Re: 2 factor authentication -- I see text messages right on my computer, so I'm not sure that it adds any security at all.
I’m not yet convinced this was hacking - or at least that it was done from outside.
Fidelity should be able to scratch down through the entire event ... including whether a 2FA code was sent, when it was sent, if it was used, etc ...
Re: 2 factor authentication -- I see text messages right on my computer, so I'm not sure that it adds any security at all.
So I am trying to figure out the end game here. They fund the IRA from one of your other accounts and then make a withdrawal? Seems like a lot of steps and waiting if they already have access to your account.
I have transfers blocked on all my accounts. So nothing leaves unless I remove the block.
Assuming I have some basic information like last 4 digits off your SS number and mothers maiden name...
Hi, this is Mr Cheesehead, I like to remove the block and make a withdrawal ...
My last 4 digits....my mother’s name is Chedder, my dogs name is Swiss.... I like to transfer my $11 million IRA to an IRA I have with Cayman bank....
I have them sent to my phone, so...
Hackers need my VG password and my phone that’s password protected, and I get emails and text confirmation for every transaction before it happens.
Another reason I like my managed accounts. I can't get my own money so I don't think the hackers will either.
I have to talk to a real person and they do the sales and transfers.
My cell phone decided it wanted to go for a swim last summer while I was away for a week or so. I wasn't near anyplace to get a new one for a while.
I realized that I would be screwed if I'd needed two-factor authentication for anything. Many people nowadays also use their phones for e-mail, particularly when away from home.
Also, if the credit card company detects an unusual purchase, they may block the card until you call them from the number on file, or may call that number and block the card if you don't answer. Either way, now you've got no phone AND no credit card. (Well, most of us carry more than one card, but you get the point.)
It's downright frightening how much we depend on those things always being with us and always working!
This is interesting to me because I thought a credit freeze kept ANYONE from setting up a new account in your name. The credit "lock" costs 25.00 monthly per credit bureau. Is this a new way for the credit bureaus to make money? I have always had to unfreeze my credit report when getting credit in my name.
I had an agent involved in moving money from an IRA to my ROTH the middle of December. I asked three reps at Fidelity if the agent opened this new IRA account. All three said "no." The money transfer was from December 13 and the new IRA was set up the end of December.....It is a possibility to me.
Yes, I wonder if it was simply an error. Basically someone setting up an account for another user and put in your group of accounts by mistake.
I always delete them immediately after entering. They say they're good for 10 minutes, I leave them there for @ 10 seconds. Can hackers hack deleted messages? Always wondered about that.Re: 2 factor authentication -- I see text messages right on my computer, so I'm not sure that it adds any security at all.
Have not heard a word yet from Fidelity. In the meantime, I have been running virus scans and downloaded Malwarebytes and scanned both pc's. Results came back with spyware on one computer.
I downloaded my credit reports and nothing looks strange. Already had credit freezes on all three credit bureaus but on their site it states only a "credit lock" keeps someone from setting up a new account. There was a soft inquiry from Fidelity in February when I set up an IRA and ROTH at Fidelity. There was also a soft inquiry when the new account was set up the end of December. The one Fidelity is investigating. This is interesting to me because I thought a credit freeze kept ANYONE from setting up a new account in your name. The credit "lock" costs 25.00 monthly per credit bureau. Is this a new way for the credit bureaus to make money? I have always had to unfreeze my credit report when getting credit in my name.
My Fidelity login ID and password are both 25-characters, randomly generated by our password manager and changed every 60-90 days. The answers to all my security questions are also 25-character random combinations of letters, numbers, and special characters and stored in the password manager. The master code for our password manager is 25 characters and known only by DW and myself.
I use 2FA via the VIP Access app, where the temporary code changes every 30 seconds. Both the password manager and VIP access run on my smartphone which requires my fingerprint to unlock. I have all our accounts on money transfer lockdown, unless I need to move something, and then it's immediately turned back on. I also activated the Fidelity voice recognition verification system, so in theory, no one can call Fidelity pretending to be me.
Even if someone broke through all that and managed to steal some money, Fidelity has a fraud protection guarantee, which would reimburse us for any losses from unauthorized activity that occurred through no fault of our own.
How sad that we have to go to such lengths just to protect a bank account.
A already do the two step process. That is why this is so perplexing.