kudo's to fidelity

[mathjak107]

so friday i was logged in to fidelity monitoring the watch lists i have . i usually stay logged in when i am home .

i noticed towards the end of the day i was bumped out . i thought it was the typical timed out feature they have .

but upon trying to enter again my account was locked with a message to call the risk dept .

i called and found out the account was frozen for security breaches but the computer dept had just left for the weekend .

damn , now i would have to wait until monday to see why .

over the weekend i did a virus scan and i came up clean but it did show an attempted intrusion by a virus while i was logged in but it was blocked .

my thinking was it just turned up stream and attempted to go in to fidelity .

well monday i got a call from troy in the risk dept who was handling my case .
YIKES! it was nothing like i thought .

it was not the attempted intrusion at all .

it ,seems fidelity has a staff of their own hackers if you want to call them that . their job is to monitor the known drop sites as they are called . they are under ground sites that sell personal info , credit cards , account info , etc .

they found my wife's log in and pin on such a site .

she has not logged in , in months but yet there it was .

so the account was frozen before anything could happen .

those numbers can come from anyone who has access , not just a virus or malware .

so i got a call back yesterday advising how to proceed . they required us to have the computer cleaned professionally which we did .

norton 360 showed all clean but malwarebytes showed about 12 malware files but all were not likely a threat .

so now we let them know and over the next 2 days they will move everything to new accounts and establish new log in's and pins .

it looks like it will take a full week from start to finish to be able to pay bills and get money moved again .

this is why it is important to have local accounts too . had money been taken and a full investigation warranted you could be locked out for quite a while .

they did say even if they got in there are other safeguards in place but they will not disclose what they are .

anyway , i thought this process was going to take a much longer time frame to resolve with multiple calls on my end to prod things but that wasn't the case . the folks assigned to helping us have been quite responsive .

i will report back when the accounts are actually open again .

 

[audreyh1]

Wow!! Glad they caught it!

 

[audreyh1]

It bugs me that Fidelity requires a direct connect with Quicken to download transaction data. I would rather import a QFX file that doesn't require me to log into Fidelity through Quicken. I'm leery of Quicken security.

I think I'll call Fidleity and complain about this point. I've been meaning to.

 

[DrRoy]

Very cool. I am glad they are so careful. I have lots of $ there.

 

[Dawg52]

Something similar happened to me several years ago with Fidelity. A lady called telling me they had detected someone trying to hack into my account. Told me to keep virus protection up to date but did not require having PC cleaned professionally.(7-8 years ago) They opened up new accounts for me as well. Didn't take long.

 

[Corporateburnout]

It bugs me that Fidelity requires a direct connect with Quicken to download transaction data. I would rather import a QFX file that doesn't require me to log into Fidelity through Quicken. I'm leery of Quicken security.

I think I'll call Fidleity and complain about this point. I've been meaning to.

I stopped downloading transaction data from Fidelity in Quicken for sometimes now. I just couldn't trust to provide my Fidelity passwords so I manually input all transactions into Quicken at month end.

 

[MRG]

Thanks math jack.

It's always interesting to hear what internal risk management finds. Not much surprises me after years in the industry.

One that surprised me was Megacorp's own security staff running DOS attacks on their own systems during the day with clients active. Of course hackers don't wait till COB.

 

[ElizabethT]

Can I just say the OP was difficult to read? Proper sentence structuring would be oh so helpful.

 

[jazz4cash]

So what service did you use to clean your PC and what was the cost ( or was it malware bytes)?


Sent from my iPhone using Early Retirement Forum

 

[audreyh1]

I stopped downloading transaction data from Fidelity in Quicken for sometimes now. I just couldn't trust to provide my Fidelity passwords so I manually input all transactions into Quicken at month end.

I'll probably end up doing this, but I'll still create a campaign after Fidelity on it.

With Turbotax we temporarily change passwords before downloading transactions. Once a year - no big deal.

But the monthly downloads into Quicken - not so convenient to change passwords.

I bet I can get to the Fidelity online security department to have a conversation.

With my banks and credit cards I have the option to download a QFX file with no exposure of my password to Quicken. I just can't believe Fidelity doesn't provide this. They provide a CSV file! QFX is just a different format.

 

[mathjak107]

So what service did you use to clean your PC and what was the cost ( or was it malware bytes)?


Sent from my iPhone using Early Retirement Forum

it was 100 bucks , they came to us . local computer guy . not sure what virus software they used but they followed up the virus software with malware byres .

but fidelity would not accept us doing it in this case

 

[mathjak107]

fidelity will be introducing a new system . for certain account transactions they will send a code to your e-mail or phone that will be needed to complete the transaction .

 

[mathjak107]

Something similar happened to me several years ago with Fidelity. A lady called telling me they had detected someone trying to hack into my account. Told me to keep virus protection up to date but did not require having PC cleaned professionally.(7-8 years ago) They opened up new accounts for me as well. Didn't take long.

depending on the level of threat they may or may not allow you to scan the system yourself .

they considered this a very high level threat .

 

[mathjak107]

it was 100 bucks , they came to us . local computer guy . not sure what virus software they used but they followed up the virus software with malware byres .

but fidelity would not accept us doing it in this case

I do notice that my computer ends up going to youporn instead of youtube every time I type youtube ha ha ha ..

at least that is what I tell my wife ha ha ha ha

 

[Dawg52]

depending on the level of threat they may or may not allow you to scan the system yourself .

they considered this a very high level threat .

How do they know you take it somewhere? Obtain some sort of confirmation from the person doing it?

 

[mathjak107]

they can ask for the invoice and result but in our case they just wanted a recorded verbal answer.

don't forget , if they get any money out depending on circumstances you might end up with a very long investigation . it may not be a simple few days .

so it is in your own best interest to actually do some extra steps on your end or face the consequences all over again .

 

[Dawg52]

they can ask for the invoice and result but in our case they just wanted a recorded verbal answer.

don't forget , if they get any money out depending on circumstances you might end up with a very long investigation . it may not be a simple few days .

so it is in your own best interest to actually do some extra steps on your end or face the consequences all over again .

I did what they told me to do. I now pay for virus protection software(used free versions before) and run malware to hopefully avoid any future problems. They didn't suggest using paid over free, but I feel I get a little better protection. Haven't had any problems since.

 

[SJ1_]

wow! thanks for sharing.

 

[Golden sunsets]

Can I just say the OP was difficult to read? Proper sentence structuring would be oh so helpful.

ElizabethT
I think your comment was totally unnecessary.


Sent from my iPhone using Early Retirement Forum

 

[mathjak107]

I type a lot and type with 1 finger lefty because diabetic neuropathy has made my finger tips to sensitive to type .

I learned to type quite fast lefty but using punctuation is usually out .

the results are not always the greatest but they get the message across .

 

[Blueskies123]

ElizabethT
I think your comment was totally unnecessary.


Sent from my iPhone using Early Retirement Forum

Math's explanation was acceptable but we should not be so sensitive to a little constructive criticism.

 

[Taxman59]

I wonder if it was a problem at Fidelity. Last Friday, I was on and when I changed screens (to Full View I think). I got a warning that since I was located in a prohibited country, Treasure Regulations prohibit me from accessing those features of my account. What it meant was any access to my account. I called and left a message at the problem desk, explaining that I was in the same chair in the same house in Greensboro, NC that I had always been in, and I thought it was strange that all of a sudden I was banned from my account. I tried again on Saturday (after 2 reboots and clearing the location from Google maps etc) and I got in. The call back on Wednesday said that I should verify my account information and the gentleman implied that there may have been a software glitch on their end.

 

[CaliKid]

Thanks for sharing. It's interesting about them wanting you to clean your computer.

I am curious why they make you get a new account number though. It seems like once they stopped the threat, by changing log-in info, what's the big deal about an account number? It seems my financial institution account numbers (and routing) are on every check that gets sent all over the universe anyway; practically public info.

 

[MRG]

Thanks for sharing. It's interesting about them wanting you to clean your computer.

I am curious why they make you get a new account number though. It seems like once they stopped the threat, by changing log-in info, what's the big deal about an account number? It seems my financial institution account numbers (and routing) are on every check that gets sent all over the universe anyway; practically public info.

While you are correct the account number is not that secret. It's also part of the data elements that are protected by identify theft laws. So I understand the change. Also some of these types of practice come from "Auditor Monthly Journal".

 

[mathjak107]

n

I wonder if it was a problem at Fidelity. Last Friday, I was on and when I changed screens (to Full View I think). I got a warning that since I was located in a prohibited country, Treasure Regulations prohibit me from accessing those features of my account. What it meant was any access to my account. I called and left a message at the problem desk, explaining that I was in the same chair in the same house in Greensboro, NC that I had always been in, and I thought it was strange that all of a sudden I was banned from my account. I tried again on Saturday (after 2 reboots and clearing the location from Google maps etc) and I got in. The call back on Wednesday said that I should verify my account information and the gentleman implied that there may have been a software glitch on their end.

wow , I did see that message flash for a second before I was locked out .but they did confirm my wife's info was on a under ground site.


did it happen around 4-5pm est ?