— Thousands of dollars have disappeared from the checking account of a couple in western North Carolina.

The cybercriminals targeted the couple’s bank account and all they could do was helplessly watch. The pair lost $2,800 instantly.

“They’re smart, they know what they’re doing, and they’re targeting people like us,” said Stephen Savage of Hendersonville.

Stephen and Tessa Savage consider themselves computer savvy, so a threat to their home computer was a punch.

The couple received a message that read, “Ha, Ha, you are a victim of ransomware. If you pay $900, we will unlock all your files. Later, Stephen Savage found a suspicious file on the office computer. He took it off and tried to get some sleep.

“I thought about it all night,” he said.

Then, around 9 p.m., he received a text message from TD Bank stating that “the funds had been transferred successfully” via the Zelle money transfer service.

The Savages do not have Zelle accounts or mobile banking. The next morning, the prank played out again.

“My phone was not active. It was completely dead,” Stephen Savage said.

He had to borrow a colleague’s phone to call Tessa, urging her to check their bank accounts.

“I saw that funds were being moved, that we hadn’t moved from our savings to our checks. And, so, I said, ‘Stephen, we have to go,’ Tessa said, and both of them were on their way to TD Bank.

Before reaching TD Bank, $1,800 was transferred from the savage’s savings, plus $1,000 from their check.

A total of $2,800 had disappeared from their accounts through the Zelle banking service.

A TD Bank representative said that once a Zelle transfer is finalized, the money is gone and the bank has not provided them with any information on how the money was transferred.

Despite efforts to prove the wire transfer was a mistake and to show the Savages had no access to their phones, their request for reimbursement was twice denied by TD Bank.

“It’s shameful how the banking industry treats consumers, treats seniors in this country, and I think we need to hold them accountable,” Tessa Savage said.

There are several federal laws that protect against wire transfers. Adam Bricker, executive director of the Carolina Cyber ​​Center at Montreat College, said Regulation E, a Federal Reserve Board law, should protect victims like the Savages.

“Regulation E requires banks to reimburse you for fraud, even if it was induced and you acted. You were tricked, tricked, tricked into doing the cellular transaction, they should cover you for that,” Bricker said.

WLOS asked TD Bank why it was not complying with the Electronic Funds Transfer Act or Regulation E.

The response WLOS received from TD Bank was different than the Savages received.

“At TD, we take fraud very seriously. We investigate fraud complaints thoroughly to determine the facts and take appropriate action. Due to privacy concerns, we cannot discuss account activity. particular customers. Positive resolution for the customer in this case.”

A day after WLOS contacted TD Bank, the Savages were contacted by TD Bank, informing them that the bank was refunding the full $2,800.

The Savages have since closed their accounts.

Experts say what happened to the Savages was a “sophisticated attack”. The couple likely clicked on a phishing email or text months ago.

“Sometimes these nefarious actors will stay in your systems for six, eight, nine months before taking action,” said Adam Bricker, executive director of the Carolina Cyber ​​Center at Montreat College.

Bricker said hackers have the ability to impersonate your bank by texting you. For example, a cybercriminal can pretend to be a bank and send you a text message saying that thousands of dollars have been transferred from your account.

“Your gut reaction is to say no, I didn’t do that,” Bricker said.

Victims will then click on the spoofed link and enter their banking information.

Hackers can also shut down your phone using SIM swapping. Hackers can call your cell phone provider and convince them to turn off your phone. They can impersonate you and say your phone was lost or destroyed.

Even people who don’t have a mobile banking app or don’t use their phone to bank can fall victim to a scam like this.

Bricker said there are several steps you can take to protect yourself. If you see anything suspicious, don’t engage or respond.

Experts recommend setting up two-factor authentication on all your accounts. Bricker also advised people to double-check their passwords and use a password manager to help create long, complex passwords.