“Oh my God, they’re still moving the money.”
The bank teller was shocked when pensioner Lyn Read walked into her local Bendigo Bank branch one afternoon in January to tell her she was in the middle of scam, and the bank’s employee acted quickly.
“She shut it all down and said, ‘I’ll ring our fraud squad and get things sorted out’.
“And she said, you should have the money back within two weeks,” Mrs Read recalled.
The teller managed to stop the scammer’s final attempted transfer of $3000, but by then Mrs Read had already had $50,000 stolen from her account.
She would later find out that the teller hadn’t immediately been able to get onto the bank’s fraud team.
Mrs Read has terminal cancer and doesn’t know how much time she has left to live.
She was relying on that money to enjoy the remainder of her days with her seven children and 13 grandchildren, and to do something that is important to her – to pay for her own funeral.
But she didn’t get the money back in two weeks.
Nine months on, Mrs Read is still fighting Bendigo Bank for reimbursement.
Mrs Read argues the bank should have acted faster to stop the money being transferred out of the scammer’s two accounts, which were also with Bendigo Bank, and that the bank’s systems should have picked up the highly unusual activity on her accounts.
“They were large sums of money and it was quite out of the ordinary for me,” she said.
Bendigo Bank argues that because Mrs Read gave her one-time six-digit internet banking passcode to the scammer, the loss is her responsibility.
The dispute speaks to the difficulties Australians face avoiding scams, and the challenges banks face keeping one step ahead of this huge global industry.
Australians lost $3b to scams last year
Mrs Read fell victim to a highly sophisticated, yet common scam, where a text purporting to be from her bank warned her of a questionable transaction.
Alarmed, she called the number on the text and got through to ‘Ricky’, who said he was from her bank.
Mrs Read says he seemed to already know all the details of her bank accounts, and told her she was being scammed, but he could fix it for her – he just needed her one-time six-digit passcode, which she gave.
This enabled Ricky to quickly increase her daily transfer limit, move money from her investments into her daily account, and then transfer the $50,000 into two accounts also held with the Bendigo Bank.
The ACCC’s Scamwatch received 14,603 reports of bank impersonation scams in 2022, resulting in more than $20 million in losses.
“We are incredibly concerned about bank impersonation scams because they can be so convincing, they are very hard to detect,” ACCC deputy chair Catriona Lowe said.
Lack of support from financial institutions
After being on the phone for about an hour, Mrs Read did become suspicious, and hot-footed it to her local branch.
The bank’s records, seen by the ABC, indicate it was well over an hour after Mrs Read had first alerted the bank to the fraud that they raised cases of ‘mule accounts’.
By then, the money was long gone from the two accounts.
The police investigation later identified the holder of one of the accounts as a young man in Sydney, who said he himself was the victim of a fake jobs advertisement and was unaware his account was being used for fraud.
Mrs Read’s daughter, Alison, has complained to the Australian Financial Complaints Authority about Bendigo’s response on the day, and their ongoing response to her mum’s scam, including what she calls a lack of responsiveness to the police investigation.
She’s angry that even though her mum alerted the bank while the scam was still going on, the mule accounts weren’t blocked before her mum’s money was transferred overseas.
“There were a multitude of factors that didn’t happen on the Bendigo Bank’s behalf in a timely manner that could have changed the outcome,” she said.
Stephanie Tonkin, CEO of the Consumer Action Law Centre, agrees that Bendigo Bank should also assume some responsibility.
“They were on notice and they should be resourcing their systems to respond to the scam,” she said.
“If you look what is happening overseas, the banks would accept some responsibility. But we are so behind here, and the banks are driving the victim-blaming narrative,” she said.
ABC News Breakfast has spoken to six scam victims who contacted the ABC, who either banked with Bendigo Bank or transferred money into an account at Bendigo.
They all complained of similar issues – difficulty getting through to the fraud department, poor follow-up and what they say is victim blaming on the bank’s part.
Bendigo Bank defends scam response
Bendigo Bank declined an interview request and said it wouldn’t discuss the details of specific cases for privacy reasons.
In a statement it said:
“In FY23 Bendigo Bank stopped $38.6 million in fraudulent transactions …
The bank has tightened transaction rules blocking high-risk payments to cryptocurrency exchanges, removed all links from SMS messages.”
Bendigo Bank says it has doubled the number of people working in its fraud prevention team, though it won’t say exactly how many are now on deck.
It says in August the average wait time for customer-facing staff to get through to the fraud centre after a fraud or scam had been identified was down to two minutes.
It has also just launched a face-to-face online banking safety community education campaign, where community groups can request a Bendigo trainer to explain how to safely navigate digital banking and avoid scams.
Increasing number of scams every year
Anna Bligh, CEO of the Australian Banking Association, said Australia was seeing an “explosion of scams” hitting Australian citizens.
She defended the banks’ efforts to detect and prevent scams.
“Every bank is doing their best every day to try to make sure everyone is safe,” she said.
Ms Bligh says Australia’s major banks combined have more people working in their financial fraud teams than the entire Australian Federal Police across the nation.
“What you don’t see is the millions of dollars and the thousands and thousands of scams that, one, never reach you as a customer because your bank or telco has stopped it. And … all of those that the bank has resolved very quickly.”
2020 Australian Broadcasting Corporation. All rights reserved.
ABC Content Disclaimer
We have a Bendigo Bank Account and before we can complete a transaction we must activate a Security Token (DigiPass) which displays a number which then must be provided before the transaction can be completed.
Given that the scammer was not in possession of the Security Token how was the transaction(s) able to be completed?
The solutions are simple. DO NOT operate your bank account electronically. If the bank insists that’s the only way it works the close the account and withdraw every cent of the money IN CASH and find some other way of ‘storing’ it . (and in any case you can easily produce more ‘income’ yourself if you’re not paying the bank large sums to ‘manage’ you wealth. eg. I closed down my CBA account (of almost $100k) a year ago, which they fought like hell to keep on their books; found a bank which opened an ‘old-time’ account for me according to MY written demands, and which I tried out thoroughly before committing more than a small amount. NO problems, no limitations on transactions, and a day-to-day interest-rate of 4.8% p.a. return. Mrs Read could do worse than check out the Bank-of-Queensland, but I’d insist she take someone with her to ask lots of questions and get WRITTEN agreements re. ANY transactions. (Or refuse any transactions except on her personal attendance. CBA refused me a largeish cash withdrawal on three separate grounds, over THREE weeks, none of which were valid. Protecting me from muggers and scammers was the first excuse; and I said any mugger and scammer who could get MY money will have earned it! Then they went on, until I finally said I’d be transporting the money with a shotgun handy. There’s a whole funny story there, but they finally handed over MY money (after they’d taken cover under the tables and behind doors!)
In the end I invested most of the money from the one bank I found reliable and have since found other ways of investing it, mostly at about 8%/10% on a regular basis. With NO “bank-fees or charges!” Bottom line: there ARE options if one is prepared NOT to cop the crap. PS. Keep in mind that homosapiens lived on this plant for several BILLION years before somebody allergic to having ‘proper job’ invented banks. BANKS ARE NOT NEEDED. And until people were conned into such a need anybody who ripped-off Li’l Ol’ Ladies often found themselves properly butchered and recycled as dogfood.
The ‘modern’ world has deviated miles too far from its roots. Wombats and cockroaches have succeeded where we have failed.
The solutions are simple. DO NOT operate your bank account electronically. If the bank insists that’s the only way it works then close the account and withdraw every cent of the money IN CASH and find some other way of ‘storing’ it . (and in any case you can easily produce more ‘income’ yourself if you’re not paying the bank large sums to ‘manage’ your wealth. eg. I closed down my CBA account (of almost $150k) a year ago, which they fought like hell to keep on their books; found a bank which opened an ‘old-time’ account for me according to MY written demands, and which I tried out thoroughly before committing more than a small amount. NO problems, no limitations on transactions, and a day-to-day interest-rate of 4.8% p.a. return. Mrs Read could do worse than check out the Bank-of-Queensland, but I’d insist she take someone with her to ask lots of questions and get WRITTEN agreements re. ANY transactions. (Or refuse any transactions except on her personal attendance. CBA refused me a largeish cash withdrawal on three separate grounds, over THREE weeks, none of which were valid. Protecting me from muggers and scammers was the first excuse; and I said any mugger and scammer who could get MY money will have earned it! Then they went on, until I finally said I’d be transporting the money with a shotgun handy. There’s a whole funny story there, but they finally handed over MY money (after they’d taken cover under the tables and behind doors!)
In the end I invested most of the money in the one bank I found reliable and have since found other ways of investing it, mostly at about 8%/10% on a regular basis. With NO “bank-fees or charges!” Bottom line: there ARE options if one is prepared NOT to cop the crap. PS. Keep in mind that homosapiens lived on this planet for several BILLION years before somebody allergic to having a ‘proper job’ invented banks. BANKS ARE NOT NEEDED. And until people were conned into such a need anybody who ripped-off Li’l Ol’ Ladies often found themselves properly butchered and recycled as dogfood.
Clearly there are many aspects of Bendigo Bank’s security and refusal to help this poor woman which are highly questionable but on the basis of “if it ain’t broke dont fix it” the fact that Bendigo almost immediately changed a number of processes and put in extra resources after Mrs Read’s shocking treatment, is clear evidence that much was ‘broken’ and wrong with the security of this bank.
Bendigo Bank spends a small fortune on advertising, a fraction of that spent to help Mrs Read would have gone a long way towards preventing the loss of many existing and new customers. It’s a $50,000 PR disaster for Bendigo Bank with a massively larger potential loss of business.
I strongly refute Mrs Bligh’s claim that banks are doing everything they can to protect customers. I had been with one of the big four for fifty years. I recently asked them to sms me every time money is moved between or out of any of my accounts. They said it couldn’t be done, then they said it could only be done if I had their app on my phone which I don’t want because I use only a desktop for banking, then they said they would do it within 48 hours. Nothing was done so I have moved all of my deposits out to another smaller bank (not Bendigo) which offers service and doesn’t have a permanent “were currently experiencing an unusual number of calls” message and prides itself in offering old fashioned service.