Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Attempted Fraud at Fidelity
Old 09-26-2014, 01:47 AM   #1
Recycles dryer sheets
 
Join Date: Jan 2013
Posts: 51
Attempted Fraud at Fidelity

Heard this rather alarming story from a friend yesterday:

She has a retirement account at Fidelity. Yesterday she got a call from Fidelity informing her that someone called with a request to liquidate her retirement account and wire the proceeds to a bank account. The caller was able to provide my friend’s SSN, address and birth date to Fidelity, and apparently the only reason Fidelity suspected fraud was because the individual was a male, whereas my friend is female.

My friend was naturally quite alarmed. She obtained the account number that the fraudster provided and tracked it to a bank. It turned out that the bank account was under a different individual’s name with a different SSN, and not hers, and yet aside from the gender mis-match, it appears that Fidelity was quite ready to wire the proceeds to any account number that the fraudster provided.

Subsequently my friend filed a police report, put a 90-day credit watch through Equifax, and requested Fidelity put a restriction on her account such that any redemption request must be made in person through a Fidelity branch.

I have a retirement account at Fidelity so I decided to call Fidelity and find out what verifications they perform for redemption requests. It turns out that other than SSN, address and birth date information, Fidelity really doesn’t do any other verification, which is more than a little disconcerting to me. So if a fraudster has someone’s SSN, address and birth date, he/she could conceivable just call up Fidelity and ask that an account be liquidated.

In this day and age where identify theft is rampant, it seems to me that Fidelity should at least have another layer of verification, such as a set of security questions. Vanguard for example has a set of security questions as an additional layer of verification, which is required for both web and phone access.

Your thoughts?
__________________

__________________
luckydude is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 09-26-2014, 04:15 AM   #2
Recycles dryer sheets
 
Join Date: May 2011
Location: Twin Cities
Posts: 434
Kinda scary.

My hope is that if Fidelity had approved it that they would have covered the loss. Kind of like a bogus credit card charge that you are not liable for.
__________________

__________________
Fishingmn is offline   Reply With Quote
Old 09-26-2014, 05:14 AM   #3
Thinks s/he gets paid by the post
gauss's Avatar
 
Join Date: Aug 2011
Posts: 1,709
I am under the understanding, but if anyone can confirm this I would appreciate it, that if Fidelity looses your money due to fraud, that they will be on the hook for it.

-gauss
__________________
gauss is offline   Reply With Quote
Old 09-26-2014, 06:20 AM   #4
Thinks s/he gets paid by the post
Senator's Avatar
 
Join Date: Feb 2014
Location: Eagan, MN
Posts: 3,050
I just did a larger wire transfer from Fidelity. I could not do it online, I had to call in. Also fill out some paperwork. It went to a mortgage with my name, and I thought quite a bit of hoops, which I appreciated.

You would think even Fidelity would be pressing changes. Typically, wires go overseas, and there is little anyone can do.
__________________
FIRE no later than 7/5/2016 at 56 (done), securing '16 401K match (done), getting '15 401K match (done), LTI Bonus (done), Perf bonus (done), maxing out 401K (done), picking up 1,000 hours to get another year of pension (done), July 1st benefits (vacation day, healthcare) (done), July 4th holiday. 0 days left. (done) OFFICIALLY RETIRED 7/5/2016!!
Senator is online now   Reply With Quote
Old 09-26-2014, 06:29 AM   #5
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
clifp's Avatar
 
Join Date: Oct 2006
Posts: 7,450
I have a verbal password on my Schwab account, which the reps ask for everytime I talk to them.

I did have to ask them for an additional layer of security.

I'm pretty cavalier about the rest of my online identity (except for routinely lying about my birth year.) But since Schwab has the bulk of my money I take it pretty seriously.
__________________
clifp is offline   Reply With Quote
Old 09-26-2014, 06:44 AM   #6
gone traveling
 
Join Date: Sep 2013
Posts: 1,248
Quote:
Originally Posted by clifp View Post
I have a verbal password on my Schwab account, which the reps ask for everytime I talk to them.

I did have to ask them for an additional layer of security.

I'm pretty cavalier about the rest of my online identity (except for routinely lying about my birth year.) But since Schwab has the bulk of my money I take it pretty seriously.
Additionally you can get RSA secureid key which one needs to use in addition to password when login online.

I would not open account without RSA key and I know Fidelity will not give you one while Schwab will.
__________________
eta2020 is offline   Reply With Quote
Old 09-26-2014, 07:04 AM   #7
Thinks s/he gets paid by the post
 
Join Date: Mar 2011
Posts: 3,702
Quote:
Originally Posted by eta2020 View Post
Additionally you can get RSA secureid key which one needs to use in addition to password when login online.

I would not open account without RSA key and I know Fidelity will not give you one while Schwab will.
T R Price just introduced RSA keys. Its also a good idea to have your accounts (checking, savings, portfolio) set up with email notification on any notable transactions, so if something changes, you usually know within a few seconds.
__________________
Living well is the best revenge!
Retired @ 52 in 2005
marko is offline   Reply With Quote
Old 09-26-2014, 07:19 AM   #8
gone traveling
 
Join Date: Sep 2013
Posts: 1,248
Plus if one has substantial amount of money I would maintain 2 brokerage accounts.

In a event of fraud I am quite certain one would get reimbursed but you may loose access to your money for few months before things get resolved.

It is like Asset Protection. Get it before you need it and most likely you will never need it.
__________________
eta2020 is offline   Reply With Quote
Old 09-26-2014, 08:00 AM   #9
Thinks s/he gets paid by the post
frayne's Avatar
 
Join Date: Oct 2002
Location: 19th Hole
Posts: 2,531
I have a FIDO account with email verification/confirmation for any activity. In the past when I have been rebalancing I have gotten a call from Fidelity just to make sure it was me doing the changes.
__________________
A totally unblemished life is only for saints.
frayne is offline   Reply With Quote
Old 09-26-2014, 08:36 AM   #10
Thinks s/he gets paid by the post
John Galt III's Avatar
 
Join Date: Oct 2008
Posts: 1,285
Fidelity reminds me every so often that they want my email address. So far I have not given them one, since it seems like one more point of vulnerability for hackers to exploit.
__________________
John Galt III is offline   Reply With Quote
Old 09-26-2014, 08:37 AM   #11
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 16,470
For a normal withdrawal, transfer, liquidation, etc., Fidelity requires the receiving bank account to have the same name. And they spend some time verifying this too, which is why adding a linked account online usually takes 10 business days.

For a wire transfer (not a liquidation) to another entity you have to fax in a form and they at least compare to your signature on file.
__________________
Well, I thought I was retired. But it seems that now I'm working as a travel agent instead!
audreyh1 is online now   Reply With Quote
Old 09-26-2014, 08:38 AM   #12
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 16,470
Quote:
Originally Posted by John Galt III View Post
Fidelity reminds me every so often that they want my email address. So far I have not given them one, since it seems like one more point of vulnerability for hackers to exploit.
That's how Fidelity notifies me of all activity right away. I think it makes me less vulnerable.
__________________
Well, I thought I was retired. But it seems that now I'm working as a travel agent instead!
audreyh1 is online now   Reply With Quote
Old 09-26-2014, 09:03 AM   #13
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Apr 2013
Posts: 5,577
Quote:
Originally Posted by audreyh1 View Post
That's how Fidelity notifies me of all activity right away. I think it makes me less vulnerable.
+1
Any check I write to Fidelity or from them I get emails. Anything that changes. Yes the transfer agent would be liable. A better question how did someone aquire the needed information?

Sent from my SAMSUNG-SGH-I337 using Early Retirement Forum mobile app
__________________
MRG is online now   Reply With Quote
Old 09-26-2014, 09:05 AM   #14
Thinks s/he gets paid by the post
 
Join Date: Sep 2006
Posts: 1,318
+1 I get notified of every transaction with Fido via email.

Sent from my XT1058 using Early Retirement Forum mobile app
__________________
Corporateburnout is offline   Reply With Quote
Old 09-26-2014, 09:12 AM   #15
Moderator Emeritus
Bestwifeever's Avatar
 
Join Date: Sep 2007
Posts: 16,375
Quote:
Originally Posted by luckydude View Post
...I have a retirement account at Fidelity so I decided to call Fidelity and find out what verifications they perform for redemption requests. It turns out that other than SSN, address and birth date information, Fidelity really doesn’t do any other verification, which is more than a little disconcerting to me. So if a fraudster has someone’s SSN, address and birth date, he/she could conceivable just call up Fidelity and ask that an account be liquidated....
Did you close your account?
__________________
“Would you like an adventure now, or would you like to have your tea first?” J.M. Barrie, Peter Pan
Bestwifeever is offline   Reply With Quote
Old 09-26-2014, 09:13 AM   #16
Recycles dryer sheets
prudent_one's Avatar
 
Join Date: Jul 2014
Posts: 158
I'm shocked that the bank told your friend anything about the name and SSN (even if simply confirming it wasn't hers) of the other account.
__________________
prudent_one is offline   Reply With Quote
Old 09-26-2014, 09:17 AM   #17
Thinks s/he gets paid by the post
DFW_M5's Avatar
 
Join Date: Sep 2003
Posts: 4,982
Quote:
Originally Posted by audreyh1 View Post
For a normal withdrawal, transfer, liquidation, etc., Fidelity requires the receiving bank account to have the same name. And they spend some time verifying this too, which is why adding a linked account online usually takes 10 business days.

For a wire transfer (not a liquidation) to another entity you have to fax in a form and they at least compare to your signature on file.
Agree, something doesn't sound quite right about what OP's friend told him.
__________________
Doing things today that others won't, to do things tomorrow that others can't. Of course I'm referring to workouts, not robbing banks.
DFW_M5 is offline   Reply With Quote
Old 09-26-2014, 10:06 AM   #18
Thinks s/he gets paid by the post
MooreBonds's Avatar
 
Join Date: Aug 2004
Location: St. Louis
Posts: 2,091
Quote:
Originally Posted by MRG View Post
+1
Any check I write to Fidelity or from them I get emails. Anything that changes. Yes the transfer agent would be liable. A better question how did someone aquire the needed information?
Just a copy of a driver's license will do (some states still automatically use your SSN as your default driver's license number) will do. It has your name, address, birthdate, and SSN! (and if you moved, it should be fairly easy with whitepages.com to find your possible new address, or even look it up on a real estate assessor's website for your county).

Sometimes people ask for your DL to verify age, or make a copy of it for their 'files'. Heck, even if you're standing in line at the TSA checkpoint with your DL between your fingers, a quick thinking thief could discreetly write down your SSN if it's visible and your name and state, and that alone could narrow down your address.

Quote:
Originally Posted by prudent_one View Post
I'm shocked that the bank told your friend anything about the name and SSN (even if simply confirming it wasn't hers) of the other account.
+1.
__________________
Dryer sheets Schmyer sheets
MooreBonds is offline   Reply With Quote
Old 09-26-2014, 10:18 AM   #19
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
RunningBum's Avatar
 
Join Date: Jun 2007
Posts: 5,182
Quote:
Originally Posted by MooreBonds View Post

Sometimes people ask for your DL to verify age, or make a copy of it for their 'files'. Heck, even if you're standing in line at the TSA checkpoint with your DL between your fingers, a quick thinking thief could discreetly write down your SSN if it's visible and your name and state, and that alone could narrow down your address.
I don't think I've ever been in a state where my SSN is on my license. My address is though. If the SSN was on there, a quick photo would be the way for someone to get it, because afterward they'd have more time to read zoom in on the photo and read the data.

Edit: I googled DL images and see that Missouri does put the SSN on. That's pretty stupid. Really stupid, because not only are you exposing it every time you check in at an airport, or at a bar (if you're somewhat young) or other places where ID is asked for, if you lose your wallet or it is stolen your identify is also at very serious risk.

I didn't check every state, but the 15 or so I did first didn't have it.
__________________
RunningBum is offline   Reply With Quote
Old 09-26-2014, 10:18 AM   #20
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 16,470
Quote:
Originally Posted by DFW_M5 View Post
Agree, something doesn't sound quite right about what OP's friend told him.
I also don't see how the friend got the target bank account number.
__________________

__________________
Well, I thought I was retired. But it seems that now I'm working as a travel agent instead!
audreyh1 is online now   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 2 (0 members and 2 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Holding non-fidelity funds at fidelity panhead FIRE and Money 16 05-02-2013 08:37 AM
Lowest Firecalc success rate knowingly/willfully ever attempted? LRDave FIRE and Money 38 03-14-2012 11:08 AM
Credit Card Fraud Indexter Other topics 13 06-19-2006 05:59 PM
Credit Card Fraud question MJ Other topics 4 06-18-2006 09:05 PM
Energy prices , Miracle Tech and Stock Fraud Lakewood90712 FIRE and Money 4 01-28-2006 11:29 AM

 

 
All times are GMT -6. The time now is 07:24 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.