“I logged into my BNZ and I just saw half of these accounts were just empty,” he said.
$5000 here, $2000 there, to a variety of different names and accounts.
Money from recently selling the family home, as well as savings from his two-year-old son’s account, all gone.
“It seems like these scams are going on quite often, we’re pretty much in a position where we don’t know where to go from here.”
While about $15,000 quickly bounced back, he was still out of pocket by $18,600.
To make matters worse, he had not heard from the bank in more than a month.
“How easy is communication in this day and age?” he asked.
BNZ said unfortunately because Clayton gave the scammers the code, which gave them access to his account, the bank was unable to return a large part of his stolen money.
In a statement to RNZ, BNZ corporate affairs manager Cliff Joiner said in these instances, the money was impossible to get back.
He said BNZ would never ask for customers’ passwords nor send an email or text message with a link asking customers to click to log in.
Sending a hyperlink was a common tactic used by scammers, cybersecurity agency CERT NZ’s incidence response manager Jordan Heersping said.
“Most cyber attacks these days are financially motivated, and we’ll see lots of scam and phishing attacks that are focussed on getting into people’s bank accounts and taking control of their finances,” Heersping said.
But there were several ways people could keep themselves and their money safe: Making use of strong passwords and not giving them to anyone you did not trust completely, and setting up valid two-factor authentication for all accounts.
Too little, too late for Clayton, who was still pushing BNZ to refund the remaining balance.
He said banks needed to put effort into guiding customers away from scams, rather than leaving them in the dark.
Meanwhile, the Bankers Association had launched a “take a sec to check” campaign, to alert people about how to prevent getting scammed online.