16 April 2022
Asheville, N.C. — Thousands of dollars vanished from a western North Carolina couple’s checking account.
Cyber criminals targeted the couple’s bank account, and all they could do was watch helplessly. The pair lost $2,800 instantly.
“They’re skillful, they know what they’re doing, and they target people like us,” Stephen Savage, of Hendersonville, said.
Stephen and Tessa Savage consider themselves computer savvy, so a threat to their home computer was a gut punch.
The couple recieved a message that said, “Ha, Ha, you are the victim of ransomware. If you pay $900 we will unlock all your files.” Later, Stephen Savage found a suspicious folder on the desktop computer. He removed it and tried to get some sleep.
“I was thinking about it all through the night,” he said.
Then at around 9 p.m., he got a text message from TD Bank that said “funds had been transferred successfully” through money transfer service Zelle.
The Savages don’t have a Zelle account or mobile banking. The next morning, the hoax further unfolded.
“My phone was not active. It was completely dead,” Stephen Savage said.
He had to borrow a co-worker’s phone to call Tessa, urging her to check their bank accounts.
“I saw that funds were being moved, that we hadn’t moved from our savings to our checking. And, so then, I said, ‘Stephen, we need to get down there,” said Tessa, and both were on their way to TD Bank.
Before reaching TD Bank, $1,800 was transferred from the Savage’s savings, plus $1,000 from their checking.
A total of $2,800 had vanished from their accounts through the banking service Zelle.
A representative for TD Bank said that once a Zelle transfer is finalized, the money is gone and the bank did not provide them with any information about how the money was transferred.
Despite efforts to prove the wire transfer was an error and to show that the Savages did not have access to their phones, their refund request was denied twice by TD Bank.
“It’s shameful the way the banking industry treats the consumers, treats seniors in this country, and I think we need to hold them accountable,” Tessa Savage said.
There are several federal laws that protect against wire transfers. Adam Bricker, executive director of the Carolina Cyber Center at Montreat College, said that Regulation E, a law from the Federal Reserve Board, should protect victims like the Savages.
“Regulation E does require the banks to reimburse you for fraud, even if it was induced and you did the action. You were induced, tricked, duped into making the cell transaction, they should cover you for this,” Bricker said.
WLOS asked TD Bank why it wasn’t complying with the Electronic Funds Transfer Act or Regulation E.
The response WLOS received from TD Bank was different from what the Savages received.
“At TD, we take fraud very seriously. We investigate fraud complaints thoroughly to determine the facts and take appropriate action. Due to privacy concerns, we cannot discuss the account activity of particular customers. However, we can tell you that TD has achieved a positive resolution for the customer in this case.”
A day after WLOS reached out to TD Bank, the Savages were contacted by TD Bank, notifying them the bank was refunding the entire $2,800.
The Savages have since closed their accounts.
Experts say what happened to the Savages was a “sophisticated attack.” The couple likely clicked on a phishing email or text message months ago.
“Sometimes these nefarious actors will sit in your systems for six, eight, nine months before they act,” said Adam Bricker, executive director of the Carolina Cyber Center at Montreat College.
Bricker said that hackers have the ability to impersonate your bank by texting you. For example, a cyber criminal may pretend to be a bank and text you saying thousands of dollars were transferred out of your account.
“Your instinctive reaction is to say no, I didn’t do that,” Bricker said.
Victims will then click on the spoofed link and type in their bank information.
Hackers are also able to shut off your phone using SIM swapping. Hackers can call your cell phone provider and convince them to shut off your phone. They may impersonate you and say that your phone was lost or destroyed.
Even people who don’t have a mobile banking app or who don’t use their phone for banking can still fall victim to a scam like this.
Bricker said there are several steps you can take to protect yourself. If you see something suspicious, do not engage or respond.
Experts recommend setting up two-factor authentication on all your accounts. Bricker also advised people to double check their passwords and use a password manager to help create long and complex passwords.