Bank account got hack

Ryan9764Ryan9764 Member Posts: 88 ■■□□□□□□□□
Well, It happen. My bank account got hack. They transfer 2000 dollars and spent 2000 in a grocery store. This is why I trying to get into security. To stop people from doing this to me and to others. I trying to stay calm but I am so mad. Hopefully they will catch whoever did this.
«1

Comments

  • MontagueVandervortMontagueVandervort Member Posts: 399 ■■■■■□□□□□
    Sorry that happened to you man. I know how you feel. Last year someone jacked my credit card for close to the same amount. It turned out it was a technical support representative from a company I had just purchased something from that same day. She had a really bad attitude when dealing with me on the phone, but I would have never suspected she was going to do that.

    The company she worked for put the money back onto my card, but I ended up having to replace my credit card for security purposes. It was a pain in the aspirin for me... having to replace the card on so many accounts, and the girl was never penalized at all.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Pretty solid chance they won't catch the person who did it (sadly). My belief, as MontagueVandervort, pointed out is that a lot of this is largely bank insiders. My sister has her debit card number stolen no less than three times a year. She doesn't shop anywhere strange online and goes to the same places I do. Security is very much that balance between being secure and having convenience. A lot we could do to stop this stuff from happening, but at a cost of time (and I'm sure some amount of money).
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • byron66byron66 Member Posts: 169 ■■■□□□□□□□
    That really sucks. I had $400 stolen from my debit card once. $2000 at a grocery, where the heck did they go?
    CCNA   A+   N+  Sec+
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Ryan9764 wrote: »
    spent 2000 in a grocery store

    "I'm not even mad. That is impressive!"
    -Ron Burgundy
  • Ryan9764Ryan9764 Member Posts: 88 ■■□□□□□□□□
    byron66 wrote: »
    That really sucks. I had $400 stolen from my debit card once. $2000 at a grocery, where the heck did they go?
    A grocery store on the east coast called Food Lion. I know that because I was station in Lejeune which as a food lion. They did it on two separate times, each for 1000 dollars.
  • Ryan9764Ryan9764 Member Posts: 88 ■■□□□□□□□□
    the_Grinch wrote: »
    Pretty solid chance they won't catch the person who did it (sadly). My belief, as MontagueVandervort, pointed out is that a lot of this is largely bank insiders. My sister has her debit card number stolen no less than three times a year. She doesn't shop anywhere strange online and goes to the same places I do. Security is very much that balance between being secure and having convenience. A lot we could do to stop this stuff from happening, but at a cost of time (and I'm sure some amount of money).

    Yeah figure they won't. I just having a shitty week already. I going to keep my head up high and keep living life.
  • sillymcnastysillymcnasty Member Posts: 254 ■■■□□□□□□□
    2000? I would have guessed Whole Foods lol
  • MontagueVandervortMontagueVandervort Member Posts: 399 ■■■■■□□□□□
    Easy as pie (purposeful pun here & yeah, yeah... I know, I know) to spend $2000 in a grocery store these days. Meat, cigs, and booze. It's gone in a flash.
  • QueueQueue Member Posts: 174 ■■■□□□□□□□
    I try to limit my bank accounts exposure by never using the debit card. I use credit cards for sketchy purchases. Also have a bank that does multi factor authentication.

    Sorry you were compromised. Seems to be the norm most days.
  • NetworkingStudentNetworkingStudent Member Posts: 1,407 ■■■■■■■■□□
    Ryan9764 wrote: »
    Well, It happen. My bank account got hack. They transfer 2000 dollars and spent 2000 in a grocery store. This is why I trying to get into security. To stop people from doing this to me and to others. I trying to stay calm but I am so mad. Hopefully they will catch whoever did this.

    Can you work with the bank to get the money back? I would at the very least talk to them and see what they say.

    I would definitely look into Life Lock

    https://www.lifelock.com/

    Man I don't know what I would do if I were in your shoes.

    Get a new card today!!

    Change all of your passwords for all accounts.

    At least change the bank password today!!
    When one door closes, another opens; but we often look so long and so regretfully upon the closed door that we do not see the one which has opened."

    --Alexander Graham Bell,
    American inventor
  • E Double UE Double U Member Posts: 2,229 ■■■■■■■■■■
    Ryan9764 wrote: »
    Hopefully they will catch whoever did this.

    You can try, but you'll never catch me :D
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • sillymcnastysillymcnasty Member Posts: 254 ■■■□□□□□□□
    Also for the record if anyone is worried about using shady looking websites, credit card companies offer virtual credit card numbers. Use them and trash them, so your actual number is hidden.
  • Cisco InfernoCisco Inferno Member Posts: 1,034 ■■■■■■□□□□
    sucks to hear. they probably raided the visa gift cards or went ham at the money order counter.
    What bank do you use??
    2019 Goals
    CompTIA Linux+
    [ ] Bachelor's Degree
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    @OP - I assume that you realize that your funds are insured and that you can get your money back. Ideally, it was your bank that detected the fraud and you already confirmed the fraud.

    Note that you have usually a few days (I think up to 60 days for certain amounts) to claim the fraud so you are covered. So you may want to take care of it soon. Some banks will send you an affidavit to sign that you didn't authorize the transfer - make sure you do that soon as there are time limits. In general, you should have no liability on that unauthorized transfer.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    sucks to hear. they probably raided the visa gift cards or went ham at the money order counter.
    What bank do you use??

    I was going to say, my wife and I went crazy at BJ's one time and only spent like $500. $2000 at a Food Lion? Nah, wasn't food that's for sure.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • Ryan9764Ryan9764 Member Posts: 88 ■■□□□□□□□□
    sucks to hear. they probably raided the visa gift cards or went ham at the money order counter.
    What bank do you use??
    I have three different banks. But the bank that got hack was USAA.
  • TranceSoulBrotherTranceSoulBrother Member Posts: 215
    Ryan9764 wrote: »
    I have three different banks. But the bank that got hack was USAA.

    Go hacked three times over the past 5 years while with USAA.
    While I don't think it's because of the bank, but it's frustrating.

    Last time, it was someone who spent about $700 at a liquor store in Cleveland OH on New Year' Day while I was deployed down range.
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    Stop using those debit cards
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    So far I've been pretty fortune. I had my World Of Warcraft (WOW) account compromised once, I was using a 3rd party program for resource gathering call “Gather” of all things. Every time Sony would update the client, Gather would stop working forcing me to search for an upgraded version. I think they updated the client something like 5 times in 2 days, I was getting pretty pissed having to get new versions, so I neglected to scan one of the software updates before installing it. They got my password and wiped out all the gold and items my account.(but they were nice enough to leave me my armor and mount) I deleted the entire WOW client, did a full antivirus scan, stopped playing the game and changed all my passwords. I could have contacted Wow to restore the account, but didn't. I didn't start playing again for something like 2 years after that. I haven't played any WOW since I started pursuing certifications.

    Someone in Georgia charged a meal at Wendy’s in Georgia, (I’m in NJ) I just happened to be checking my account that day and immediately noticed it. Contacted the credit card company, cancelled the card and got a replacement card in a few days.

    I can’t say any other accounts have been compromised that I know of.
    Still searching for the corner in a round room.
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    Ryan9764 wrote: »
    But the bank that got hack was USAA.
    I'm curious why you believe that the bank was hacked? Did they actually disclose that to you? The fraud you described isn't normally because a bank was hacked. It's usually a merchant, skimmer, or insider as MontagueVandervort mentioned.
  • KyrakKyrak Member Posts: 143 ■■■□□□□□□□
    To people asking about what they bought for that much, I am sure it was gift cards, which you can easily turn into money orders (cash).
    Up next: On Break, but then maybe CCNA DC, CCNP DC, CISM, AWS SysOps Administrator
  • jcundiffjcundiff Member Posts: 486 ■■■■□□□□□□
    paul78 wrote: »
    I'm curious why you believe that the bank was hacked? Did they actually disclose that to you? The fraud you described isn't normally because a bank was hacked. It's usually a merchant, skimmer, or insider as MontagueVandervort mentioned.

    USAA hasnt been breached, his account was, and since they were able to transfer $$ it sounds like they got his PIN as well.... one of these days, people are going to learn not to enter their PIN all over town icon_sad.gif run it as credit and dont stick it in gas pumps... they dont have to be EMV compliant until 2020 and even that deadline is questionable
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • Ryan9764Ryan9764 Member Posts: 88 ■■□□□□□□□□
    Sorry I didn't write it well. I was so pissed and wasn't thinking clearly. I do that when I excited or mad at something. I meant to say that my card got breach like jcundiff said.
  • jcundiffjcundiff Member Posts: 486 ■■■■□□□□□□
    Ryan9764 wrote: »
    Sorry I didn't write it well. I was so pissed and wasn't thinking clearly. I do that when I excited or mad at something. I meant to say that my card got breach like jcundiff said.

    There have been several merchant breaches in the news lately... Eaten at Chipotle, Ruby Tuesdays, or Baja Fresh in the last 3 or 4 months? If so, then that is a good possibility of where/how. You pay at the pump as debit (entering pin at the pump?) gas pump skimmers are 2nd only to ATM skimmers
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    Ryan9764 wrote: »
    Sorry I didn't write it well. I was so pissed and wasn't thinking clearly. I do that when I excited or mad at something. I meant to say that my card got breach like jcundiff said.
    That makes more sense. It's definitely very inconvenient when that occurs. You mentioned an interest in IT security in your initial post. Not to pig-pile but one of the biggest causes of fraud and security incidents tend to be user-behavior. That's one of the reasons why techniques like phishing are effective. Unfortunately wetware is still one of the best attack vectors icon_smile.gif BTW - Brian Krebs wrote several good articles on carding and skimmers on his blog that you may find interesting - it's good reading if you are unfamiliar with the techniques.
  • jelevatedjelevated Member Posts: 139
    Often times these thieves will go for gift cards. They probably didn't buy $2000 in bacon using OPs cards, but 20 $100 gift cards can be sold downstream, online or stashed for a rainy day. Frustrating as hell, but it's so so so easy to clone cards and with chip and dip taking so long to implement this will happen for a long time. Best is to logically partition if you use debit cards (most banks allow multiple accounts) or if you are extremely disciplined, credit/charge cards. Some banks are really terrible at dealing with fraud situations. Some banks demands that you fill out about 20 pages of paper work even then it's no guaranteed and they will fight you along the way. Others such as American Express you can report fraud in two clicks and they will send you another card the next day. That's not exclusive to Amex, you just have to shop around for banks that don't suck.
  • hurricane1091hurricane1091 Member Posts: 919 ■■■■□□□□□□
    Easy as pie (purposeful pun here & yeah, yeah... I know, I know) to spend $2000 in a grocery store these days. Meat, cigs, and booze. It's gone in a flash.


    Sounds like a banger of a weekend.
  • Ryan9764Ryan9764 Member Posts: 88 ■■□□□□□□□□
    jcundiff wrote: »
    There have been several merchant breaches in the news lately... Eaten at Chipotle, Ruby Tuesdays, or Baja Fresh in the last 3 or 4 months? If so, then that is a good possibility of where/how. You pay at the pump as debit (entering pin at the pump?) gas pump skimmers are 2nd only to ATM skimmers
    None of them. I always go inside to pay at a gas station. I had eaten at Chipotle in the past 3 months though. I usually good at keeping up with tech news and didn't know that chipotle has a security breach.
  • jcundiffjcundiff Member Posts: 486 ■■■■□□□□□□
    jelevated wrote: »
    Often times these thieves will go for gift cards. They probably didn't buy $2000 in bacon using OPs cards, but 20 $100 gift cards can be sold downstream, online or stashed for a rainy day. Frustrating as hell, but it's so so so easy to clone cards and with chip and dip taking so long to implement this will happen for a long time. Best is to logically partition if you use debit cards (most banks allow multiple accounts) or if you are extremely disciplined, credit/charge cards. Some banks are really terrible at dealing with fraud situations. Some banks demands that you fill out about 20 pages of paper work even then it's no guaranteed and they will fight you along the way. Others such as American Express you can report fraud in two clicks and they will send you another card the next day. That's not exclusive to Amex, you just have to shop around for banks that don't suck.

    Yeah, gift cards and electronics are the two most popular options... OP you need to enable fraud alerts on your USAA account if you havent done so already. Anything over $50 is a good number, and I think they offer geographic alerts as well... meaning you can set a radius of xx mile around your location and anything outside it is automatically flagged as fraud. Of course this means if you are traveling, you have to let them know in advance. :)
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    jelevated wrote: »
    Some banks are really terrible at dealing with fraud situations. Some banks demands that you fill out about 20 pages of paper work even then it's no guaranteed and they will fight you along the way. Others such as American Express you can report fraud in two clicks and they will send you another card the next day. That's not exclusive to Amex, you just have to shop around for banks that don't suck.

    That's one of the reasons I have tried but ultimately switched my primary banking back from credit unions back to one of the major banks. At one of the credit unions I tried, first thing they outsourced their fraud dept to a third party company and that was a cluster to deal with, then the next day I had to travel to one of a select few main branches which was inconvenient, then had to wait and meet with a member rep, then had to fill out forms, then had to wait 48 hours for them to investigate, then finally they gave me back the money PENDING final outcome of their investigation (thankfully I was able to keep it). As soon as I walked out of there that day I said "**** this", remoted into my work computer and changed my direct deposit back to the major bank account I was using prior. I've found that it's similar at lots of other CU's too. At the bank I use not only is their fraud dept in-house and 24/7, they issue funds back immediately and state upfront that your money is not at risk when it's fraud. I don't have one yet but will also probably just get an AMEX and use it for everything that way I don't have to do deal with that. As was mentioned, AMEX is amazing about that sort of thing.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Sign In or Register to comment.