In an age where we're constantly reminded to strengthen our passwords and keep our personal information secure, it's alarming to hear that even the most vigilant can fall prey to sophisticated scams.

Recently, an alarming new twist on bank fraud saw scammers exploiting vulnerabilities in security protocols to deceive victims.

As the methods used by fraudsters evolve, it becomes increasingly crucial for individuals to stay informed and vigilant against such deceptive schemes.

Danielle Maddock, an ex-police officer with a decade of experience, was caught off guard by such a scam.

Despite her law enforcement background and her awareness of common scam indicators, she found herself ensnared by a scammer posing as a representative from her bank.

The scammer's call came at a time when Maddock was preoccupied with her newborn and home renovations, illustrating how scammers exploit moments of distraction and stress to their advantage.

A former police officer was deceived by a sophisticated bank impersonation scam despite her professional background. Credit: Shutterstock

The scammer's approach was disarmingly professional, using an Australian accent and possessing enough personal information, including the last four digits of Maddock's debit card, to appear legitimate.

The absence of telltale signs of a scam, such as a delay before speaking, further lowered Maddock's guard.

‘It sounded so normal,’ Ms Maddock recalled.

He informed her that multiple transactions were being made with her card in Melbourne and inquired if she had authorised them.

When she denied it, he said he would cancel the card and halt the transactions but requested additional personal information to verify her identity as Danielle Maddock.

He also mentioned she would receive a six-digit code on her mobile. After receiving the text, Ms Maddock provided the code to him.

‘Now that I say that, I should have picked that up,’ she lamented.

The man informed her that her new card would be issued within four to five business days, and then they concluded the call.

Only 10 minutes later, she received another call, which was genuinely from her bank.

‘[The woman] said, “Are you making transactions at the moment?”’ Ms Maddock narrated.

‘I said, “No, I'm not. I just had a guy call about the fraudulent transactions, and he's cancelled my card.”’

‘The woman said, “No, that card is very much active. That was actually the scammer,”’ she continued.

The woman assured her that the card would be properly cancelled and recommended that she visit a bank branch as soon as possible.

Thankfully, the bank's prompt intervention prevented the fraudulent transactions from being processed.

‘[I feel] pretty dumb,’ Ms Maddock shared.

‘I'm an ex-cop so I thought I'd be pretty savvy on that stuff.’

‘But it makes me really worried for elderly and vulnerable people—they will fall for that,’ she added.

Jason Veltruski, the Fraud Operations Manager at NGM Group, is credited with the bank's swift response.

Mr Veltruski explained that these scams often involve sharing bits of information about the customer to establish trust, combined with a sense of urgency that discourages them from questioning the scammer.

‘Taking the fraud angle, it makes the customer stand up and listen,’ he said.

‘They think, “OK, I don't want to be a victim of fraud, so I'm going to do whatever you tell me.”’

Detective Superintendent Matt Craft of the NSW Police Cyber Crime Squad pointed out that crucial information plays a significant role in these scams.

Scammers provide just enough information to build trust while gaining access to more sensitive details, such as two-factor authentication codes.

He noted that one of the most frequent methods for scammers to acquire personal information is through data breaches.

‘We're constantly looking on the dark web for lists of personal identification information,’ Superintendent Craft stated.

‘It is sold. It is traded. It's traded as a commodity for cyber criminals.’

‘It's a form of currency for those cyber criminals because they understand the value,’ he added.

Superintendent Craft mentioned several methods for safeguarding yourself.

‘Be wary of unsolicited phone calls from people that you don't know and that you can't identify,’ he advised.

According to him, when you receive calls like this, hang up immediately.

He also cautioned against sharing confidential information with anyone over the phone.

‘Always remember that [most] legitimate businesses will not call you requesting personal information,’ he reminded.

While phone scams exploiting two-factor authentication codes continue to pose a significant risk, another alarming scam highlights the dangers of seemingly innocuous messages.

As we’ve seen with recent fraud cases, scammers are becoming increasingly sophisticated in their tactics.

In one instance, a man almost lost $3 million due to a single fraudulent text message.

Understanding these threats and knowing how to protect yourself is crucial in today’s digital landscape.

Key Takeaways

• A former police officer was caught off guard by a sophisticated bank impersonation scam even with her professional background.
• The scammer had enough personal information to gain her trust and obtain a two-factor authentication code necessary for making fraudulent transactions.
• The NSW Police Cyber Crime Squad highlighted the importance of being cautious with unsolicited phone calls and guarding personal information, especially with the prevalence of data breaches.
• To prevent falling victim to such scams, people were advised to hang up on unknown callers asking for personal details and never share confidential information over the phone.

Have you or someone you know been a victim of such schemes? How can you further safeguard yourself from them? Share your experiences and tips with the community in the comments below.

 

[kerrikennel]

Omg, and a cop to boot!! The codes sent to you are your 2 factor verification codes to access your account. NEVER EVER GIVE THEM TO ANYONE!!!

 

[MickyMouse24]

Dont people check their banking apps that they have on their phone so they can check if any withdrawals are being made (if they get scam calls like this) and if not, why not or do they just get brain freeze? Its easy enough to lock you card.

 

[Ittybitty]

I had a call from 'supposedly' the fraud branch of my bank telling me that a certain person had withdrawn money from my account & set up an ongoing direct debit payment. They wanted to know all my details, but I thought it was a bit fishy. I told them so & asked for their phone number & I will call them back. As they knew my phone number, I used someone else's phone to call the number that I was given & it was ligament. They retrieved my money thank goodness but that is another easy way to check if it is fair dinkum or not, doesn't take long & is stress free.

 

[kenrconn]

I check my bank balances and transaction every day or at least every two days. I am happy to note that Westpac will now allow proper passwords to enter their online banking. Allowing letters, numbers and special characters instead of just 4 numbers as has been since internet banking became a reality.

 

[PattiB]

I check my bank balances and transaction every day or at least every two days. I am happy to note that Westpac will now allow proper passwords to enter their online banking. Allowing letters, numbers and special characters instead of just 4 numbers as has been since internet banking became a reality.

We also have a credit card with Westpac & every time it’s used we receive a text informing us of the transaction & the last 4 numbers of the card used. It’s almost immediate & I wish our other bank used this method as well. It all gets rather exhausting doesn’t it, constantly having to check everything? Scammers should be put out of their miserable existence.

 

[Veggiepatch]

So an ex copper thinks she should have been aware of a scam? Only if she worked in the cybercrime division of the AFP or the NSW Police.

 

[Veggiepatch]

The scammer's approach was disarmingly professional, using an Australian accent and possessing enough personal information, including the last four digits of Maddock's debit card, to appear legitimate.

A question for everyone. How do you dispose of your ATM receipts? Do you leave them at the ATM or take them with you?

My last ATM transaction receipt, from the ANZ Bank, has the first six numbers and the last three numbers of my debit card 16 digit number!

A word of advice. TAKE YOUR RECEIPT FROM THE ATM AND KEEP IT ON YOU. Burn it if you wish but don't leave it lying around in public, including those little rubbish receptacles at the ATM.

 

[johno cpfc]

I recently had a call supposedly from my bank informing me that there had been some payments made from my card and they said if i give them the last four digits they would cancel the card. I happened to have my account open at the time and it clearly states " DO NOT give card numbers to anyone . We will NEVER ask for your details over the phone or anywhere else, so i blankly told them this and they then came up with the reply that if i did'nt then they would freeze my account, so i told them to go ahead and freeze my account. I then hung up and called the bank who told me it was a scam and not to worry about what they said.

 

[Mr Chips]

A way of deterring these nasty scammers is to ask them to spell their full name and give you their phone number after they introduce themselves and tell you what they are calling about. Please write it down and then advise them that you are dealing with an issue at present and will have to call them back. If they become insistent upon dealing with the supposed issue then hang up immediately. After that, do not ring the number but call your financial institution and advise them of the information you have, They will tell you what you need to do if anything. You stand a better chance of getting these creatures wiped out by doing this.
On another note, I saw someone say that they receive text messages when transactions take place in your account. This is a very good idea and is actually available through most financial institutions. You will mostly have to call your bank to have this method activated in your account.

 

[Squizzy1]

Since this method of banking is encouraged and provided by the Banking Industry, with even businesses refusing cash more and more common these days, any fraudulent activity should be on them, since it's quite clearly not secure full stop.

 

[Reet]

Dont people check their banking apps that they have on their phone so they can check if any withdrawals are being made (if they get scam calls like this) and if not, why not or do they just get brain freeze? Its easy enough to lock you card.

I would never do any banking transactions on my phone as I believe it is too easy for scammers to pick up your details and carry out a scam. I do internet banking on my home computer in which my bank has a code number for me and each transaction has another code number sent to me by phone before it can occur. I believe it is a safer way to pay for things on line. Also I never trade with a company I don't know is genuine and have used many times before. I never trade with companies who solicit me to buy on line even if they give me the name of their company as being one I have traded with previously as I don't know any company who would do this legitimately.

 

[Rob44]

A couple of days ago I carried out a two-minute search on the legitimate web to see what "cracks" there were for bypassing passwords/PIN numbers etc and found a good number. One such advertised its ability to bypass fingerprint security among other things, and it was a free download.

I didn't download it, and it could have been a subtle scam in itself, BUT assuming such applications are freely available via Google etc, there is NO security.

 

[Rob44]

I recently had a call supposedly from my bank informing me that there had been some payments made from my card and they said if i give them the last four digits they would cancel the card. I happened to have my account open at the time and it clearly states " DO NOT give card numbers to anyone . We will NEVER ask for your details over the phone or anywhere else, so i blankly told them this and they then came up with the reply that if i did'nt then they would freeze my account, so i told them to go ahead and freeze my account. I then hung up and called the bank who told me it was a scam and not to worry about what they said.

Once you have spoken to someone on the telephone, and should they be a scammer with access to AI, the AI has your voice pattern and your voice can be mimicked by the AI.

The drive to "modernity" has been fatal to trust.

 

[Rob44]

The scammer's approach was disarmingly professional, using an Australian accent and possessing enough personal information, including the last four digits of Maddock's debit card, to appear legitimate.

A question for everyone. How do you dispose of your ATM receipts? Do you leave them at the ATM or take them with you?

My last ATM transaction receipt, from the ANZ Bank, has the first six numbers and the last three numbers of my debit card 16 digit number!

A word of advice. TAKE YOUR RECEIPT FROM THE ATM AND KEEP IT ON YOU. Burn it if you wish but don't leave it lying around in public, including those little rubbish receptacles at the ATM.

Seems that someone now has the choice of 10 power7 numbers for getting your credit card details. It might take a decent hacker's computer a couple of hours to crunch through the possible combination of numbers left; something for a computer guru-cum-mathematician to confirm. That sort of stunt took the valve-operated computers at Bletchley Park (1940-45) a bit longer to do and a 'crib' was needed to kick off the day's code-cracking, the 'crib' in your case being the knowledge that those 7 numbers are numbers between 0 and 9 and nothing else.

The ANZ is a dumb bank if their ATMs are printing 9 of the 16 debit-card numbers on their receipts from the ATM. 10 power 16 possible numbers would take a bit more of an effort to crack.

 

[Veggiepatch]

Once you have spoken to someone on the telephone, and should they be a scammer with access to AI, the AI has your voice pattern and your voice can be mimicked by the AI.

The drive to "modernity" has been fatal to trust.

When you access myGov telephone services, you are asked to repeat something on the lines of "In Australia, my voice identifies me". Services Australia records as your "vocal" ID for later verification.

I don't know if it is still operating as I haven't used it for four years or so but sounds like very suspect to me!

 

[Rob44]

When you access myGov telephone services, you are asked to repeat something on the lines of "In Australia, my voice identifies me". Services Australia records as your "vocal" ID for later verification.

I don't know if it is still operating as I haven't used it for four years or so but sounds like very suspect to me!

I wonder how Services Australia keeps one's voice-print secure. Good job we don't yet live in a dictatorship; you could say anything to anyone and get both of you hauled off to the basement cellar and the bastinado by bastards, even though you were somewhere else speaking to no-one else at the time. However, that assumes that the bastards actually do want you, rather than hauling you off to the basement, 1984-style, just for the fun of it.

Isn't modern technology wonderful; reminds me of the "The Life of Brian".

 

[Iggydi]

Dont people check their banking apps that they have on their phone so they can check if any withdrawals are being made (if they get scam calls like this) and if not, why not or do they just get brain freeze? Its easy enough to lock you card.

I don't have any banking Apps on my phone. I have 2 different bank accounts through 2 different banks and I go through the bank website for 1 the other I have to physically go into the bank to check how much money I have or to withdraw

 

[CristinaV]

A way of deterring these nasty scammers is to ask them to spell their full name and give you their phone number after they introduce themselves and tell you what they are calling about. Please write it down and then advise them that you are dealing with an issue at present and will have to call them back. If they become insistent upon dealing with the supposed issue then hang up immediately. After that, do not ring the number but call your financial institution and advise them of the information you have, They will tell you what you need to do if anything. You stand a better chance of getting these creatures wiped out by doing this.
On another note, I saw someone say that they receive text messages when transactions take place in your account. This is a very good idea and is actually available through most financial institutions. You will mostly have to call your bank to have this method activated in your account.

I don't understand why one should interact with scammers. Don't answer unknown number. dot talk to them. Actually don't do anything with them.

 

[Rosita1950]

I would never do any banking transactions on my phone as I believe it is too easy for scammers to pick up your details and carry out a scam. I do internet banking on my home computer in which my bank has a code number for me and each transaction has another code number sent to me by phone before it can occur. I believe it is a safer way to pay for things on line. Also I never trade with a company I don't know is genuine and have used many times before. I never trade with companies who solicit me to buy on line even if they give me the name of their company as being one I have traded with previously as I don't know any company who would do this legitimately.

I also do not do financial dealings on my phone. I use my home computer to do Netbank. We live in dangerous times and there are very clever and unscrupulous criminals out there. It pays to be vigilant always!