Last week Stuff published a story about cyber crime. Readers were asked to get in touch if they had suffered from cyber scammers. These are some of their stories.
We hear a lot of about the tsunami of cyber crime but its nuts and bolts remain a mystery to many. That is until you’ve been scammed. Then they become all too clear and painful.
Last week Stuff ran a story about a company that was hacked and new bank accounts inserted into invoices it paid. When the company transferred the money into the accounts on the invoices – the accounts were held by beneficiaries in Auckland who were participants in the scam – it might as well have been sending the money directly to the scammers. Half the money disappeared offshore and out of reach.
Judging by the response to the article, these types of incidents and the inability of the police and banks to do much about it, remain far too common.
New build couple
In August last year a Hamilton couple who asked for anonymity, were in the process of building their dream home. A six-figure instalment to the builder was due when they received an email saying the builder’s bank account had changed.
They transferred the money to the new bank account only to find out eight days later the builder’s computer system had been hacked on the day the payment was made. The builder hadn’t spread the word.
The hackers used an account at Kiwibank held by a beneficiary.
“Neither our bank (ASB) nor Kiwibank picked anything up. So many reasons they should have. The banking Ombudsmen was no help,” the couple say.
“Our builders then backed us into a corner, although it was their lack of IT security that caused this. We were told our build would stop if we didn’t pay the instalment again. We had no option but to borrow more money. We will probably need to sell the home when it’s finished. At the time, our newborn baby was seven weeks old and my husband’s father was dying.
“It is absolutely unbelievable that with the technology we have available to us now, a person who receives a weekly benefit from the Government doesn’t have a red flag raised when they receive a six figure deposit and straight away transfers overseas. Then the banks including the banking ombudsmen are allowed to just say ‘I’m sorry to hear it happened to you’. It’s a bloody joke.”
The fraud is being investigated by the police and legal action is pending.
Company name theft
A few years ago Blenheim couple Ross Parker and Viv Smitheram started a business called Top of the South Containers Ltd selling shipping containers. They registered a domain name but closed the business due to containers becoming too expensive to buy.
In March 2022 a new website domain name topoftscontainers.co.nz was registered by James Taylor apparently living in Tauranga. He gave a fictitious phone number. The website used the same address and company name as Ross and Viv’s company. A South Island phone number on the website goes to an answer machine.
“Unfortunately this website has had people purchase containers, the last person to contact us had paid $37,000 and hasn’t been able to get a response from them,” Viv says. They have fielded several irate phone calls.
One of the people who contacted Parker and Smitheram was Whitianga interior doors and staircases seller Geoff Watters.
Scammed and want to warn people? Email firstname.lastname@example.org in confidence.
He told Stuff he had contacted the dubious company by email and then spoke to a person called Adam Brown who gave a quote and a time of delivery. He paid $8970 into a bank account and waited for the containers due on June 30. They didn’t turn up and all efforts to contact the company failed. Watters has reported the matter to the police.
Smitheram has reported the domain name abuse to the Domain Names Commission and is waiting for a decision.
She also went to the police but found they weren’t really interested.
”I really don’t want anyone else to be scammed and neither do we want to have upset people ringing us in the hope they can get their money back.
“The website is a very genuine looking one. People need to do really good research before paying any money for something you can’t physically see or verify.”
Stuff made several approaches to the new container business but did not receive a response.
In last few weeks Palmerston North plumber Pete Satterthwaite was contacted by a client who said he was being hounded by Satterthwaite’s firm for payment of an invoice. The client had received an invoice from the firm with a new bank account and had been told Pete’s firm was changing its account due to an IRD audit. The client paid and they weren’t the only one.
Another client fell for the same ruse and Satterthwaite managed to get hold of two others before they paid the fake invoices.
It was still $40,000 down the drain. The hackers had managed to get into his Microsoft Cloud based email server – a nine digit password – to redirect emails to their own email. Satterthwaite was therefore completely unaware of the email traffic with his clients, one of whom was a pensioner.
“I’m only a small business with about 10 staff. It’s not something I need,” he says.
He complained to the police who investigated immediately. They found the hackers, probably based in Nigeria, had used two New Zealand accounts belonging to two middle-aged women who had been in contact with the hackers on a dating website and had given out their bank account details.
The hackers then transferred the money from those accounts to an account in Istanbul.
Cyber scams are nothing new. David Marsh has a picture framing business in Queenstown. In March 2017 he sold two framed prints to a client and emailed the invoice for $5300 to its property management company. The email was intercepted, opened and the invoice altered to include another bank account. The client paid the invoice.
Marsh says he worked with a “brilliant” detective in Christchurch who investigated tenaciously but “ultimately to no avail”. The BNZ bank account was held by a Christchurch beneficiary living in a squalid rental who was looking after a mentally impaired son. It seems the son has been manipulated to provide his mother’s bank account for a small fee.
The trail went cold when the money was transferred from the woman’s account to an account in the United States.
A few months ago Ms B opened what turned out to bea dangerous file. She and husband Mr A first realised something was wrong when an unidentified charge of $10 appeared on their credit card account. They then discovered the scammers had obtained all the passwords stored in Mr A’s Google account. He changed his passwords but missed a login which allowed the hackers to open an account on a share trading platform.
They posted another photo onto his driving licence and then supplied the same photo for verification.
The hackers were able to trade $50,000 of the couple’s Westpac shares with the proceeds leaving the hacker’s account within 36 hours.
“After a huge number of hours trying to contact the fraud department at Kiwibank where the mule account was held, I managed to convince them to freeze the account, which enabled the recovery of roughly half the misappropriated funds,” Mr A says.
“The online share trading site were very apologetic and promptly reimbursed me for all my losses.”
New business peril
A Kaitaia couple recently set up a new business and the first invoice was for fees of $22,000. The invoice gave a temporary business account because the new business bank account had not been finalised.
The invoice was emailed and then hacked. The hackers substituted their Westpac bank account details for the couple’s and managed to redirect all the new business’ emails to their own email address.
Their invoiced client managed to recover $5,000 and passed it onto the couple who still took a loss of $17,000.
Westpac refused to give the couple any information about the account holder although the couple managed to find out it was held at Westpac in Henderson.
“The police were very unhelpful and the clerk at their Kaitaia counter wouldn’t even acknowledge our complaint saying they would get an officer to contact us the next day. Two months on and we still have no contact with them.”