A Winnipeg woman is warning others about what can go wrong in online banking after a credit union holds her liable for more than $174,000 in debt from fraudulent transactions.
Linda KlAssen and her husband, Rudy, used their home computer to do online banking, but in May 2024, someone hacked into the laptop and took control of the Klassens’ computer and email account, she says.
Fraudulent transactions were made through his accounts at Access Credit Union and Steinbach Credit Union. Another fraud attempt involving a bank-affiliated investment account was unsuccessful, Klassen said.
One or more unknown fraudsters made fraudulent transactions between May 16 and May 27, 2024.
“It really changes your life… when“I think his financial management is very safe, he follows all the rules and he has done everything as instructed,” Klassen, 78, said in an interview.
“You feel violated and vulnerable. And it would be comparable to someone breaking into your house and taking what belongs to you,” said Klassen, whose husband was undergoing cancer treatment at the time and has since died.
A Winnipeg woman is warning people about the risks of online banking after scammers hacked her laptop in May 2024 and left her more than $174,000 in debt.
The fraudulent transactions first occurred at Access Credit Union, where a fraudster remotely deposited two fake $50,000 checks into the Klassens’ account. The money was then transferred to fraudulent beneficiaries.
Klassen says Access covered that loss and did not hold the couple responsible for the money.
Four fraudulent checks, totaling $292,000, were deposited into Klassens’ Steinbach Credit Union account through its online banking platform from May 22 to May 24, 2024.
The scammer then used the money for a series of fraudulent online bill payments to unapproved recipients, creating a large overdraft on the account.
When the fraudulent checks were initially deposited, there was a balance of only $6.86 in Steinbach’s checking account, because the Klassens did not use it for their regular banking activity.
the credit The union was able to recover more than $117,000 of the funds, which included $25,000 from an insurance claim and more than $92,000 through its efforts to trace and recover the money.
But the Klassens’ account was left more than $174,000 in the red.
Klassen finally filed suit against Steinbach Credit Union in July.and 2025, claiming triple the outstanding amount plus other damages.
The claim has not been tested in court.
Steinbach Credit Union filed a statement of defense in August, denying liability for the loss and asking that Klassen’s lawsuit be dismissed.
He says the loss “could have been avoided entirely if the [Klassens] had taken reasonable preventive and corrective measures as soon as the fraud with the other credit union was identified,” referring to the situation a few days earlier with his Access Credit Union account.
The Access fraud appeared to have been orchestrated by “the same fraudster, using exactly the same methodology,” according to the defense brief.
An electronic services agreement for online banking requires customers to notify Steinbach Credit Union immediately if their password or other login credentials “have become known to another person,” it says.
However, Steinbach Credit Union says the Klassens did not inform it until July 2024 of the “previous fraud loss with another credit union that arose from a compromise of plaintiffs’ laptop.”
Without knowledge of that fraud, the credit union “had no obligation to monitor the transactions” in Klassen’s account, according to the credit union’s defense statement.
I never found out how the hack happened
Klassen said he never knew how the scammers hacked into the accounts. Credit unions previously indicated they couldn’t determine how it happened either, he said.
She and her husband did not notify Steinbach Credit Union immediately about the Access account fraud because they thought their Steinbach account “was safe” at the time, Klassen said.
Her lawsuit says Steinbach Credit Union never asked her and her husband if there had been recent fraudulent activity on their accounts at other financial institutions, and that their passwords for their Access and Steinbach accounts were different.
After receiving text messages from an unknown number on the evening of May 24, 2024, a Friday, Rudy Klassen contacted Steinbach Credit Union the next morning and reported the fraudulent transactions, the lawsuit says.
At Steinbach Credit Union, Linda Klassen “signed a legal declaration that they would not disclose, among other things, their usernames or passwords to anyone else,” the lawsuit says.
The Klassens also reported the frauds to the police.
Winnipeg Police Service Public Information Officer, Const. Claude Chancy told CBC the case is being investigated by the financial crimes unit, but no suspect has been identified.
‘Financially devastating’ for victims: credit union
Steinbach Credit Union’s director of marketing and communications Stephanie West told CBC the credit union cannot comment on the details of the case due to ongoing legal proceedings and privacy reasons.
The credit union understands that fraud “can be financially devastating to the victim” and has “the deepest sympathy for the Klassen family and their situation,” West said in an email.
Steinbach Credit Union conducts “a thorough investigation” and “makes every effort to recover as much of the loss as possible” when fraud occurs, he said.
“Unfortunately, this is not always possible.”
West said SCU uses insurance when there are claims, but it has a maximum amount of coverage.
Anyone who suspects their account or devices have been compromised should immediately report it to their financial institution, the credit union said.
A survey by Statistics Canada found that as of 2022, the most recent year for which data is available, 78 per cent of Canadians were banking online.
According to the Canadian Anti-Fraud Centre, 1,414 Canadians reported that their bank accounts were compromised in 2023. That number dropped to 1,118 in 2024.
The anti-fraud center says the most common vulnerabilities that lead to such cases are:
A research project launched at the University of Manitoba is studying how older adults can improve their online banking skills.
Computer science professor Celine Latulipe, who oversees the BankBox project, believes online banking is generally safe, despite situations like the Klassens’.
While seniors are the target of online fraud, a research project called BankBox, led by University of Manitoba computer science professor Celine Latulipe, is studying how seniors can improve their online banking skills.
As for Steinbach Credit Union, “I think they should have reimbursed the Klassens,” he said, because the credit union should have had algorithms to detect fraudulent account activity “and stop it before it even happens.”
“Freezing accounts when fraudulent activity is suspected is something banks and credit unions should do,” Latulipe said.
“Many of them are, but clearly Steinbach Credit Union didn’t do it.”
