‘I have done nothing wrong.’ How one man lost $40k in savings to this CBA phishing scam

The thought of having your hard-earned money just vanish into thin air is enough to make anyone’s blood run cold.

But unfortunately, that’s exactly what happened to one Tasmanian man – who had his entire $40,000 life savings stolen in a matter of minutes.



Syed Rizvi, a 26-year-old electrical engineer, was going about his business one day when he received a heart-stopping wake-up call from his bank.

According to his bank, his transfer limit had been increased to $50,000 – a discovery that ‘shocked’ him since he did not request it.

‘I was left with no money and just before Christmas. I didn’t even have money to put petrol in the car,’ Syed shared with reporters.


scam1.jpg
The man was horrified to learn that his savings had been stolen. Credit: Anna Tarazevich/Pexels

Syed immediately checked his Commonwealth Bank account and discovered that $30,000 had already been transferred out.

He ‘panicked’ and called his bank immediately but noticed that another transaction – this time amounting to $9,860 – had been transferred from his account. And just like that, his entire life savings accumulated over four years were gone in a flash.

All of this happened while he was still on a call with his bank.



Upon checking, he noticed that the money was transferred into a CoinSpot account, which is a popular cryptocurrency exchange platform in Australia. Two-factor authentication did not kick in because Syed already made a previous transfer to the cryptocurrency exchange.

The man told reporters that he drove to the police station to report the crime before finally speaking to a CBA customer service representative an hour and a half after his account was frozen.


scam2.jpg
Syed lost his life savings. Credit: Towfiqu barbhuiya/Pexels

‘I planned to go on a holiday during the new year but I couldn’t go as I was left with no money,’ he explained. Mr Rizvi added that this incident even affected his mum who had to go to the hospital because she had been ‘so depressed’ upon learning what happened.

‘I couldn’t pay my rent as well. Now I don’t know if I will get my money back.’



As investigations were underway, Mr Rizvi was told by the CBA’s fraud team that the scammer had called and managed to impersonate him by supplying personal details and increasing his transfer limit from $1,000 to a staggering $50,000.

‘They ask only three questions: Your full name, date of birth, and residential address so any person can know these things,’ Mr Rizvi stated before adding that he had ‘no idea’ how the scammer got hold of his personal details.


scam3.jpg
The scammer wiped out his savings. Credit: Tara Winstead/Pexels

He also admitted that he was ‘very shocked’ to learn that the bank didn’t have any technology to distinguish who was calling them. ‘They should have realised this is very strange that a person is calling from a different number and pretending to be me,’ he continued.

In July last year, CBA introduced new AI technology that uses machine learning techniques to track down unusual changes to the way a customer interacts with their devices. According to CBA, customers develop ‘habits and patterns’ in relation to banking – specifically on keystrokes and the way they use a mouse. The bank said this is to keep customers safe against potential scams.



Dark web monitoring revealed that Mr Rizvi’s details had been leaked as part of the Medibank hacking scandal – and this included his passport, bank and email details. You may remember that late last year, a group of hackers hijacked the system of Medibank and stole the customer data of almost 9 million Medibank members.

The hackers then posted the information of hundreds of individuals to the dark web and told the insurance company that they will release more data unless they were paid a hefty ransom. More details about this story can be found here.

Mr Rizvi told reporters he informed the bank within 10 minutes of the incident happening and went to the police right after. ‘I should get the money back – it was not my fault. I couldn’t do anything else,’ he added.

‘I saved up money working two jobs. My whole family will suffer because they depend on me – I am sending money back home,’ he continued further.



Mr Rizvi also shared that CoinSpot’s fraud management team told him money had been deposited from four other accounts to the same recipient on the day his savings were stolen – suggesting that more people were scammed.

A spokesperson for CoinSpot said they will continue to work closely with the relevant authorities and reassured their customers that they do not provide specific details of individual accounts on their platform.

Bank of Queensland’s Customer Advocate Ben Griffin previously said that scammers will usually transfer funds offshore into cryptocurrency, which makes it ‘virtually impossible’ for banks to recover lost funds. This comes after a couple almost lost $146,000 in savings due to a sophisticated scam. You can read more about that here.



A spokesperson for CBA also told reporters that the ‘security of its customers remains a top priority’.

‘We invest in state-of-the-art fraud prevention and detection technology and have a dedicated team who actively monitor unusual or suspicious activity,’ they stated.

‘However, it is widely recognised that scams are becoming increasingly sophisticated. This has prompted increased investment across the sector in resources, systems, data, and intelligence to combat scams and alert the Australian public to the risks the community faces,’ they said.

The spokesperson added that CBA’s process is to fully reimburse customers as ‘quickly as possible’ to minimise inconvenience.
Key Takeaways
  • A man found out his transfer limit had been increased to $50,000.
  • $40,000 was transferred out of Syed Rizvi's Commonwealth Bank account within minutes.
  • He was told by the CBA’s fraud team that someone had called and impersonated him, supplying personal details and increasing his transfer limit.
  • Dark web monitoring revealed his details had been leaked as part of the Medibank hacking scandal and he is now likely to be refunded the money by the bank.
We can only hope that something like this never happens to anyone in the SDC community – but if it does, we recommend you contact your bank immediately and request help from the ACCC here.
 
Sponsored
NAB and it is all arranged via my Business Bank Manager. But they will do the same for everyone of their customers as well. I feel safe when I do a Direct Deposit Transfer.
Not long ago someone scammed my credit card unbeknown to me and the Bank closed the account immediately and contacted me. They asked me if it was correct and I said NO. They immediatley issued me with a new Visa Card. (I have to say that it could be because of the large amount I am allowed to use via my credit card. Nevertheless I feel safe).
My Mum was with NAB and was happy with them but my sister wanted to put her name on Mums bank account (all for good reasons...not) and NAB wouldn't allow it so she opened an account with Bendigo, who didn't care obviously. NAB look after their customers.
 
As I said on one of my previous posts, today I did another payment to an account provider that I have never used before.

Here is what I got in response by email soon after the transaction was completed and after having to enter the secret code which was texted to me so that I could complete the transfer.


""Security notice: NAB will never request personal information such as your PIN / password
or ask you to login to online servicing directly from an email.

This email is to confirm that you recently made a Funds Transfer to a payee with account ending 4784 for the first time.

For more information about this payment please log in at nab.com.au and select 'Payment list' from the Funds transfer menu.

Please call 1300 651 656 if you did not perform this transfer.

Sincerely,
NAB Internet and SMS Banking Team"""



End of quotation.
Hope this will help and enjoy the upcoming weekend everyone.
NAB is one of the worst when it comes to chasing up misappropriated money as anyone who has read any of the accounts from people who have been scammed
 
NAB is one of the worst when it comes to chasing up misappropriated money as anyone who has read any of the accounts from people who have been scammed
Well, it is simply a matter of differing opinions for, as far as I am concerned and from past experience, I can't complain in the way they are handling my money.
As I said before, it wasn't me that discovered that my Credit Card was scammed. It was them who stopped the card and rang me. If I okayed then they would have reopened my credit cad but when I said it wasn't me, they stopped it permanently and reissued me with a new card and reversed that charged amount.
 
NAB and it is all arranged via my Business Bank Manager. But they will do the same for everyone of their customers as well. I feel safe when I do a Direct Deposit Transfer.
Not long ago someone scammed my credit card unbeknown to me and the Bank closed the account immediately and contacted me. They asked me if it was correct and I said NO. They immediatley issued me with a new Visa Card. (I have to say that it could be because of the large amount I am allowed to use via my credit card. Nevertheless I feel safe).
Wextpac send me codes etc too whenever I make any withdrawal to send to a person/account not used before. It is extremely useful and I didn't even ask them for extra protection it came as part of opening an account.
 
I thought our bank account details were safe with medibank and AHM. I was with both of these and currently with AHM and was told that bank details were safe that it seems they only stole my name, address, date of birth , email address and medical history...IS THAT ALL !!!! Then what makes my bank account safe
 
Wextpac send me codes etc too whenever I make any withdrawal to send to a person/account not used before. It is extremely useful and I didn't even ask them for extra protection it came as part of opening an account.
Well that's good service. Can't complain about that.
 
I thought our bank account details were safe with medibank and AHM. I was with both of these and currently with AHM and was told that bank details were safe that it seems they only stole my name, address, date of birth , email address and medical history...IS THAT ALL !!!! Then what makes my bank account safe
Typical excuses used when they get caught out. They got everything else but you are advised that your bank account safe even if it is linked wigh both Medibank and AHM. If you believe that.
 
  • Like
Reactions: basilp
The financial institutions are well aware of the data breaches of recent, and any financial losses that are solely due to that exposed information should be the responsibility of the bank to cover as they should also have addressed their systems and procedures to allow for that information being misused. Although I am not a CBA customer, my various banks two factor authentication kicks in for any new account receiving a transfer (not just approving the financial institution for any account within). So if the money went to an account other than Syed's then that is a double fail on the part of the banks systems..... A lot has been put on us all to protect ourselves, the same should be expected of the banks.....
 
  • Like
Reactions: Kelpie
The financial institutions are well aware of the data breaches of recent, and any financial losses that are solely due to that exposed information should be the responsibility of the bank to cover as they should also have addressed their systems and procedures to allow for that information being misused. Although I am not a CBA customer, my various banks two factor authentication kicks in for any new account receiving a transfer (not just approving the financial institution for any account within). So if the money went to an account other than Syed's then that is a double fail on the part of the banks systems..... A lot has been put on us all to protect ourselves, the same should be expected of the banks.....
It would never have happened under the old ways the system worded and with a face to face dealings which is now a thing of the past. The Banks have invented and enforced this system upon their clients to save and make more money but they are failing to protect their customers and instead pointing the finger at them not to themselves.
It is their our system which is failing not the customers.
 
  • Like
Reactions: Silverfoxed

Join the conversation

News, deals, games, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.

Seniors Discount Club

The SDC searches for the best deals, discounts, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.
  1. New members
  2. Jokes & fun
  3. Photography
  4. Nostalgia / Yesterday's Australia
  5. Food and Lifestyle
  6. Money Saving Hacks
  7. Offtopic / Everything else
  • We believe that retirement should be a time to relax and enjoy life, not worry about money. That's why we're here to help our members make the most of their retirement years. If you're over 60 and looking for ways to save money, connect with others, and have a laugh, we’d love to have you aboard.
  • Advertise with us

User Menu

Enjoyed Reading our Story?

  • Share this forum to your loved ones.
Change Weather Postcode×
Change Petrol Postcode×