Can you imagine losing $20,000 in seconds?
This happens a lot. We have clients who have lost thousands. Some are in the tens of thousands.
And before you snigger and think they were stupid or silly let me tell you these are highly intelligent, smart people. If it can happen to them it can happen to you too.
Gone are the days when robbers raided a bank. They have become cleaver and worked out that in the digital world, they can raid you via CBA from a desk in Bulgaria whilst consuming a large Big Mac with fries.
Our phones are great, but they are also a cyber security nightmare. I get daily texts saying I have not paid for tolls, telling me to log into myGov, or some telling me I have inherited billions from someone living in Africa.
But sometimes these texts could be legitimate. Here is an example where smart people can get easily caught out.
The 32-year-old man, Let’s call him Bob, who banks with Ubank, received a strange text message with the sign-off “Ubank”. It appeared it came from a random Australian number, so he was suspicious from the start. The text message said:
“Suspected fraudulent transaction of $0.0 has been detected … Please respond CANCEL if you would like us to cancel your card and reissue a new card to your address”.
Bob thought this was a scam, so he called Ubank, and was told it was a legitimate text message.
Three weeks later he received a call from Ubank and minutes later $20,000 was gone.
Here is the detail.
The man on the other end of the phone had an Australian accent. The person knew the last four digits of his credit card and the most recent transactions on his bank account, and they also gave him a reference number.
In other words, they already had possible access to his bank account, but because of the two-factor ID, funds could not be transferred. They needed a 4-digit code that would be received by SMS on his phone, and Bob gave it to them.
It is so easy to do. So to keep yourself (and your money safe), follow these simple rules.
- Banks never send links via text message. The text message will usually say/ask you to ‘login’’ to your account but not send the actual link.
- Work the opposite way. Assume any text message you receive from contacts you do not know is suspicious. Check and double-check before you do anything.
- Equally, banks never call customers and ask them to provide personal information, such as one-time passcodes or PINs.
Looking after and preserving your cash is step 5 of our 9 steps to working less, earning more and creating wealth. If you would like to know more, contact Hitesh at hitesh@wowadvisors.com.au or Ros at ros@wowadvisors.com.au or call 07 3161 9548.