Sage Advice

engineernerd said:
Fidelity's Money Transfer Lockdown is special-purpose. You know how, if you want to open a brokerage account at (say) Schwab using assets transferred from Fidelity, you only have to contact Schwab and then Schwab takes care of everything? Apparently there are crooks who can fool Schwab (or any brokerage firm) that they are you, then once the new account has the assets they withdraw the funds. So the lockdown communicates that you did not authorize any other brokerages to take assets from your Fidelity account.
Click to expand...
It's called an ACATS (Automated Customer Account Transfer Service) transfer, and that does seem to be the primary reason it was developed.

There are other types of transfers that are also blocked.
 
ERD50 said:
Yes, but if the hacker got into your email, they can intercept that 2FA (if dome by email).

I think that the only direct debits allowed are ones that existed prior to you setting the lock. So a @engineernerd says above, it could stop a 'pull' like another brokerage does under your direction, if a hacker was able to impersonate you.
Click to expand...
I was only responding to some specific concerns you expressed. Yeah, you have to actually setup 2FA and be responsible for securing your email or whatever device used. I like using my laptop to initiate the transaction but getting OTP on my phone even though SMS is considered inferior. I’m not saying anything is foolproof. It’s layers of deterrence. As for direct debits Fidelity says they are excluded from MTL and that is a major flaw IMO. You can disable MTL, schedule a push transfer, and re-enable MTL immediately to retain protection. There is plenty of confusion wrt what MTL does and does not do.

In OP’s scenario, a hacker having login credentials could get the account and routing #’s to setup a direct debit to another account without even bothering to create an account in the victim’s name (as far as I can tell).
 
jazz4cash said:
I was only responding to some specific concerns you expressed. Yeah, you have to actually setup 2FA and be responsible for securing your email or whatever device used. I like using my laptop to initiate the transaction but getting OTP on my phone even though SMS is considered inferior. I’m not saying anything is foolproof. It’s layers of deterrence. As for direct debits Fidelity says they are excluded from MTL and that is a major flaw IMO. You can disable MTL, schedule a push transfer, and re-enable MTL immediately to retain protection. There is plenty of confusion wrt what MTL does and does not do.

In OP’s scenario, a hacker having login credentials could get the account and routing #’s to setup a direct debit to another account without even bothering to create an account in the victim’s name (as far as I can tell).
Click to expand...
Direct debits occur with MTL on.

I use a CMA at Fido as our primary spending/checking account. MTL is always on, but debits for paying bills, etc still execute.
 
Social media is also another way to get that company’s attention.

Is there reason to believe that apps are safer than websites in this scenario?
 
You must log in or register to reply here.

Similar threads

J
Did SS Revise mySS Account Statement?
jazz4cash
J
Kings over Queens
PSA - Zelle Scam
2
audreyh1
audreyh1
Midpack
Settling My Sister's Trust/Estate
2 3
SecondCor521
SecondCor521
Amethyst
New hack tactic? Someone bought Amazon (electronic) gift cards using my Amazon credit card, and the cards went to me!
2 3
audreyh1
audreyh1
Golden Mean
Vanguard hacking attempt
RetMD21
R

Latest posts

Back
Top Bottom