With the advancement of technology and digital convenience, also comes the rise of financial fraud. Scammers are using increasingly sophisticated tactics to steal money from unsuspecting victims, often before they even realise what’s happening.
From phishing attacks to phone scams, fraudsters are draining accounts in mere moments—often leaving victims struggling to recover their losses.
Take the story of Brendan McKean, a 72-year-old Queensland resident, for example. After falling victim to a sophisticated scam that drained his savings, he acted quickly, reaching out to his bank for help.
However, what happened next left him stunned and frustrated, sparking debate over the responsibilities of financial institutions in preventing fraud and assisting affected customers.
Brendan’s ordeal began with what appeared to be a routine security alert from Microsoft, prompting him to call a number due to a virus on his laptop. Trusting the process, he followed instructions to install Anydesk, a legitimate remote access program, which he had used before to resolve computer issues.
However, this time, the person on the other end of the line was not there to help. While still on the phone with the scammer, Brendan noticed alarming messages on his mobile phone indicating transactions were being made from his account.
In a state of panic, he immediately called Bendigo Bank on his landline to report the fraudulent activity. The bank responded by manually locking his account at 3.29 pm to prevent further log-ins, but this measure failed to stop an immediate transfer of $4,900 just two minutes later.
It wasn’t until 3.39 pm that a fraud block was finally placed on the account.
The aftermath of this incident was nothing short of devastating for Brendan, who not only lost his wife, Ann, two weeks later but also found himself in a financial abyss. The total amount stolen from him amounted to $24,300, a sum that forced him to borrow money from family to cover his wife’s funeral expenses.
The bank’s response to this crisis was, according to Brendan and his family, woefully inadequate. They felt that the bank laid the blame squarely on Brendan’s shoulders, despite his insistence that he had not shared any passwords or sensitive information.
‘They believed everything I told them apart from the fact that I didn’t give the scammers my password. I never stored my password on the computer … I had the Commonwealth Bank and my superannuation on the computer and neither of those sites were hacked. No money was missing from them—there was no attempt to get into those accounts,’ he recalled.
The bank’s systems reportedly failed to detect or raise red flags when the scammer increased the daily transfer limit from $6,000 to $50,000 and sent money to unfamiliar accounts.
The McKeans’ frustration was compounded by their experience with the Australian Financial Complaints Authority (AFCA), which they found to be lacking in accountability and responsiveness.
‘Bendigo would not allow him access to his account until he had wiped his laptop and phone and provided evidence that it had been done,’ said Mr McKean’s daughter-in-law.
‘Which also meant he had no evidence that his password had never been saved to his devices, which they then used against him.’
Despite the emotional and financial toll, the AFCA ruled that the bank acted within a reasonable timeframe to lock the account and was not responsible for the $4,900 transferred out.
‘It broke my heart when I heard the last bit as it was obvious he had no idea how much money had been taken,’ she said, adding, ‘They did not stay in contact after the scam and Brendan was always having to chase them up.’
This case has brought to light the urgent need for better consumer protection in the banking industry. The McKeans are now supporting the People Before Profit campaign, which calls on the federal government to make it mandatory for banks to compensate scam victims, similar to legislation introduced in the UK in October of the previous year.
The use of immediate and irreversible payment systems like OSKO has also been criticised for their role in facilitating such scams. The McKeans believe that there should be a delay in transferring funds to new accounts to allow for the possibility of recalling them in case of fraud.
Bendigo Bank, when contacted for comment, emphasised that ‘It is important customers take steps to protect themselves and do not share their passwords or allow someone they don’t know or trust to log in to their computer remotely, as it is extremely difficult to recover money that has been transferred to scammers.’
The bank’s spokesperson also highlighted their efforts in stopping fraudulent transactions, amounting to $34.4 million in the 2023/24 financial year.
AFCA, on its part, defended its role as an independent ombudsman service and stressed the seriousness with which it approaches the human cost of scams.
‘We see every day the human cost of scams not only in financial terms but in the emotional and psychological impact. We take this work very seriously,’ said AFCA’s spokesperson.
For our readers at YourLifeChoices, Brendan’s story is a cautionary tale. It’s a reminder to remain vigilant and informed about the potential risks of online banking and to advocate for stronger consumer protections.
We encourage you to share your thoughts and experiences with online banking security. Have you or someone you know been affected by a similar scam? What measures do you think should be in place to protect consumers? Your insights could help others avoid falling victim to such heartbreaking situations.
Also read: Australia becomes ‘honeypot’ for scammers: Are your savings at risk?
If money can be lost so fast to scammers how come when you do a legit transfer it takes hours or the next day to appear in the account where you have transferred it to? The banks are as usual do something dodgy.
Just can’t trust any text message or phone call. Got to question every one of these alerts or messages as a possible scam. Now with AI, even more diligence is going to be required as the scammers will work out how to use AI against us.
Everybody should be visiting their bank branch to find out how to put in place security measures or what to do if they are experiencing unusual or unauthorised activity.
Here’s another story from fellow YourLifeChoicer, Steve S. (edited for clarity):
Several years ago, my wife and I were with Bendigo Bank after CBA took over Bankwest.
My wife only used our computer, which had three layers of protection installed, to check balances.
One morning, she noticed three transactions, all on the same day, each for amounts exceeding $4,000.
We immediately went to the bank to query the transactions and got the usual response – ‘You must have given someone your password’ (which we hadn’t).
The transactions took two days to recover with Bendigo, as we insisted it was likely an inside job. The transactions had money going to NAB accounts, clearly identified in the details.
When speaking with one of their fraud team members, they admitted that the bank had less fraud control than other banks, which made them more vulnerable to attacks.
We moved all our accounts to another bank, and there have been no problems since.
However, one account I had closed and informed them of at the time still hasn’t been closed out by Bendigo, even after four years. They have continued to send me monthly statements.
Just today, I received another statement, but this one stated that as the account had a ‘zero balance’, it would be permanently closed unless I activated it with funds next month.
Is anyone awake at the wheel there??
Since they are closing the account anyway, and I am not dealing with them, I won’t waste my time chasing them.
All good businesses thrive or fail based on customer word of mouth, and I personally know over a dozen families and individuals who have since moved their accounts elsewhere. Personal word of mouth is far more powerful than any advertising campaign.
Many computer and phone operating systems store passwords and other personal details without the user being aware of it.
So if a hacker gains access then they can find and use them. They don’t need to ask you to input anything, which is probably what happened in this case.
So quite simply don’t fall for the traps that let a hacker in.
Only a few days ago I clicked on an MSM article about travel to get more details but instead I got a full screen warning from Microsoft that my system was compromised along with a buzzing noise and a number to call. I thought bull-crap but my computer was frozen. So I rebooted and all was well because the warning was not from Microsoft. I scanned my puter and there were no problems reported. I also reported the web site as unsafe.
We too have been hacked and ALMOST lost $15,000. We were lucky and got to our Commbank branch before it closed. The bank immediately blocked our account, closed the account and we reopened with a new account number.
My question is – Does the Australian Government employ people from OUTSIDE Australia to supposedly protect us from these bloody nuisance hackers, because, we have never heard of any of them being caught and shut down – so, where is our protection from hackers? Maybe we should give the job to our children who I think may have more brains and aptitude.