A scam artist transferred $50k from a man's bank accounts after tricking him into downloading what he thought was anti-virus software.

But it turned out to be remote access software which was used to find out the man's username name and password when he logged into his internet banking.

The man was initially phoned by the scammer saying they worked for his internet service provider and that the company was carrying out work in the area which was affecting his internet.

The man, who lived rurally, had been experiencing slow internet connections at the time.


The scammer then offered to help the man detect and remove computer viruses which would also help with his internet connection.

He advised the man to download anti-virus software and then log into his internet banking to check the bank website had two padlocks in the corner.

He did this and when he found there was only one padlock rang the scammer back and was told to set up an international payment facility to strengthen the security.

When the man called his bank to set up the international payment facility his didn't mention he wanted to set it up for security purposes or that he had no plans to send money overseas.

When asked how much he wanted to send, the man said around $10,000.

The man then called the scammer repeatedly over a few days and after becoming frustrated he called his internet service provider directly only to find they were not doing any work in his area.

He realised he had been the victim of a scam and called his bank, which suspended his internet banking.

But by then the scammer had already transferred $50,000 from the man's bank account to international accounts.


Banking Ombudsman Nicola Sladden said the recent case demonstrated just how clever hackers could be and how they were constantly developing new ways to access people's personal information.

She urged people to be suspicious of any unsolicited emails or phone calls.

"Question whether the email you just received was unusual, or how likely your service provider is to call with unreported issues.

She said people should double check with their normal internet service provider before giving out personal information or downloading software.

Sladden said people should also use two-factor authentication which requires a code sent via text message to be entered before money can be transferred overseas.

"This means that not only will a hacker need your log-in details to access your account, but also the verification code which is sent to your phone before money can be transferred."

She said the man's loss may have been prevented if two-factor authentication had been in place.

He had asked the bank to disable it two years earlier after having trouble using the system and complaining that he did not receive the text messages.