Online sale scam costs seller $16,700

16 Jun 2026, 02:37 by Susan Edmunds · RNZ

Photo: RNZ

A woman selling items on an online marketplace ended up $16,700 out of pocket when she was targeted by scammers, the Banking Ombudsman says.

She received a link from the purported buyer to arrange postage, and when she followed it, it asked her for her bank account details to confirm the payment.

She received email and text messages containing codes to set up a banking app on a new device. The message said the customers should contact the bank if they were not setting up the app but she did not read that and entered the codes into the website.

The next day, $16,700 was transferred from her account.

The woman and her partner complained that the bank should have frozen the recipient account, which was also at the same bank, sooner.

The ombudsman investigated and found the money had left the recipient account six minutes after it arrived and said the bank had acted within a reasonable time to try to recover the money.

"Finally, we examined the bank's handling of the fraud claim. The bank received [her] written account in February 2025 but did not communicate its decision until May 2025, nearly 15 weeks later. That delay was not reasonable. However, we considered the bank's offer of $3000 fairly recognised the stress and inconvenience caused by the delay."

Banking Ombudsman Nicola Sladden said scam complaints increased 18 percent in the first quarter of this year, the first rise since late 2024.

She said people should read and act on any security alerts they received from their banks. She said they were often a warning that something could be wrong, or a chance to stop a scam before money was lost.

Sladden said if a customer had already clicked a phishing link, they might think the messages were part of a legitimate transaction, such as confirming a delivery or paying a toll.

"Some people may overlook a notification or not read a full message, especially if they're busy or distracted," she said.

"But taking a moment to read the full message could make the difference between keeping or losing money to a scam."

She said anyone who shared codes or approved actions in banking apps could allow scammers to use their account as if it were their own.

In another earlier case, a customer received an email that seemed to be from Inland Revenue.

They clicked a link and were taken to a website that looked like IR, then one resembling their bank, where they entered banking details.

Those details were used to log into the customer account and $60,000 was transferred out.

Sladden said sharing a code was one of the most common ways scammers gained access to bank accounts.

"Security notifications are there to protect customers. A brief pause to read a message and act on it is a simple way for customers to keep their bank account safe and prevent a loss."

Sign up for Ngā Pitopito Kōrero, a daily newsletter curated by our editors and delivered straight to your inbox every weekday.