar domains eg acmeconveyancersau.com instead of acmeconveyancers.com. They then insert themselves into existing conversation threads (using mail rules to hide their tracks from the victim).

    •  

      Agree with the above. Seen it as well.

  • +3 votes

    Sorry for your loss

    My conveyancers sig includes this statement

    Due to cyber fraud, any email containing bank account details must be verified by telephone by us prior to any payment.

    Maybe you should tell your conveyancer to add this to theirs

    • +7 votes

      Spot on….. an accountant I work with has this on their email signature:

      WARNING – To minimise the risk of cyber fraud, we request that you verify any email received from us containing bank account details for our trust account or any other account by calling us on _________. You should not transfer funds to any third party without first obtaining verification of the correct bank account details. Conversely, we will not use bank account details supplied by you without verification by phone.

      PLEASE NOTE that we will NEVER change account details via email. If you get an email purporting to be from us changing any account details previously provided this will most likely be a SCAM. If you receive such an email please immediately contact us by phone.

      It does appear OP that your conveyancor is at Fault here and you should get the money back.

  • +4 votes

    also be careful on updating the crucial info here, who knows if the scammers are lurking around here or not

  •  

    Just some info for you. High value payments are sent via the swift network which is through the reserve bank. The process will be slow but this will end up with the federal police to investigate.

    Your chances of getting the funds back arent good unless insurance company pays up.

    NAB can definately tell you whose account that was but usually wait for a Police warrant.

    Most likely scenario is the funds are overseas and most likely unrecoverable.

    Virtual hug coming your way… If you have any questions, you can PM me…

  • +1 vote

    Damn that sucks OP.

    Similar thing happened to my friend when doing renovations. The receptionist sent her bank details instead of the construction company's, then quit her job and fled after receiving a few $100k from various clients.

    Fortunately my friend wasn't out of pocket because it was a result of a scammer employee from within the company.

  •  

    That's many sacrifices to save 100K for a house deposit. Hope you get your money back . For first time transfer I usually send small denominations to be safe if account details are correct or not. Any way this is kind of a eye opener to check email sender details every time we reply .

    •  

      I think $100k was just the stamp duty

  •  

    Ouch…

    We just settled a property and our conveyancer was adamant they would only send their bank details via text at a certain time (they’d already send me messages from the same number previously) and that I could call them to confirm the BSB and account numbers.

    I did the transfer at my bank (paid a $35 fee) and I had to sign a Scam Form - asked questions like are you sure you know who you’re sending money too, it’s near impossible to get money back if this is a scam etc.

    I hope you get your money back!

  •  

    Just read on the news
    https://www.news.com.au/national/western-australia/102yearol...

    From what OP said and this story, this sounds so similar.
    Hope you'll recover your money soon.

    •  

      You beat me by 3 seconds lol.

      • +1 vote

        Never hurts i guess to spam it everywhere to help some other poor soul from parting with their money :).

    • +5 votes

      Only about the 10th time this article has been linked in this thread.

      • +8 votes

        Username doesn't check out ;)

  • +1 vote

    Damn that’s a hard one to swallow. Hope they catch the scum and you get it all back.

    Just read something similar happening to a very old lady. Some people have no soul.

    https://www.news.com.au/national/western-australia/102yearol...

  • +1 vote

    OP, didn't you need to make a new Payee?

    Does OSKO still have a 24hr wait on a first time Payee payment?

    From CBA website: "First time payments to a new payee may be held for up to 24 hours as a security measure."

  •  

    This is why when you moving a big amount you pay the $10 for a bank cheque

    I do feel for you man, i doubt you will see your money again. But i hope you do the system lets this criminals get away with too much.

  •  

    It's almost a certainty that this has resulted from a targeted hack on the conveyancers email account. Once they have access to the email account they won't give themselves away, they quietly monitor and do their research until they identify where they can intercept a payment.

    The hacker will then either send their email from the hacked account directly and delete the evidence from their Sent folder so that the business is unaware. Alternatively they setup another email account as similar as possible to the businesses legit one and use that.

    The bank account will be one of three things, an account opened with false documents, the account of an unwitting/gullible person who has been scammed in some way to gain access to their account, or someone who has been convinced to participate (not told the true source of money) and offered a fraction of the money for their participation.

    •  

      Feel like the email providers could be doing more as well. Surely with all the crazy algorithms they've got to study people's behaviour, they could quite easily develop a safety feature that identifies when something is wrong.

      Ie, an email address that is 99.9% similar to another one already on file, or at least a warning that you are reading a message from a new address for the very first time so you don't confuse it with an existing one.

  •  

    You should have requested to BPay to Revenue NSW directly 3-5 days before settlement, no middle agency where possible.

    Conveyancer is human and can make mistakes even it is not on this occasion. I would trust in myself to put big money into the right account. All main banks check biller codes before you transfer out and easy to solve ref mistakes if it happens.

  •  

    Oh my gosh! I just don't know what to say really OP. This was quite elaborate and I believe that NAB should have some responsibility as the bank account manager.

  • +2 votes

    Try calling one of the media outlets. Today Tonight, ACA etc.

  •  

    Sorry to hear this, scammers everywhere and very high tech now, even you get exactly the same email, plus verbal confirmation, still doesn’t mean save, so many case they copy and use AI technology to simulate your voice and talk and make it like emergency demand, then you’re dead duck, worse thing is, they’re the team work now, not solely, anyway, don’t fully relying on email, mobile, even video, always set the transaction limit and try to do as frequency face to face talk as possible, back to the old days.

  • +1 vote

    This made me feel sick reading this, I'm so sorry dude I hope they recover the funds and NAB actually does something about the (profanity) who did this

    •  

      Either OP is not telling the whole story or this is a bs story.

      • +2 votes

        Either way, the moral of the story is to STAY VIGLIGANT when DEALING WITH YOUR MONEY, better be SAFE than SORRY.

      •  

        Or some people do not read OPs post properly and decide he is lying.

      • +10 votes

        Hi mate,

        Not sure why I would make up such a story? I get nothing from doing so.

        If I made an omission in telling the story, I apologise. Long story short, the account I transferred the money into was a Bank X account that is now closed. Bank X told me this. Knowing that, I knew that the scammer would need to provide me a new account if they were going to try get more money from me. They did. They emailed me saying my 'final deposit' was due and I asked them to confirm the account once again knowing the Bank X one was no more. Perhaps thinking I wouldn't notice, they provided me an account that was different and a Bank Z account, which I've now provided to Bank Y (my bank) and Bank Z. That is what I was referring to when I said '
        Bank Z account.'

        Cheers

        Mod: Edited for privacy

        • +2 votes

          I dont get it, when you open up a NAB/CBA account you need 100 points of ID, name, license, address etc.

          Even if the Account is Closed, surely police can track the person owning the false account with the 100 ID???

          • +2 votes

            @frostman: Exactly what I basically talked to in my complaint to AFCA. If Bank X are saying they don't know who opened or closed this account, have they met their obligations to KYC? How can they say they have? I'm hoping AFCA ask the same obviously

            Mod: Edited for privacy

            • +2 votes

              @celtics889345:

              If NAB are saying they don't know who opened or closed this account

              I am glad you reported NAB to AFCA.
              It smells like an inside job if someone is able to open an account without KYC compliance.

    • +12 votes

      I don't see the point in victim blaming here. You internet warriors rarely get a full enough story that you're happy with

  • +4 votes

    When I bought a property 12 months ago, all my solicitor’s emails and letters reminded to call them to verify the bank bsb and acc number by calling them before transferring any payments requested by email. I thought it was silly but after seeing several news stories and your’s, it makes a lot more sense!!

    I think you did all the right steps. Good luck, I hope you are able to recoup the funds.

  •  

    goto 4 corners mate. also seek legalAID and legal advice. Also isnt the personal limit for transfers is under $25k or $50k? or did you had it maxed out?

    •  

      OP is a lawyer

  •  

    I feel bad for you. This sounds like fraud and definitely nab should be able to do something

  •  

    same MO but with aged care

    7news
    https://www.youtube.com/watch?v=Z5TGtn1Oguw

  • +7 votes

    Scams are all about about context. It's so easy to spot a scam when it's talking about offshore rigs in badly written english.

    But this one - I would have fallen for this hook line and sinker.

    •  

      For 100k, would you not phone the other person, and have them read out the Account and BSB, so you make sure it matches?

      • +2 votes

        On the phone number in the e-mail? Smiggle you just dun got duped.

        Honestly maybe, maybe not. Depending on the level of CONfidence in the e-mail or pdf documents I was looking at. Our brains are wired to make a snap decision on this, and I've had enough solicitors changing the game on me half way through settlement and literally asking for extra 100k at the last minute that it might just get through my auto sanity checks.

    • +16 votes

      Mmm, I don’t think I would have.

      I recently bought a cheap $15K campervan and paid $3.48 to the dealers account. Rang him up and made him tell me how much I deposited. Then I transferred the rest.

      • +1 vote

        I did that transferring to one of my own new account for the first time to make sure I typed the right amount number

    •  

      Agreed - this was a good one.

      It's easy to all say WE wouldn't have, but you never know until you're in the situation

  •  

    I believe this risk of fake account transfers of large amounts of money in property settlement transactions was highlighted as a substantial risk before the sale of the public Lands Title Office business to PEXA or somesuch for private profit

    but the NSW Liberal Government denied that with 'shibby right - more efficient mate!'

    sure - it's alright for their mates - who are now more efficiently extracting tax-payer dollars and putting them into their private offshore secret tax haven trust fund accounts

    too bad for You and Me Joe Public

    but that's how conservative politicians roll - taking money from the poor to give to the rich

    if you'd rather the opposite - taking money from the rich to give to the poor - that needs a Labor government.

    •  

      Yeah, kinda reminds about the sell off of electrical infrastructure, that was going to lead to lower power prices.

    • -2 votes

      Maybe better to just not comment if you have no idea what you are talking about.

    • +1 vote

      Ive done transfers with and without pexa

      pexa is SO much easier

  •  

    I was scammed $450 by a lowlife who took advantage of me under similar circumstances. Just pathetic. That itself gutted me so I know how you feel.

    We recently did two settlements and we used the same conveyancer from last time. I had his details saved in my ban anyways and also we used PEXA.

    Now this app gets a lot of hate as we the buyers pay the PEXA fee. But the conveyancer sent his details in that app which we could have used to confirm.

    In any case, hindsight is 20/20. I hope the police can help you get back the money asap. This is getting out of hand.
    There should be legislation and protection against such scams. All the best!

  • +1 vote

    I am wondering if it’s something like this. The conveyancing system, PEXA, itself that is being used.
    Really sounds like it.
    Most conveyancing is done through PEXA (which I think is now owed by Comm Bank)

    https://www.itnews.com.au/news/pexa-beefs-up-security-contro...

    https://www.urban.com.au/news/85714-masterchef-s-dani-venn-g...

    I feel for you OP. Please don’t feel bad, it’s the bastard scammers that have done wrong, not you..

  • +2 votes

    The OP part about NAB cannot be true. Regardless of the account circumstances, they would have simply advised they cannot provide any of the details.

    There's certainly no way they would have starting rambling on about the account status and lack of account holder details etc.

    • +5 votes

      It depends on the person speaking on their behalf in my opinion.

      I was told conflicting stuff by 2-3 support agents from a bank.

    • -1 vote

      100 % agree.

    • +6 votes

      So when I went to the branch, I was frantic. I had all the emails with Bank X account details as well as Bank Y scam number and Police event number. The branch rep told me they typically can't provide any details of the account. She went over to the branch manager and they spoke for a few minutes, me watching. He then nodded his head after visibly demonstrating his shock and sadness and she came back telling me they cannot provide any details of who owned etc, but they could tell me it was closed. She then added (perhaps when she shouldn't have) that she oddly enough couldn't see any identification on the account which shows usually even after an account is closed.

      Mod: Edited for privacy

      • +13 votes

        Really makes you wonder if there is an insider at NAB setting up these non-KYC'd accounts… or someone has found a loophole to make them

        I would keep digging at NAB, find out who opened that account and you might find your money

        •  

          Most likely it was a business account and the ID used were false. Happens a lot especially with identity theft and how often international travelers have their ID stolen or taken in sharehouses etc.
          Quite easy to take a generic "foreigner" passport and set up an account with a telco and then go to a bank either setting up an ABN'd account for contract work as a delivery driver etc.

        •  

          the police will find out from the 100 pts id … the detectives would keep OP updated one assumes.

  •  

    Anybody planning to make large payments for property should look at how this works:
    https://www.rba.gov.au/publications/bulletin/2021/mar/pdf/pr...

  • +36 votes

    Hey mate,

    Feel for you - almost exact same situation as you, transferred almost 200k to my conveyancers "trust account", only to be told day before settlement that they don't have a trust account.

    Slightly different, it wasn't a different email but an authorised email that we had previously corresponded with - the running theory is that they were watching, then only got in and spoofed IP once it came crunch time.

    Long story short, conveyancers insurance covered settlement + penalties (took 3wks to be sorted), we weren't out of pocket in the end and we are enjoying our place. I hope you get the same result.

    Things to note:

    • police will take their sweet time - I received a call the other day from them about it (over 5mths later)
    • banks will not give you any helpful info while investigation is ongoing, but they will be working to recover your funds - 3 wks of me contacting bank every 2nd day asking for updates, while conveyancers insurance chased me up for updates

    Hope that's helpful - sorry typed quickly on a work break. Feel free to PM me if you'd like to know more.

    • +1 vote

      From what we learnt,
      contact the solicitors or other parties if they request Large amount of money to be transfered..

    • +4 votes

      Thanks Toby! Whilst I'm trying hard not to get my hopes up in the event it doesn't pan out, that is good to hear the conveyancer's insurance covered everything. I feel the developments with the settlement sheet prove its not me who was hacked but either my conveyancer or the other side's conveyancer. Fingers crossed the insurer agrees!

    • +2 votes

      Glad you posted for the OP.

  •  

    The consumer won't get the money back from the bank. The bank may reimburse if the scammer remotely accessed their computer and initiated the transfer remotely.
    In this instance the consumer has willingly sent the money (albeit to a scammer). This is beyond what the bank will cover, especially for this quantum.
    I think the best case for the consumer is a claim on the insurance of the conveyancer, and argue the conveyancer has exercised due care. However I suspect the insurer will be reluctant to accept liability so be prepared for a legal fight…

  •  

    Sorry to hear mate + a coworker recently lost a similar sum on property development, a mates company got stung on accounts payable, a supplier I deal with same thing….. Hacked and account detail changed on official letter head etc. Seems all too common.

    From what I'm hearing unless you have specific cyber crime insurance it's a very grey area as to who's to blame and is accountable (and costly to challenge).

  • +18 votes

    I have been checking this post periodically hoping to hear some good news from OP. All other similar scam stories you guys shared are heart-breaking, yet like OP's story, serve a great reminder to the wider community to stay vigilant and look out for the vulnerable ones around us. I have been spreading this story wide and far, to my friends and family about the importance of cyber safety.

    Thank you for all your stories and hope that it works out for you, OP!

    • +3 votes

      I'm like you, I keep coming back to the last page of comments and hoping I see some positive/relieved comments saying "I'm glad it all worked out" etc. It hasn't happened yet but I keep my fingers crossed it does.

      •  

        I've been doing the same. OP, I really hope you get your money back! I know that sick feeling when something bad has happened and you have no real control over it. I'm hoping this story has a good outcome.

  • +7 votes

    Hello, I work in IT and I have worked with a company that had this exact thing happen.

    Are they using Office365 if they are they should immediately enable Microsoft 2fa on all their accounts as well as change their passwords.

    However, this may not be all, in some cases hackers will use a redirect rule to redirect directly to them - but this does not show up in new version of Outlook.

    They need to logon to https://outlook.office365.com/mail/login.html and then go to the rules area and delete any rules that are in their.

    If they are using exchange they need to go to their OWA portal.

    If they are using exchange chances are they are breached by the latest exchange hack and need to update and patch immediately https://cyber.dhs.gov/ed/21-02/.

    • +5 votes

      Hell I've work in IT for a loooong time and would (arrogantly) think this would never happen to me.
      The other day I received an email to my work address. I was expecting an email along the lines of the content. It took me to a website where I entered my credentials.

      I froze when I saw what was on the following page. It was a phishing test from our global office telling me I had failed the test! Sure enough I went back to check, and all the sure signs of a bs scam email were there, I was just too busy and my paranoia was low at that time because I was expecting an email.

      So it can definitely happen to anyone under the right circumstances.

      Hoping for a good outcome here @celtics889345. Keep hounding!

      • +1 vote

        Yeah, happens to the best of us especially when we least expect it.

      •  

        Im normally really diligent, but of all times - I'd just changed my password as it was going to expire. I received another email asking to confirm it (yeah it was a work one to test us), of all things I fell for it! I mean seriously - what are the chances regarding???? I should have know better!

        These days I always go direct to the site or click on those emails for fun and put in fake details just to see what happens LOL.

  •  

    Feel sorry for you and wish you all the best and get your money back. Reminded me of my previous neighbour, who almost got scammed by someone pretending as her boss emailing her to transfer $100K from company account to his personal account. She almost clicked transfer, but she hesitated at the last second and gave her boss a call……She got terrified afterwards as she only had that job for a few months time.

  • +10 votes

    It happened to me too. I lost a bit over $20,000. Reported it to my bank who did nothing but tell me to contact the other bank. The other bank told me they couldn't give me any details but would look into it (and seemingly did nothing). I reported it to the police who told me to go to the ACORN website and lodge it there. That's just a site that helps them track data of scams I think - there was never going to be any money recovered. Every time I called the police the person looking after it told me he would get to it but quite forcefully told me murders and serious crime comes first. It then got transferred to a police station interstate and I never heard another thing. My contractor had their email hacked and they found a rule filtering out all communications to me, sending them to another address and then deleting them from their server.

    •  

      I agree. ACORN/ACSC is next to useless… unless you're a politician or someone who has clout which gets them to actually follow their procedures.

  • +1 vote

    I read the title as nearly scammed out of 100k, then when I reread it …

  •  

    One of the only recent advice request threads where I see people taking pity on the OP.

    Hope you get your money back OP.

  • -2 votes

    You should lodge a complaint with ANZ. There is a standard criteria of KYC for all banks to prevent fraud/terrorism/etc.

    • +4 votes

      ANZ is the only one of the Big 4 banks not involved here.

      OP's bank is CBA, and the scammer has sent emails requesting transfers to both NAB and Westpac. OP transferred $100,000 to NAB, but nothing to Westpac, fortunately.

  • +4 votes

    Those making fun of OP you guys are absolutely cooked. $100k that’s hard saving

  • +3 votes
    1. Raise a complaint with both CBA and NAB.
    2. If you are unsatisfied with their response, escalate the issue to the Australian Financial Complaints Authority - https://www.afca.org.au/make-a-complaint.
      There's no guarantee the AFCA will find they're even partially required to compensate you, but if, e.g. the beneficiary account was created without adequate KYC checks per the AML-CTF (https://www.austrac.gov.au/business/how-comply-and-report-gu...), or, if there was another suspicious pattern of behaviour such that they reasonably ought to have known the transaction deserved closer scrutiny, they may.
    3. Failing that, it sounds like your conveyancer was compromised to an extent.
      Even given the crims' emails came from a new domain, it's more likely the crims knew the details of your upcoming transactions from monitoring a conveyancer's inbox than a random member of the public's. I'm not convinced it's reasonable for you to wear the loss entirely even if you could have exercised more vigilance. Consider engaging a law firm that deals with 'Business Email Compromise' / 'Payment Redirection' scams.
    4. Be careful not fall prey to 'we'll get your money back from the scammer' recovery companies. If the banks can't do it at the behest of the police, it's unlikely some rando can. At best it'll be expensive and ineffective but legitimate; at worst it'll be another scam.
  • +1 vote

    Hope you get your money back OP.

    Have a read of the below URL.
    I hope it will help you
    There is hope
    https://www.afca.org.au/media/829/download