A fraudster who struggled to pronounce the name of the woman she was impersonating or correctly answer security questions convinced ANZ call centre staff to change the contact details on the accounts, allowing her to steal $25,000.
Brydie Meinung only found out that her three accounts had been emptied out when she
went into Auckland's city centre for a business meeting and her card was declined when she went to pay for parking.
"I thought that was weird."
• More than $7 million of fraud attempts at ANZ
• ANZ annual profit drops 8 per cent to $1.8 billion
• ANZ Bank to take A$559m hit from increased customer remediation provisions
• Former ANZ boss David Hisco's last pay revealed, forgoes millions of dollars
She went into the ANZ branch to find out what was going on and says for the first 20 minutes they accused her of doing it.
"They were absolutely horrible."
She says it took until she was on the phone bawling her eyes out for them to believe her.
Finally, they took her to the manager and she found out the fraud had been going on for three days. But it had not brought up any internal red flags at the bank.
"No one had picked up on the suspicious behaviour."
She asked the bank for money so she could pay for her parking but says they refused.
"I had to call my mum in Dunedin and ask her to transfer money to my account."
She then asked the bank how she would pay rent and says they told her she would have to ask for help from her friends and family.
"It was so awful. It didn't make me feel safe."
An ANZ spokesman says the impersonator was able to change Meinung's phone and email details because the woman correctly answered personal authentication questions but admits there were "other factors" its staff might have been alerted to, which it had since addressed with the staff involved.
He said customer information could be obtained in many ways and this was sometimes beyond the bank's control.
"We are continually updating our authentication processes to prevent fraud," the spokesman said.
New Zealanders lost $33 million to online scams and fraud last year - triple the amount stolen in 2017.
Figures released in April by online safety organisation Netsafe show 13,000 instances of online scams and fraud were reported last year, up from 8100 cases totalling $10.1m in losses in 2017.
Meinung doesn't know how the fraudster got her personal information or found out which bank she was with, but believes her Facebook account was tracked and information was gathered from the Companies Office register from her business listing.
She says after listening to the recordings of the impersonator's phone calls to the bank, which were supplied to her by the police, there appeared to be a lack of competency by bank staff in picking up on strange and unusual behaviour.
"There is no reason that person should have got away with it."
Meinung says the impersonator, who rang the bank six times, struggled to say her last name, couldn't answer the security questions and whispered into the phone to try and get around the bank's voice identification system.
The impersonator initially just transferred money between Meinung's three accounts, which triggered alerts to the fraudster's phone and email.
They were then able to use those alerts to reset the password on the account and transferred the money out in 10 transactions, emptying the accounts.
Meinung says it then took 23 days for the bank to return her money to her - a timeframe the bank disputes.
The spokesman says the money was retrieved in three days and reimbursed to the account it came out of - a standard practice - although it conceded it should have told Meinung which account it was putting the money into.
"We reinstated the money to the account the money was taken from, not the account it was moved from (and where the customer expected to see it reinstated), which is our standard practice.
"We apologise and should have advised the customer what account we returned the money to."
Meinung says there is no way it was only three days as she split up with her partner and was forced to live with a friend for at least 10 days because she had no money.
"I missed automatic payments, so I got a lot of fees. There was a lot of backlash on me."
She was running a marketing business at the time and had a team of sub-contractors. But without the money she couldn't pay them for the whole month.
"It impacted me so much. It was so stressful. I couldn't pay rent, buy food and couldn't keep the business going."
The stress also triggered her autoimmune disease, which made her ill.
The bank offered Meinung $500 in compensation and an apology but she says she felt insulted by the amount after the level of emotional stress she had been through and declined it.
"I said I don't want that. That is an insult if you think that is all it has meant to me."
After battling illness and a busy time merging her business with another company, she decided to just let it go and move on.
But a year later she was defrauded again.
The first identity fraud took place in July last year. In August this year she found herself in the same position, when her debit card was declined when she tried to make a purchase at a dairy after a lunch out with workmates.
She contacted the bank and found about 15 transactions had been made on her account for a rental car, hotel, gambling and petrol over several weeks and the bank had not picked up on any of the activity.
"They were in places I had never been to before."
She says the bank blamed it on her card being skimmed but Meinung said she had not been anywhere that could have happened.
"I go to work and then home and two places for lunch. I had been sick so I hadn't been able to do a lot."
Two weeks later she went to pick up her replacement card only to find her credit card had also been used by someone else. The bank did pick up on this and put a temporary block on it.
Meinung discovered the bank had posted the two cards to her but they were stolen from her letterbox.
"They didn't tell me they had sent new cards in all the phone calls I made. Not one person had checked."
She says if she knew that, she would have blocked both cards two weeks earlier.
Asked why it had not told Meinung it was sending her new cards, the ANZ spokesman said all cards it issued were active, meaning they could be used straight away without a person having to go into a branch and identify themselves.
"If customers are concerned, they are able to request a locked card that can be activated upon receipt by the customer."
The case comes as Westpac Bank in Australia is facing allegations over 23 million breaches of anti-money laundering laws.
• More than $7 million of fraud attempts at ANZ
• Auckland businessman jailed for multi-million dollar fraud which funded luxury lifestyle
• '$1m fraud' at Canterbury DHB admitted by former employee
• How to protect yourself from online fraud
Meinung feels let down by her bank - the only bank she has ever been with.
"What I am angry about is ANZ should have way better security in place. This is not cyber hacking, this is really simple stuff."
She is still with the bank but is considering leaving.
"I have had hundreds of thousands with these guys. You think they would take this a lot more seriously."
She said it had been difficult to get someone at the bank to talk to her on the phone or in person about the issues and take it seriously.
"I just end up talking to people who say we will take that on board or they will only email me back."
The ANZ spokesman said it had offered to meet the customer on several occasions but the offers hadn't been taken up.
"We're happy to extend the offer again."