Well, the method suggested by CyberKumiko would make thing easy. They said "spoof", meaning, Spoof Command.
You spoof a device’s owner’s identity, making the device think that your command is a legitimate one from its owner. You need one mark on the icon you are imitating; you do not need a mark on the target. The opposing dice roll is still based on the target, though. This trick only works on devices and agents, not IC, sprites, hosts, personas, or any other icons.
A credstick is DR 5, so it'd be your Hacking + Intuition against a dice pool of only 10, with the objective being to get the person's commlink to think it was told to transfer funds to your account during the small time frame that their credstick is plugged in.
Mind you, this would have a few catches. One, you'd need to do it before they actually transferred the nuyen, or else shortly after on the other person. People won't have the credsticks plugged in for long, there's just no reason to do that. Another issue is that Spoof Command does absolutely nothing to remove traces of activity; there could be some way to tell from their commlink or the credstick that another transfer was authorized-- Not leaving a data trail on the web is different than credsticks not having any kind of log at all about their use. You might even be able to get the commcode of the person who stole your money (after all, they would need to input an address for the nuyen to be sent, it wouldn't automatically know).
With a burning/prepaid commlink (where the commcode being used isn't the same as the one you're hacking from) and
expert timing this could still be pulled off. But it would leave clues a savvy and well-connected group of PCs could follow.