62-year-old Susy received an urgent call from Tim, who said he was from the security department of her telephone company. Tim had detected a hacker who was sending her random advertising emails with malware(a malicious computer program) that could be used to access all of Susy’s personal details.
Susy was understandably scared about theft of her personal details – as well as the chance that the hacker could access a large inheritance in one of her accounts. Tim explained that if they acted quickly they could find and remove the malware to prevent, or at least minimise, any theft. Susy agreed to receive Tim’s help, and so downloaded and installed a computer program that gave Tim access to her computer.
Of the $90,000 Susy had lost, the bank was only able to retrieve the initial transfer
Soon after Tim began his check, he told Susy he had detected a sophisticated malware program that had accessed all her bank accounts. He removed the malware, but advised Susy to purchase anti-malware software for future protection. At $9,700, this seemed quite expensive to Susy, but she knew she had more to lose if she didn’t act quickly.
A week later, Tim called Susy to check that the anti-malware software was working well. As new malware was being developed constantly, Tim recommended insurance to protect her from any future hacking of her accounts. Generously, he suggested she could use his ‘family and friends’ discount; for only $8,000, Susy would have 10 years of protection though an offshore insurance company. Given her earlier experience, Susy thought this was a good idea.
Tim then told Susy that he had become a shareholder in this insurance company about a year ago. In the last six months, he boasted, he had received dividends equal to five times his original investment. He explained that the greater the investment, the bigger the payback. Unknown to Susy, transfers were made ranging from $2,000 and up to $20,000.
Susy imagined the round-the-world trip she had always wanted to take, and asked if she could make an initial small investment, and then regular payments to build up her shares. Tim said he didn’t want her to miss out on the holiday so, if she liked, he was willing to help her set up an online bank account to make regular transfers of $2,000.
When the security code came through to Susy’s phone, she gave it to Tim, as he explained he needed it to help her set up her account.
The change in banking, and the large international transfer, created a flag in the bank’s system and triggered a lock on Susy’s account. She then received a call from John, a bank employee. Susy told John that she had organised this transfer to a new online account.
She admitted to the teller that she had given her bank details and security code to Tim
John went through the warning signs of scams with Susy, but she assured John that this was not a scam. A week after Tim’s internet ‘help’, a transfer of $2,000 was made as agreed by Susy. Once more the bank contacted Susy, who again assured them that she had approved the transfer.
Over the next two months, automatic transfers continued. Unknown to Susy, instead of transfers of $2,000, transfers were made ranging from $2,000 and up to $20,000. During a visit to the bank, Susy realised her account was almost empty. She admitted to the teller that she had given her bank details and security code to Tim, allowing him to set up an online account that gave him access to all her money.
The bank locked Susy’s bank account, blacklisted the recipient and tried to recover the lost funds. Of the $90,000 Susy had lost, the bank was only able to retrieve the initial transfer of $9,700 made to another financial institution. All of the money ‘Tim’ had transferred from Susy’s account had disappeared.