|
|
Attempted Fraud at Fidelity
09-26-2014, 12:47 AM
|
#1
|
Full time employment: Posting here.
Join Date: Jan 2013
Posts: 622
|
Attempted Fraud at Fidelity
Heard this rather alarming story from a friend yesterday:
She has a retirement account at Fidelity. Yesterday she got a call from Fidelity informing her that someone called with a request to liquidate her retirement account and wire the proceeds to a bank account. The caller was able to provide my friend’s SSN, address and birth date to Fidelity, and apparently the only reason Fidelity suspected fraud was because the individual was a male, whereas my friend is female.
My friend was naturally quite alarmed. She obtained the account number that the fraudster provided and tracked it to a bank. It turned out that the bank account was under a different individual’s name with a different SSN, and not hers, and yet aside from the gender mis-match, it appears that Fidelity was quite ready to wire the proceeds to any account number that the fraudster provided.
Subsequently my friend filed a police report, put a 90-day credit watch through Equifax, and requested Fidelity put a restriction on her account such that any redemption request must be made in person through a Fidelity branch.
I have a retirement account at Fidelity so I decided to call Fidelity and find out what verifications they perform for redemption requests. It turns out that other than SSN, address and birth date information, Fidelity really doesn’t do any other verification, which is more than a little disconcerting to me. So if a fraudster has someone’s SSN, address and birth date, he/she could conceivable just call up Fidelity and ask that an account be liquidated.
In this day and age where identify theft is rampant, it seems to me that Fidelity should at least have another layer of verification, such as a set of security questions. Vanguard for example has a set of security questions as an additional layer of verification, which is required for both web and phone access.
Your thoughts?
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
09-26-2014, 03:15 AM
|
#2
|
Full time employment: Posting here.
Join Date: May 2011
Location: Twin Cities
Posts: 523
|
Kinda scary.
My hope is that if Fidelity had approved it that they would have covered the loss. Kind of like a bogus credit card charge that you are not liable for.
|
|
|
09-26-2014, 04:14 AM
|
#3
|
Thinks s/he gets paid by the post
Join Date: Aug 2011
Posts: 3,609
|
I am under the understanding, but if anyone can confirm this I would appreciate it, that if Fidelity looses your money due to fraud, that they will be on the hook for it.
-gauss
|
|
|
09-26-2014, 05:20 AM
|
#4
|
Thinks s/he gets paid by the post
Join Date: Feb 2014
Location: Williston, FL
Posts: 3,925
|
I just did a larger wire transfer from Fidelity. I could not do it online, I had to call in. Also fill out some paperwork. It went to a mortgage with my name, and I thought quite a bit of hoops, which I appreciated.
You would think even Fidelity would be pressing changes. Typically, wires go overseas, and there is little anyone can do.
__________________
FIRE no later than 7/5/2016 at 56 (done), securing '16 401K match (done), getting '15 401K match (done), LTI Bonus (done), Perf bonus (done), maxing out 401K (done), picking up 1,000 hours to get another year of pension (done), July 1st benefits (vacation day, healthcare) (done), July 4th holiday. 0 days left. (done) OFFICIALLY RETIRED 7/5/2016!!
|
|
|
09-26-2014, 05:29 AM
|
#5
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Oct 2006
Posts: 7,733
|
I have a verbal password on my Schwab account, which the reps ask for everytime I talk to them.
I did have to ask them for an additional layer of security.
I'm pretty cavalier about the rest of my online identity (except for routinely lying about my birth year.) But since Schwab has the bulk of my money I take it pretty seriously.
|
|
|
09-26-2014, 05:44 AM
|
#6
|
gone traveling
Join Date: Sep 2013
Posts: 1,248
|
Quote:
Originally Posted by clifp
I have a verbal password on my Schwab account, which the reps ask for everytime I talk to them.
I did have to ask them for an additional layer of security.
I'm pretty cavalier about the rest of my online identity (except for routinely lying about my birth year.) But since Schwab has the bulk of my money I take it pretty seriously.
|
Additionally you can get RSA secureid key which one needs to use in addition to password when login online.
I would not open account without RSA key and I know Fidelity will not give you one while Schwab will.
|
|
|
09-26-2014, 06:04 AM
|
#7
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Mar 2011
Posts: 8,421
|
Quote:
Originally Posted by eta2020
Additionally you can get RSA secureid key which one needs to use in addition to password when login online.
I would not open account without RSA key and I know Fidelity will not give you one while Schwab will.
|
T R Price just introduced RSA keys. Its also a good idea to have your accounts (checking, savings, portfolio) set up with email notification on any notable transactions, so if something changes, you usually know within a few seconds.
__________________
Living well is the best revenge!
Retired @ 52 in 2005
|
|
|
09-26-2014, 06:19 AM
|
#8
|
gone traveling
Join Date: Sep 2013
Posts: 1,248
|
Plus if one has substantial amount of money I would maintain 2 brokerage accounts.
In a event of fraud I am quite certain one would get reimbursed but you may loose access to your money for few months before things get resolved.
It is like Asset Protection. Get it before you need it and most likely you will never need it.
|
|
|
09-26-2014, 07:00 AM
|
#9
|
Thinks s/he gets paid by the post
Join Date: Oct 2002
Location: Chattanooga
Posts: 3,895
|
I have a FIDO account with email verification/confirmation for any activity. In the past when I have been rebalancing I have gotten a call from Fidelity just to make sure it was me doing the changes.
__________________
Earning money is an action, saving money is a behavior, growing money takes a well diversified portfolio and the discipline to ignore market swings.
|
|
|
09-26-2014, 07:36 AM
|
#10
|
Thinks s/he gets paid by the post
Join Date: Oct 2008
Posts: 2,796
|
Fidelity reminds me every so often that they want my email address. So far I have not given them one, since it seems like one more point of vulnerability for hackers to exploit.
|
|
|
09-26-2014, 07:37 AM
|
#11
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 38,153
|
For a normal withdrawal, transfer, liquidation, etc., Fidelity requires the receiving bank account to have the same name. And they spend some time verifying this too, which is why adding a linked account online usually takes 10 business days.
For a wire transfer (not a liquidation) to another entity you have to fax in a form and they at least compare to your signature on file.
__________________
Retired since summer 1999.
|
|
|
09-26-2014, 07:38 AM
|
#12
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 38,153
|
Quote:
Originally Posted by John Galt III
Fidelity reminds me every so often that they want my email address. So far I have not given them one, since it seems like one more point of vulnerability for hackers to exploit.
|
That's how Fidelity notifies me of all activity right away. I think it makes me less vulnerable.
__________________
Retired since summer 1999.
|
|
|
09-26-2014, 08:03 AM
|
#13
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Apr 2013
Posts: 11,078
|
Quote:
Originally Posted by audreyh1
That's how Fidelity notifies me of all activity right away. I think it makes me less vulnerable.
|
+1
Any check I write to Fidelity or from them I get emails. Anything that changes. Yes the transfer agent would be liable. A better question how did someone aquire the needed information?
Sent from my SAMSUNG-SGH-I337 using Early Retirement Forum mobile app
|
|
|
09-26-2014, 08:05 AM
|
#14
|
Thinks s/he gets paid by the post
Join Date: Sep 2006
Posts: 1,743
|
+1 I get notified of every transaction with Fido via email.
Sent from my XT1058 using Early Retirement Forum mobile app
|
|
|
09-26-2014, 08:12 AM
|
#15
|
Moderator Emeritus
Join Date: Sep 2007
Posts: 17,774
|
Quote:
Originally Posted by luckydude
...I have a retirement account at Fidelity so I decided to call Fidelity and find out what verifications they perform for redemption requests. It turns out that other than SSN, address and birth date information, Fidelity really doesn’t do any other verification, which is more than a little disconcerting to me. So if a fraudster has someone’s SSN, address and birth date, he/she could conceivable just call up Fidelity and ask that an account be liquidated....
|
Did you close your account?
__________________
“Would you like an adventure now, or would you like to have your tea first?” J.M. Barrie, Peter Pan
|
|
|
09-26-2014, 08:13 AM
|
#16
|
Recycles dryer sheets
Join Date: Jul 2014
Posts: 333
|
I'm shocked that the bank told your friend anything about the name and SSN (even if simply confirming it wasn't hers) of the other account.
|
|
|
09-26-2014, 08:17 AM
|
#17
|
gone traveling
Join Date: Sep 2003
Location: DFW
Posts: 7,586
|
Quote:
Originally Posted by audreyh1
For a normal withdrawal, transfer, liquidation, etc., Fidelity requires the receiving bank account to have the same name. And they spend some time verifying this too, which is why adding a linked account online usually takes 10 business days.
For a wire transfer (not a liquidation) to another entity you have to fax in a form and they at least compare to your signature on file.
|
Agree, something doesn't sound quite right about what OP's friend told him.
|
|
|
09-26-2014, 09:06 AM
|
#18
|
Thinks s/he gets paid by the post
Join Date: Aug 2004
Location: St. Louis
Posts: 2,179
|
Quote:
Originally Posted by MRG
+1
Any check I write to Fidelity or from them I get emails. Anything that changes. Yes the transfer agent would be liable. A better question how did someone aquire the needed information?
|
Just a copy of a driver's license will do (some states still automatically use your SSN as your default driver's license number) will do. It has your name, address, birthdate, and SSN! (and if you moved, it should be fairly easy with whitepages.com to find your possible new address, or even look it up on a real estate assessor's website for your county).
Sometimes people ask for your DL to verify age, or make a copy of it for their 'files'. Heck, even if you're standing in line at the TSA checkpoint with your DL between your fingers, a quick thinking thief could discreetly write down your SSN if it's visible and your name and state, and that alone could narrow down your address.
Quote:
Originally Posted by prudent_one
I'm shocked that the bank told your friend anything about the name and SSN (even if simply confirming it wasn't hers) of the other account.
|
+1.
__________________
Dryer sheets Schmyer sheets
|
|
|
09-26-2014, 09:18 AM
|
#19
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2007
Posts: 13,228
|
Quote:
Originally Posted by MooreBonds
Sometimes people ask for your DL to verify age, or make a copy of it for their 'files'. Heck, even if you're standing in line at the TSA checkpoint with your DL between your fingers, a quick thinking thief could discreetly write down your SSN if it's visible and your name and state, and that alone could narrow down your address.
|
I don't think I've ever been in a state where my SSN is on my license. My address is though. If the SSN was on there, a quick photo would be the way for someone to get it, because afterward they'd have more time to read zoom in on the photo and read the data.
Edit: I googled DL images and see that Missouri does put the SSN on. That's pretty stupid. Really stupid, because not only are you exposing it every time you check in at an airport, or at a bar (if you're somewhat young) or other places where ID is asked for, if you lose your wallet or it is stolen your identify is also at very serious risk.
I didn't check every state, but the 15 or so I did first didn't have it.
|
|
|
09-26-2014, 09:18 AM
|
#20
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 38,153
|
Quote:
Originally Posted by DFW_M5
Agree, something doesn't sound quite right about what OP's friend told him.
|
I also don't see how the friend got the target bank account number.
__________________
Retired since summer 1999.
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|