Donny Carlson
01-01-2005, 08:00 PM
Sad to say, yours truly was the victum of clever Intenet thieves this week, who managed to steal $200 from my checking account via two ATM withdrawals... From Alpha Bank in Moscow, Russian Republic, even though my ATM card was in my wallet at the time.
I get emails from my bank, SouthTrust (now merged with Wacovia) that notify me of direct deposits, when my account drops to a certain balance, etc. On Tuesday, I got this very alarming email which was IDENTICAL to SouthTrust email, even down to the bank logo and current marketing slogan:
<!--StartFragment -->__________________
Dear Customer,
SouthTrust Bank, is committed to maintaining a safe environment for our customers. To protect the security of your account, SouthTrust Bank, employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the SouthTrust system for unusual activity.
We are contacting you to remind you that on Dec. 28, 2004 our Account Review Team identified some unusual activity in your account. In accordance with SouthTrust's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. We encourage you to log in and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure.Visit now Online Banking page and perform verification process:
Log In To Online Banking Page: (note not a real link - Donny)
Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account. We apologize for any inconvenience.
Sincerely,
SouthTrust Bank., Account Review Department
_______________________
When you clicked on the link above, it took you to the bone fide SouthTrust online web site, with the proper "HTTPS" in the address line, and the lock icon, indicating a secure site. Over this was a pop up window. It looked like this:
http://www.southtrust.com/NR/rdonlyres/139A8756-6879-4B78-A978-06E1F85D8E29/0/alert_emailfraud.jpg
As you can see, the popup looks to be authentic, even has a lock symbol. Thinking my account was restricted or frozen, and looking at this on my screen believing I was on a secure SouthTrust web site, I entered the information in the window, got a "Your identity is confirmed and the restriction on your account is now lifted, thank you" message" What I did was give some phisher jerk in Russia all the information needed to create a duplicate ATM card and the PIN to be able to use it. Which they did. The only reason I lost only $200 was because my checking account balance that day was $257, they made two, $100 withdrawals, then attempted a third $100 withdrawal, which was declined.
The scariest part is they also had my online user name and password, which could allow them to transfer funds, AND check my balances in all my accounts. And my paycheck was direct deposited on Thursday evening. They could have stolen my entire paycheck.
I discovered the theft in time to cancel my ATM card and change my online password and user id. Fortunately, under FTC rules, unathorised use of an ATM card has a limit of liability of $50 as long as you report the crime within 2 business days. I reported it within this time, and SouthTrust has told me that once they receive a notarised affidavit from me, I'll get all the $200 credited back plus the ATM service fees. But shhhhoooooot, it could have been nasty had they stolen an entire pay check without my knowledge, especially with checks and electronic payments not clearing.
Never, I mean NEVER, give out account information over the Internet, even if it looks authentic and has Verisign clearance, secure icons, etc. Thieves are one step ahead of these safeguards and WILL get you eventually.
Google shows that this scam is being used with other banks and credit cards, too, so be forewarned.
I am just happy they only got $200, and that eventually I'll get it back.
I get emails from my bank, SouthTrust (now merged with Wacovia) that notify me of direct deposits, when my account drops to a certain balance, etc. On Tuesday, I got this very alarming email which was IDENTICAL to SouthTrust email, even down to the bank logo and current marketing slogan:
<!--StartFragment -->__________________
Dear Customer,
SouthTrust Bank, is committed to maintaining a safe environment for our customers. To protect the security of your account, SouthTrust Bank, employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the SouthTrust system for unusual activity.
We are contacting you to remind you that on Dec. 28, 2004 our Account Review Team identified some unusual activity in your account. In accordance with SouthTrust's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. We encourage you to log in and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure.Visit now Online Banking page and perform verification process:
Log In To Online Banking Page: (note not a real link - Donny)
Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account. We apologize for any inconvenience.
Sincerely,
SouthTrust Bank., Account Review Department
_______________________
When you clicked on the link above, it took you to the bone fide SouthTrust online web site, with the proper "HTTPS" in the address line, and the lock icon, indicating a secure site. Over this was a pop up window. It looked like this:
http://www.southtrust.com/NR/rdonlyres/139A8756-6879-4B78-A978-06E1F85D8E29/0/alert_emailfraud.jpg
As you can see, the popup looks to be authentic, even has a lock symbol. Thinking my account was restricted or frozen, and looking at this on my screen believing I was on a secure SouthTrust web site, I entered the information in the window, got a "Your identity is confirmed and the restriction on your account is now lifted, thank you" message" What I did was give some phisher jerk in Russia all the information needed to create a duplicate ATM card and the PIN to be able to use it. Which they did. The only reason I lost only $200 was because my checking account balance that day was $257, they made two, $100 withdrawals, then attempted a third $100 withdrawal, which was declined.
The scariest part is they also had my online user name and password, which could allow them to transfer funds, AND check my balances in all my accounts. And my paycheck was direct deposited on Thursday evening. They could have stolen my entire paycheck.
I discovered the theft in time to cancel my ATM card and change my online password and user id. Fortunately, under FTC rules, unathorised use of an ATM card has a limit of liability of $50 as long as you report the crime within 2 business days. I reported it within this time, and SouthTrust has told me that once they receive a notarised affidavit from me, I'll get all the $200 credited back plus the ATM service fees. But shhhhoooooot, it could have been nasty had they stolen an entire pay check without my knowledge, especially with checks and electronic payments not clearing.
Never, I mean NEVER, give out account information over the Internet, even if it looks authentic and has Verisign clearance, secure icons, etc. Thieves are one step ahead of these safeguards and WILL get you eventually.
Google shows that this scam is being used with other banks and credit cards, too, so be forewarned.
I am just happy they only got $200, and that eventually I'll get it back.