Subscribe
Printer Friendly
Share this PageFight Identity Theft Blog
Charles Darrow patented Monopoly in 1935. Since then, millions of people have turned giddy when receiving the "Bank Error in Your Favor" card from Community Chest.
Unfortunately, bank errors are nothing but a hassle in real life - the only thing you collect is a headache and frustration. To help reduce the headache, here are 10 things that everyone should know about bank errors:
Be Patient
The problem will not be solved over night. Banks process many transactions every day and it may take a few days for them to track down and solve your problem.
Be Quick
Call in the error to the bank supervisor (there isn't much that a teller can do) as soon as you discover it. The sooner the bank can start looking into it the better.
Keep Notes
Keep quality notes of who you talk to, when you talked to them, and what was said/promised. You may need to make several phone calls and it helps to be able to clearly state who you spoke with and what was said. You also may be required to provide documentation somewhere down the line of what you did. Good records will help make this as painless as possible.
Know the End Game
Ask for a date when the problem should be resolved. This will help keep the bank focused on solving your problem in a timely way.
Dodge Bounced Check Fees
If the mistake is an under deposit (you end up with less money than you thought), you should ask the bank to cover any fees that may occur because of the shortage of funds. The bank should cover fees to fix the problem and any others that occur because the correct amount of funds was not in the account
Don't Spend the Bank's Money
If there is an over deposit, don't spend the money. It might be tempting if the bank accidently deposits an extra $10,000 in your account. Unfortunately the money isn't yours and you shouldn't assume that the bank is going to let you keep it. If you do spend it you are just going to have to give it back - possibly with penalties or jail time if you can't return the money in a timely fashion.
Don't Move the Bank's Money
Don't be tempted to move the money to your brokerage account so you can make some nice interest or buy one of your favorite stocks. Leave the money in the account so the bank can figure out how it got there. Don't take the money out of the account so you don't spend it. The bank needs it there to track where it came from. Also, the money needs to be in your account when the bank figures out where it goes and decides to move it out of your account.
Stop Dreaming
The bank's not going to let you keep the money. Yes, the bank makes errors, but they are not going to let you keep somebody else's money because they made an error. Get over it. Stop dreaming about that Hawaiian vacation or a mall spending spree. It's not your money.
Complain or Switch
Some people seem to have bad luck when it comes to bank errors. I've been lucky and have had very few, but if you're having to deal with a lot of errors you should complain. Call customer support and ask to speak with a supervisor. Let them know how much of a hassle these errors have been. Have a reward in mind for how they can keep you as a customer. If you have a credit card, ask them to lower the interest rate. If you're paying monthly bank fees for your account, ask them to wave them.
If they're unwilling to do anything for you it's probably time to move to a new bank.
Act Fast on ATM Issues
You only have 60 days to report an ATM transaction error. So, if the ATM records show that you took out more money than you actually did or vice versa, you must report it promptly or you are out of luck.
A bank error is not the joyous occasion that Monopoly suggests. It's more like a "Go Directly to Faceless Corporate Bank Hell" card. Follow these ten steps, however, and you'll survive mostly unscathed.
One more thing...
We've noticed on a different blog post - British Lottery Scam - that people are tempted to take a bad check and deposit it, hoping that the bank will become confused and give them the money. Here's how one poster puts it:
I received the lottery scam in the mail. There is a check enclosed that is to be cashed and sent back to pay the British taxes. What would happen if I cashed the check and kept the cash? Would the scammers loose the money?
Ummm... no. Checks like these are forgeries. The scammers don't loose money. You just create a problem for yourself by depositing a bad check, temporarily inflating your bank account, and then suddenly having it removed once the bank figures out it's fraudulent.
Does that sounds fun?
To learn more about bank errors, visit the always excellent bankrate.com.
The BBC is reporting that 25 million Britains were exposed to the threat of identity theft when the HM Revenue & Customs (similar to the IRS in the U.S.) lost a CD containing personal data.
Ouch!
This has to be one of the worst data breaches ever, since the CD was not encrypted (just password protected) and the data included:
- Name
- Address
- Date of birth
- Bank account details
- National insurance number
In case you're not familiar with that last item, it's similar to the Social Security Number here in the U.S. What else could a potential thief want?
The CD with the data was sent to another HMRC location by a lower level employee via regular mail instead of using an encrypted network connection or some other secure method. The CD never showed up at the other office and officials are now trying to determine if it was stolen or just lost.
"The data lost - bank account numbers, names and addresses - represents a gold mine for the thieves and is much more valuable to them than credit card numbers or taxpayer id numbers," said Gartner analyst Avivah Litan.
"In fact, in the black market, bank account numbers sell for the highest price, or between $30 and $400 (£15 to £200), which is significantly more than the fifty cents to five dollars that criminals pay for credit cards."
This disaster has already forced the resignation of HMRC's chairman - Paul Gray. I'm guessing the employee involved was also "sacked," as the Brits like to put it. Let's hope so.
More coverage on the BBC site - Q&A: Child Benefit Records Lost | Analysis: How Worried Should You Be?
Recently, a new phishing e-mail has been circulating. The e-mail is the IRS asking for donations to help the victims of the California wildfires. The e-mail is a scam. The IRS is not and never will ask for donations, let alone send out an e-mail asking for financial and personal information.
The e-mail seems real enough. It provides links to an IRS website. The website asks for personal and financial information in order to obtain the donation. It seems like a good thing to do. However, do not enter any personal or financial information, the website is not the real IRS website. The information that is asked for is what the scammers use to steal identities, open new lines of credit and ruin peoples’ credit and lives. If that weren't enough, the links and the e-mail are also thought to contain “malware and other malicious software.”
To protect yourself and help stop the phishing scam the IRS
“urged those who received the scam e-mail to help the IRS shut down the operation by forwarding it to phishing@irs.gov, using instructions found in "how to protect yourself from suspicious e-mails or phishing schemes" on the genuine IRS Web site, http://www.irs.gov.”
On a happier note, the IRS is doing their part to help the wildfire victims. They are extending payment and tax return filing deadlines for victims.
“As California taxpayers start the recovery process, the last thing they should worry about is meeting a tax deadline,” said IRS Acting Commissioner Linda Stiff. “The IRS offers many resources for disaster victims online at IRS.gov, over the phone and in person.”
If you would like to donate to the victims there are several ways in which you can. The LA Times wrote an article with several suggestions of how to help the wildfire victims.
Read the AP's article for all the details of the e-mail scam.
Who would have thought that a big company like SuperValu would be susceptible to an e-mail scam and almost lose $10 million?! Well, it happened just a few months ago. In February they received e-mails supposedly from American Greetings Corp. and Frito-Lay indicating new bank accounts had been set up and payments should be wired to these new accounts.
Has anyone at SuperValu ever read about "phishing' or other email scams? I guess not...
Without making any inquiries with the two companies about the change in accounts, SuperValu just started sending payments to the accounts indicated in the e-mail. After a week, nine payments and $6.5 million later, it was discovered that the new account with American Greetings was fraudulent. Meanwhile, another $3.6 million was being sent to the fraudulent Frito-Lay account. Luckily, for SuperValu, the FBI was able to get right on it and recover the money before it disappeared.
“SuperValu was the target of attempted financial fraud,” company spokeswoman Haley Meyer wrote in a prepared statement. “We were able to quickly discover and report this to the FBI. As a result of the quick work of the Boise FBI Office and the U.S. Attorney, any funds lost are minimal.”
Fortunate as it may seem, it’s not quite time to break out the bubbly. American Greetings and Frito-Lay are demanding that they get paid – and rightly so. But the matter has been turned over to a judge to decide how the money is going to be allocated. It’s a shame that such fairy-tale endings don’t happen for most individuals who fall victim to e-mail scams. Here's the link the the whole tale from the Idaho Statesman.
Maybe you're not ready to celebrate, but telemarketers all over the country are excited about the big day. Why, you may ask? Because your telephone number will automatically come off the Do Not Call list and back onto the desks of telemarketers. How can that be? Well, here's a refresher course on how the Do Not Call Registry works:
After years of research, workshops, and meetings, as well as much consideration and input from over 64,000 people like you and me, the FTC and FCC came up the Do Not Call Registry. The registry was created to give you the right to opt out of annoying telemarketing calls. To sign up, you only have to call or fill out a form on to a website and submit your phone number. Telemarketers then have 31 days to remove your name from their call lists. Beautiful!
Not so fast...
Apparently the telemarketers didn’t like the idea that once someone signed up they might never hear from a telemarketer again. Out of their concern for you (right!), the telemarketers pushed the FTC to create a rule that after five years of being on the registry a phone number would automatically be removed and put back on call lists. The FTC agreed and this is why the DNC Registry’s fifth anniversary has telemarketers salivating. Your telephone is ready to start ringing again. Are you ready?
So what can you do?
Just re-register your number for the Do Not Call list. It takes less than 2 minutes and you can do it by phone or web site.
Get all the details on how to re-register your name...
UPDATE: It appears that the "FTC Pledges Not to Drop Any Numbers From Do Not Call Registry, Pending Final Congressional or Agency Action on Whether to Make Registration Permanent the registry pending"
Who would have thought that befriending a frog could be dangerous? Well, it is, if that frog has access to things like your e-mail address, birth date, home address, work info or school info. You may say to yourself that you would never be so foolish, but what kind of info do you post on social network pages?
The security company Sophos did a study and to find out what kind of information people are sharing and how easy it is to get hold of it. So, they created “Freddi Staur” - a fake Facebook user - then sent out 200 friend invites.
“Of the 200 people contacted, 87 responded and agreed to be friends … 82% of them gave "Freddi" an open view of their profiles … 72% divulged at least one of their e-mail addresses, 84% gave up their date of birth, and 87% offered details about where they went to school and where they work.”
Having personal information on your profile isn’t the problem. The problem is who has access to the info because it could be used to steal your identity. While it may be cool to have lots of friends - even if it's just a frog - you need to stop and think what kind of information you are giving them and how safe you really are.
Read all the study details on the Sophos web site.
Update:
If one study isn't convincing enough, here is another. The BBC show Watchdog did a very similar study to Sophos study. They created a false identity and befriended people on facebook. Then they took their study one step further. They actually opened bank accounts and credit cards using the information of an individual that was provided on their profile! Social networks are not as safe as we would like to think. Read all the study details on the BBC web site.
Need another reason to be cautious of social networks? Here's one, facebook employees can track what profiles you are looking at. Yep, not only can the look at anyone's profile they can track the profiles that people look at. While it may weird you out, it also helps keep people safe. Check out the story and decide for yourself.
Netcraft, a provider of internet security services and research, is reporting that a recent batch of phishing web sites targeting Chase Bank and eBay were hosted by state-owned Chinese Construction Bank. This apparently is the first time a bank's servers have been used to attack another bank.
The phishing emails were sent out in mid-March offering $20 for users to fill out a survey. As part of the survey, users were asked for their account username and password, credit card number, PIN, and security number as well as their SSN and mother's maiden name. The phishing pages were hosted on an IP address assigned to China Construction Bank, Shanghai Branch.
It's unclear if the attack was generated by the bank itself, by one of its employees, or by someone who had compromised the bank's servers.
Have you seen ads like this on the internet and wondered if they're for real?
Well, they're for real, but I don't advise signing up for this kind of deal. Here's why...
When you see any "free" offer, you should be very careful. Very few things are really free. You should ask yourself these kinds of questions:
Question:
An ipod costs $69 to $399 dollars. How are they paying for it if they're giving it to me for free?
Answer: You have to give them something of value.
Question:
What do I have that's valuable to them?
Answer: A lot.
- Your personal information - you have to give them your name, email, home address, gender, date of birth, and phone number. They use this information to send offers to your email account, to your home via direct mail, and to your phone with telemarketers.
- Your credit card - you also are required to sign up for one of the offers they present to you. All of these offers will involve giving them your credit card number. The offers are things like a Blockbuster online rental membership, DVD and music clubs, credit card offers, ringtones & horoscopes. They are paid a bounty from these companies when you sign up. Companies will pay anywhere from $10 - $70 per sign up.
- Your friends and family - in order to qualify for the free item you have to get 5 friends or family members to sign up AND request one of their offers.
See how the money is now adding up? The company will receive possibly $40 per sign up which equals $240 (6 users x $40).
Were you worried they weren't going to make any money on this deal? Don't worry, they will still make more.
In fact, Eliot Spitzer, the fireball New York Attorney General has recently filed suit against Gratis Internet, the parent company of sites Freeipods.com, FreeCDs.com, FreeDVDs.com, and FreeVideoGames.com (just an aside - "gratis" means "free" in Spanish).
The suit alleges that Gratis:
"... sold personal information obtained from millions of consumers under a strict promise of confidentiality.
From 2000 through 2004 Gratis made numerous explicit promises to the users of its web sites about protecting personal information. Among the promises the company made were:
'We will never give out, sell or lend your name or information to anyone';
'We will never lend, sell or give out for any reason your email address or personal information';
'We at [Gratis web site] respect your privacy and do not sell, rent or loan any personally identifiable information regarding our customers to any third party'; and
'Please note that we do not provide your E-mail address to our business partners.'
Even on its sign-up pages, Gratis promised consumers that it 'does not . . . sell/rent emails.'
However, the Attorney General’s investigation confirmed that Gratis’s owners, Peter Martin and Robert Jewell, repeatedly violated these promises during 2004 and 2005 by selling access to lists of millions of Gratis’s customers to three independent email marketers. The marketers then sent hundreds of millions of email solicitations to those users, on behalf of their own customers. In each of these deals, Gratis wrongfully shared between one and seven million confidential user records.
This is believed to be the largest deliberate breach of a privacy policy ever discovered by U.S. law enforcement.
Need another reason to avoid offers like these?
Here's a good one - if you jump through all their hoops and qualify for your free ipod, you'll have to send them an IRS W-9 form, since the iPod's value will have to be counted as revenue.
What information is provided on a W9? Oh, only your name, address, and Social Security Number. Is that the kind of information you want in the hands of these people? I don't think so.
Save your pennies and buy your own stinking iPod. That's what I recommend.
Fidelity Investments lost a laptop that had sensitive employee information for 196,000 current and former HP employees. The employes were told this week that they are at risk for identity theft and that they should take steps to protect themselves.
Here's part of the email that went out to HP employees:
"This is to let you know that Fidelity Investments, record-keeper for the HP retirement plans, recently had a laptop computer stolen that contained personal information about you, including your name, address, social security number and compensation."
A web site has been set up that "includes some immediate steps that you can take to protect yourself, as well as information about how to enroll for a 12-month period of credit monitoring at no cost to you and a Fidelity call center number in case you have additional questions."
This is just the latest in string of laptop losses that have affected employees at Sun, Cisco and IBM. It's unclear if the laptops are being targeted because of the information they contain, or if it's just random theft. My guess would be random theft.
When I worked in the corporate world, laptops disappeared on a regular basis. Thieves are able to dress like the typical corporate type (tan slacks, blue dress shirt, just the right amount of hair mousse) and sneak into one of our offices. From there they'd look for an unattended laptop, pick it up, and carry it out the door as if they were rushing off to attend the next staff meeting.
Anyway...
Fidelity has good news for those affected. It appears the data was encrypted and the encryption key has expired on the machine - making the data more difficult to extract.
Here's Fidelity's take on the situation:
"At this time, we are unaware of any misuse of the information contained in the software on the laptop," said Fidelity spokeswoman Anne Crowley. "The application was running on a temporary license from a third-party software vendor. The license has expired. Since the expiration of the license, the scrambled data would be difficult to interpret and generally unusable.
We have taken steps to implement extra security processes requiring additional authentication for access to those HP accounts as well as other measures to prevent unauthorized use. We have also employed additional security controls above and beyond our already significant monitoring activity to identify if there is any unusual activity in these accounts. Further, we have reviewed activity in the HP accounts and have found no indication of unusual or suspicious activity."
The bottom line is that no matter how careful you are, someone else's blunder can expose you to identity theft. The only way to avoid it is to withdraw from modern society. I'd personally rather have the 401k money.
To shred or to tear: that is the question. Robert Cockerham of cockeyed.com decided to put the matter to a test. His test subject? A newly received Chase Mastercard pre-approved application.
Step 1: Robert tears the application into small pieces.
Step: 2: Robert meticulously lines the torn pieces up and tapes them together, like so.
Step 3: Robert fills out the application, replacing the current billing address with a new one (his parent's house) and using his cell phone as the phone number on the new account.
With that, he mails it in.
Step 4: Robert excitedly receives his new credit card at his parent's house and activates it using his cell phone.
Analysis:
- Tearing up your sensitive documents is not sufficient.
- Some creditors will process applications, even if they've been torn up, taped together and have a new address.
- A criminal could easily apply for credit in your name, change the address, and activate the account via a pre-paid cell phone. You wouldn't even know what happened until creditors started calling you about your unpaid bills.
- You must destroy all sensitive documents using a cross-cut shredder
before placing them in the trash.
- Better yet, opt-out of pre-approved offers and give your shredder and the recyclers a rest.
Read the whole story on Cockeyed.com.
Special Offers
Connect With Us
We invite you to become a fan of Fight Identity Theft or just join in the discussion.
Subscribe to Breaking News
Subscribe to Fight Identity Theft and receive top stories and breaking news via email.
Recent Blog Entries
Blog Archives
- November, 2009 (4)
- October, 2009 (6)
- September, 2009 (2)
- August, 2009 (3)
- April, 2009 (2)
- February, 2009 (3)
- January, 2009 (8)
- December, 2008 (8)
- March, 2008 (1)
- January, 2008 (1)
- December, 2007 (3)
- November, 2007 (2)
- October, 2007 (3)
- May, 2006 (1)
- March, 2006 (4)
- February, 2006 (4)
- January, 2006 (10)
- December, 2005 (7)
- July, 2005 (3)
- June, 2005 (4)
- May, 2005 (5)
- March, 2005 (1)
- Credit (12)
- Fraud (36)
- Government (20)
- Identity Theft (37)
- Junk Mail (5)
- Phishing (12)
- Privacy (19)
- Scam (30)
- Technology (50)
- Telemarketing (2)
- Viruses (11)
- Visitor Stories (1)
- Worms (11)
