From text messages to scam ads, how scammers drain bank accounts

In the 25 years that Helen Cahill kept the books of her small business near Melbourne Airport, she never had trouble banking online.

So, on a particularly busy afternoon on May 26, when she sat down at her desk, she thought it was odd that it was taking so long to log on.

She had searched Google for “Bendigo Bank” and clicked on the first link that appeared, which was a Google ad for the bank.

She then entered her login details, including a two-factor authentication PIN.

What Ms Cahill soon discovered was that she had clicked on a malicious advertisement instead of the Bendigo Bank website and a scammer had gained access to her account.

“It was probably within two minutes that I logged on to the real Bendigo bank… and realized that $30,000 had been taken out of my account,” Ms Cahill said at 7.30am.

“I just felt really violated… I thought, ‘How can this happen? I really feel like a very cautious and cautious person when I’m banking.”

The fake Bendigo Bank link that Helen Cahill clicked on.(Provided: Ignite Systems)

Ms Cahill quickly phoned the bank to report the incident and also spoke to the IT company that handles her company’s computers, called Ignite Systems.

They were able to retrace the steps taken by Ms. Cahill and discovered that the link she clicked on the search results page looked real, but the site that opened had a fake URL that it was easy to miss in a hurry, referring to “bendigohank”. instead of “bendigobank”.

“It looked like a replica of the authentic Bendigo Bank website,” Ms Cahill said.

“My take home message would be: it can happen to anyone.”

After days of constant calls and follow-ups from Ms Cahill, Bendigo Bank was able to return the funds within a week.

But she remains concerned that a malicious site has been promoted on Google without the bank notifying customers of its existence.

“At first I was very annoyed, then I became very angry that a real Google ad could be linked to a fake online banking site.

“I just don’t understand how…the bank didn’t know. I think something has to happen with Google, so they can run these ads.”

The fake Bendigo Bank website.
Bendigo Bank’s fake website had the word “bendigohank” in the URL.(Provided: Ignite Systems)

Bendigo Bank said in a statement that after the ad was discovered, its “Financial Crimes Team alerted the owner of the platform and had the fraudulent ad removed.”

Cybersecurity expert Dave Lacey told 7:30 a.m. that Google’s ad scams are particularly sophisticated.

“They use third-party, what we call, advertising affiliates who have the ability to almost manipulate or modify ads after passing a verification process,” Lacey said.

Google did not explain how the fraudulent ad showed up in its search engine.

The tech giant said in the last year alone it blocked or removed nearly 60 million ads worldwide for violating financial services policies, and said it is constantly developing new tools to protect its users against fraudsters.

Scams on the rise

There have been more than 35,000 reported attempts to obtain personal information about Australians since January.

The Australian Cybersecurity Center reported that cybercrime cost the economy an estimated $33 billion in 2021.

The national identity and cyber assistance service IDCARE has never been busier, according to its managing director, Mr Lacey.

“I don’t think there’s a lot of crime that you could say comes into the family home almost on a daily basis,” he said.

A man with a beard wearing a black collared shirt.
Dave Lacey says scammers know deception well.(ABC News: Chris Gillette)

“[Scammers’] the whole thing is about deception and they are well trained and versed in it.”

A popular method used by scammers is something called “phishing”, where things like an email impersonating a bank or phone company are used to trick people into sharing their personal information.

“Smishing” is a similar method, involving text messages.

“So smishing is done through text messages and phishing more generally through email or phone calls,” Lacey said.

“What’s yours is also ours”

Image of a skull appears on a website
Police seized promotional material during the cybercrime operation.(ABC News)

One of the leaders of a group involved in a prolific scam operation was jailed in May after duping dozens of Australians as large swaths of the population were locked down by COVID-19 in 2020.

Court documents reveal the group created fake identities on a website they called the ‘1-stop-rort-shop’, boasting online of software that could evade SMS spam filters .

Self-promotional videos of their exploits, which were seized by police as part of the operation, showed special logos and wads of cash accompanied by threatening music.

“In this particular case, we would say the offenders were quite skilled,” Cyber ​​Command Acting Assistant Commissioner Chris Goldsmid said at 7:30 a.m.

“We estimate they sent over 20 million text messages… That’s a significant number of people who could have potentially had their information stolen and access to their bank accounts.”

A policeman in a dark room
Chris Goldsmid says people affected by scams should report them quickly.(ABC News: Greg Nelson)

The “rort corp” motto was “what’s yours is also ours”.

Police found the men had access to staggering amounts of personal information, including secret online questions and answers.

In one instance, a member of the group bragged about sending “13 sets” of personal and financial information, including bank account user numbers, account passwords, full names, credit cards, expiration dates and CCV numbers.

The union had dozens of identities on tap and templates for health insurance cards.

“It’s difficult for law enforcement and agencies to apply traditional deterrence and response tools,” Lacey said.

“Certainly when arrests do occur, we cherish and appreciate that.”

act quickly

The newly elected Labor government has pledged to crack down on cybercrime, including introducing new industry codes for banks and telecoms operators.

Experts place a strong emphasis on preventing crime in the first place and acting quickly when people’s accounts are compromised.

“If you think you’ve been scammed, don’t be embarrassed. Contact your bank,” Acting Assistant Commissioner Goldsmid said.

“The sooner you report it, the better the chance… of getting that money back.”

Watch this story tonight at 7:30 p.m. on ABC TV and ABC iview.

Job , updated