A Tauranga schoolteacher has been duped into helping overseas hackers steal thousands of dollars from a Golden Bay couple.



Dick Lamb and Hazel Pearson of Golden Bay lost $7500 after hackers who had watched their email account for months intercepted a large invoice they were sent, and changed the details.



The money was sent to an account opened by the Tauranga woman who was helping a South African man she believed she was in an online relationship with. Instead she was unknowingly helping a hacking scam.



​Lamb and Pearson bought a forklift for their wastewater treatment business Environment Technology Ltd in July.

But hackers had discovered one of their passwords when an employee's private computer was infected with malicious software or malware, and then connected to the work system.

READ MORE:

* Overseas hackers forget smiley face, miss out on $90,000 pay day

* BNZ customers receive strange texts claiming accounts overdrawn

* Scam emails replicating Apple iTunes receipt infiltrate Kiwi inboxes

​* Online scams becoming more sophisticated and more common

BRADEN FASTIER/STUFF Dick Lamb with the forklift he had to pay for twice because his account was hacked, and money was sent to another account.

The malware was a form of keystroke-logging technology giving access to personal information like passwords and credit card details.

Lamb said their Gmail account was watched until a substantial invoice came through in July.

It was intercepted by the hackers before they opened it, modified, and sent back from a fake email address with a changed New Zealand bank account number.

SIMON O'CONNOR/STUFF Hackers discovered a password when an employee's private computer was infected with malware, and then connected to the work system.

Lamb paid the bill and did not realise he was hacked until the forklift seller contacted him because he had not received any payment. He notified police who tracked the bank account to the unwitting schoolteacher in Tauranga, he said.

"According to the cops, she was having extreme difficulty believing it was a scam," Lamb said.

"She believed the two of them were going to hook up and that he wanted to get out of South Africa and come to be with her. This process of grooming wasn't just one week to the next – it had been going on for a considerable time."

BRADEN FASTIER/STUFF Lamb was disappointed it took over three months for police to finally contact a woman duped to be involved in the scam last week.

The hacker convinced the woman he needed to use her account to deposit money into, which she then quickly sent overseas, police told Lamb.

Police also said Lamb and Pearson weren't the only victims and the "continued activity" going in-and-out of the woman's bank account appeared to continue until she was investigated.

Lamb was disappointed it took over three months for police to finally contact the woman last week.

The stolen money could not be retrieved. Lamb said he now had insurance but it was too late to recover his $7500.

Police told Lamb they could not charge the woman with anything, as she hadn't knowingly committed a crime.

Lamb warned other women who may be starting online relationships to think twice.

"The investment that particular operative put into grooming the woman to think she was in a serious relationship with this fraudster was huge, and they were potentially grooming a raft of other women at the same time," he said.

"It's so easy to have your account hacked and the passwords sold on the dark web to someone who wishes to exploit the access.

"There's a whole industry out here; it's a hell-of a big business."

Police would not comment on the case, citing privacy issues.

The dark web is a secretive, uncontrolled marketplace where some vendors exchange and sell criminal items, like malware, drugs, passwords or personal information, in exchange for untraceable cryptocurrencies like bitcoin.

Another Golden Bay couple almost had $17,000 stolen recently, when a hacker intercepted invoices sent to their Gmail account.

"It was just sheer luck we picked up on it," Cherie Byrne said.

"Fortunately, it was a corporate client who got back to us to check because they have a security system in place for when bank account numbers gets changed by email."

Golden Bay-based IT Technician Warwick Marshall from GB Tech said he had helped four clients in the last four months who had been hacked.

He estimated up to 50,000 New Zealanders' email accounts were being watched by independent groups of hackers from all around the world.

The most common ways for hackers to gain access was through introduced infected USB or machines with network permissions; outdated protection on machines; opening attachments and weak passwords.

Typically, hackers would watch an email account for invoices coming in with large sums.

"Unsuspecting westerners are like fish to them."

Sean Lyons, Netsafe director of technology and partnerships, said it was unfortunately not an uncommon scenario.

"This is another situation that highlights the need to be vigilant with online security," he said.

If people need help or advice with online safety related issues, they could contact Netsafe.

Top tips to prevent being hacked:

Make sure the recovery account associated with your emails cannot be accessed with the same password, so hackers cannot cover their tracks

Choose strong passwords, and make sure they are up to the standards outlined here

Make sure no unsanitary machines are introduced into your local network.

Use antivirus software and heuristic anti-malware protection, and ensure both are kept up to date and are actively scanning for threats. Older versions may not detect the logger on the machines

Make sure you rotate backups off-site

Consider cyber insurance

Check the origin address of emails thoroughly

Always phone to confirm changes in bank accounts for large invoices

*Source: Warwick Marshall