News Next article

Banking scams that target customers

The Banking Ombudsman Scheme has dealt with several cases recently in which the fraud was enabled via email contact

6 May 2015

Nicola Sladden

Banking Ombudsman Nicola Sladden has kindly shared a post on scams to watch out for. 

It discusses common scams that occur in the banking industry - there are some important lessons here for Trade Me users as well!

Just like Nicola advises you should never share your PIN number, we say you should never share your Trade Me password!


Email hackers are assuming the identities of their victims online and stealing thousands of dollars from them as a result, says Banking Ombudsman Nicola Sladden.

The Banking Ombudsman Scheme has dealt with several cases recently in which the fraud was enabled via email with instructions to transfer money made by hackers rather than the person the victim thought they were communicating with.

One case involved a considerable sum of money, meant for a house purchase abroad, being lost with no recall at all for the victim.

It was the victim who authorised their bank to transfer the money to the fraudsters, even though they thought they were sending it to a person they knew.

The hacker was obviously thoroughly convincing masquerading as the other party, and as a result of this case we have amended our Quick guide on Common scams targeting bank customers.

We now tell people arranging money transfers via email to check in with the person they think they are communicating with using another form of communication before doing anything.

Common scams targeting bank customers

The scheme is receiving more internet and technology-related complaints.

Unfortunately, technology enables scammers to reach lots of people and this means we’re hearing about more people being left out of pocket.

The scams are increasingly sophisticated and all bank customers need to be vigilant to ensure they don’t get scammed.

When we investigate these complaints we usually have to determine whether the bank or customer is liable for the losses.

Three common types of scam complaints affect bank customers are:

1. When people send their own money to a scammer

Examples of how bank customers have been fooled into parting with their money include being asked to send a processing fee to access an investment or inheritance, or to help someone they have met on an online dating website.

2. When people send someone else’s money to a scammer (used as a mule)

Mule scams involve bank customers being sent stolen money they’re asked to forward on, often overseas.

The customer is usually a middle person (mule) and doesn’t know the money’s stolen.

They think what they’ve been told is legitimate.

Examples of money mule scams include when a customer thinks they are sending money as part of a job application, or to help someone they have been enticed into having an online relationship with.

Also when someone agrees to rent a property – usually from overseas – and deposits too much money into your account, subsequently asking for the over-payment to be transferred into another account.

3. When people are tricked into revealing their PINs to a scammer

PIN scams involve getting a customer to disclose their PIN, usually after the scammer has stolen their wallet.

Scammers use different techniques to get PINs such as:

  • Saying they’re from the bank and need the customer’s PIN to authorise cancelling their card because of suspicious transactions.
  • Calling the customer and telling them they’ve won a prize and need to provide a four-digit number to claim it. The scammer could be trying the combinations while they’re on the phone and telling the customer to pick another one if they do not immediately give their bank PIN. The scam relies on the customer eventually providing their bank PIN.

Our advice – be on guard at all times with your banking. Here are some things to watch out for:

  • Make sure you know who you’re dealing with. Do an internet search and look for reviews, check Consumer Affairs’ scam alert website, ask for a physical address you can check, and look the company up on the Companies register.
  • Check with someone independent and trustworthy before you commit to anything.
  • Don’t give out your account details unless the business is established and trusted.
  • Never accept money into your account for a subsequent transfer to others you do not know.
  • Never give out your password or current PIN to anyone, including bank staff.
  • Check your accounts regularly to ensure money is only going to the right places.
  • Report any likely scams to your bank and Consumer Affairs.
  • Contact your bank immediately if you suspect you’ve been scammed. They may be able to reverse the charges unless you have authorised the payment. If you are not satisfied with your bank’s response, contact us to see if we can help you.
  • If you need a four-digit code for something other than a bank card, you should make it different from your bank PIN(s). If you disclose your PIN, even unintentionally, you’re breaching your bank’s terms and conditions and will generally be liable for fraudulent transactions.

Go phish

Many organisations and businesses such as banks are used as a front in ‘phishing’ scams which go like this:

A customer receives an email seemingly from their bank which asks for confirmation of personal details, such as internet banking username and password.

It has a link to a website, which looks like the bank’s, but is fake. Once the customer enters their personal details, the scammers can access the customer’s account and take money.

Be wary of:

Emails which appear to be from your bank asking that you confirm your personal details. Banks will never ask you for your password.

Clicking links within emails. If you need to visit your bank’s website type the address into your browser.

Emails which ask you to enter your personal details into a website – it’s probably fake. You may be liable for losses if you disclose your internet banking password.

A big thanks to Nicola for this guest post!