Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Article:Large Check Fraudulently Issued from Savings Account by Phone-In Impersonator
Old 11-09-2018, 01:51 PM   #1
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 23,005
Article:Large Check Fraudulently Issued from Savings Account by Phone-In Impersonator

I just ran across this article from last year where a financial blogger had an "official check" for $43,000 issued from his savings account due so someone calling in, spoofing his phone number, and despite failing pass a couple of security hurdles, was allowed access by giving a correct credit card number and date of birth.
Quote:
The fraudster knew my phone number and had used widely-available black market tools to “spoof” it on the call-in. So, to the bank’s systems, his phone appeared to be mine. But the miscreant failed to answer my correct phone password, and then failed to supply another piece of identifying information. Finally, they provided my date of birth, and a credit card number, and were allowed in.
He caught it immediately, but it had me scratching my head about a few things. I don't believe that our online high yield savings accounts allow issuing any checks, so I suppose this must have been a regular high yield savings account.

And the suggestion to change your phone number because someone is spoofing it seems way off base. Instead, banks/credit unions should not use your phone number as definitive ID due to rampant spoofing.

The credit card they had reissued with a new number as they should. Using a credit card number as ID - makes me suspect this is a bank or credit union with whom he had both the savings account and credit card. But I'm usually asked things like details on a recent deposit or check.
https://www.caniretireyet.com/identi...-strikes-home/
__________________

__________________
Retired since summer 1999.
audreyh1 is online now   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 11-09-2018, 04:54 PM   #2
Thinks s/he gets paid by the post
 
Join Date: Aug 2004
Location: Laurel, MD
Posts: 4,513
I'm not familiar with this blogger. This is the 2nd link to his blog that I have read today. I am not impressed at all, but won't go into that.

I think he implied that it was USAA and gave their customer service kudos for resolving the issue (despite having weak security allowing an imposter to gain access).

I assume a check could be issued by any savings account (unless there's a way to opt out....not sure), but I'd like to understand how the imposter was able to get a check issued and mailed(?) to an address that was not registered on the account. Doesn't really add up.

I was puzzled also about how they knew which bank to contact, but your explanation that he had both savings and credit accounts at the same bank makes sense.
__________________

__________________
...with no reasonable expectation for ER, I'm just here auditing the AP class.Retired 8/1/15.
jazz4cash is offline   Reply With Quote
Old 11-09-2018, 05:06 PM   #3
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 23,005
Quote:
Originally Posted by jazz4cash View Post
I'm not familiar with this blogger. This is the 2nd link to his blog that I have read today. I am not impressed at all, but won't go into that.

I think he implied that it was USAA and gave their customer service kudos for resolving the issue (despite having weak security allowing an imposter to gain access).

I assume a check could be issued by any savings account (unless there's a way to opt out....not sure), but I'd like to understand how the imposter was able to get a check issued and mailed(?) to an address that was not registered on the account. Doesn't really add up.

I was puzzled also about how they knew which bank to contact, but your explanation that he had both savings and credit accounts at the same bank makes sense.
Well, I assumed that the credit card and savings were at the same institution, because otherwise why would they know a credit card number to verify.

The online high yield savings accounts I have explicitly state no checks. But I think a regular savings account can provide checks.

Yeah - the whole check issuance thing is confusing.
__________________
Retired since summer 1999.
audreyh1 is online now   Reply With Quote
Old 11-09-2018, 05:49 PM   #4
Full time employment: Posting here.
Oz investor's Avatar
 
Join Date: Jun 2018
Location: Brisbane
Posts: 780
i strongly resist having more than $20k in any bank at any time

( it is a shame when you trust your stock-broker more than your banks , but scammers aren't the only issue , here )
__________________
i hold the Australian listed versions of AU ( Anglo Ashanti ) , BHP , and JHG .

You must learn from the mistakes of others. You can't possibly live long enough to make them all yourself.

Samuel Levenson
Oz investor is offline   Reply With Quote
Old 11-09-2018, 08:34 PM   #5
Full time employment: Posting here.
 
Join Date: Jun 2016
Posts: 901
Something about this article sounds really off... a retired software engineer that had never heard of a temporary pass code texted to their phone and had to google it??
Assuming he didn't type in the temp pass code to complete the transaction, that should have stopped things right there... unless that is where the scammer phoned in and talked his way through the transaction. But then why would the temp pass code txt stop the second attempt but not the first as stated in the article??

2 factor authentication (texting or emailing a code to the contact info on record) would have still stopped this cold.

There is a scam whereby the perp actually transfers your phone number to their phone to receive these auth code texts... but then the owners phone should have stopped working. (note: this is the reason for freezing your records at NCTUE in addition to the big name credit agencies).
Spock is offline   Reply With Quote
Old 11-09-2018, 08:44 PM   #6
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 23,005
Quote:
Originally Posted by Spock View Post
Something about this article sounds really off... a retired software engineer that had never heard of a temporary pass code texted to their phone and had to google it??
Assuming he didn't type in the temp pass code to complete the transaction, that should have stopped things right there... unless that is where the scammer phoned in and talked his way through the transaction. But then why would the temp pass code txt stop the second attempt but not the first as stated in the article??

2 factor authentication (texting or emailing a code to the contact info on record) would have still stopped this cold.

There is a scam whereby the perp actually transfers your phone number to their phone to receive these auth code texts... but then the owners phone should have stopped working. (note: this is the reason for freezing your records at NCTUE in addition to the big name credit agencies).
I think he was just getting a notification of a transaction and that prompted him to look things up and call in. He didn't have a two-way authentication set up.
__________________
Retired since summer 1999.
audreyh1 is online now   Reply With Quote
Old 11-09-2018, 09:27 PM   #7
Thinks s/he gets paid by the post
 
Join Date: Aug 2004
Location: Laurel, MD
Posts: 4,513
Quote:
Originally Posted by Spock View Post
Something about this article sounds really off... a retired software engineer that had never heard of a temporary pass code texted to their phone and had to google it??
Assuming he didn't type in the temp pass code to complete the transaction, that should have stopped things right there... unless that is where the scammer phoned in and talked his way through the transaction. But then why would the temp pass code txt stop the second attempt but not the first as stated in the article??

2 factor authentication (texting or emailing a code to the contact info on record) would have still stopped this cold.
.

I agree the story sounds off/incomplete.
The fraudster got around the temporary passcode by calling in and convincing a live agent to complete the transaction. The author assumed the temp code notice only applied to the credit account. The bit about buying a boat seems odd. I’ve been dragging my feet wrt 2FA and some other safeguards I need to deploy.
__________________
...with no reasonable expectation for ER, I'm just here auditing the AP class.Retired 8/1/15.
jazz4cash is offline   Reply With Quote
Old 11-09-2018, 09:44 PM   #8
Thinks s/he gets paid by the post
RobbieB's Avatar
 
Join Date: Mar 2016
Location: Central CA
Posts: 4,518
Something seems/sounds off? Imagine that. Who fact checks bloggers before posting?

When I want fiction, I read novels, much more detailed with better story lines.
__________________

__________________
Retired at 59 in 2014. Should have done it sooner but I worried too much.
RobbieB is online now   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Bank needs Credit Check to open a savings account?? Chuckanut Other topics 13 01-16-2015 10:55 AM
Taxes: K-1 issued for IRA Holding? youbet FIRE and Money 11 04-07-2010 10:20 PM
IRS Regs Issued crazy connie FIRE and Money 2 03-07-2008 07:09 PM
ING Electric Orange Checks deducted at moment issued lhamo FIRE and Money 0 11-14-2007 04:50 AM
who saw the bush impersonator? thefed Other topics 0 07-04-2006 09:13 PM

» Quick Links

 
All times are GMT -6. The time now is 11:06 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
×