DK Firearms

Bank Account Stolen!

The #1 community for Gun Owners in Texas

Member Benefits:

  • Fewer Ads!
  • Discuss all aspects of firearm ownership
  • Discuss anti-gun legislation
  • Buy, sell, and trade in the classified section
  • Chat with Local gun shops, ranges, trainers & other businesses
  • Discover free outdoor shooting areas
  • View up to date on firearm-related events
  • Share photos & video with other members
  • ...and so much more!
  • STXdevilsquid

    Active Member
    Rating - 0%
    0   0   0
    Feb 14, 2013
    783
    31
    Live Oak
    PSA before I start, go to www.familytreenow.com/optout and opt out. That site has way too much personal info. I'd opt out your family members too. Anyone can see your addresses and families info.

    i got a text a couple days ago from my bank (USAA) giving me a temporary pin, then two more saying my debit card has been removed from my mobile devices. I knew t wasn't me so I called USAA and froze my account. Someone had called in saying they were me and had enough info to get in. They failed a few of the items and they still let them in and start changing stuff.
    USAA has been good helping me get everything set back up and requires certain things now for my account.

    So my questions are has anyone had any experience with ID theft, and lessons learned, services they have signed up for, is Lifelock worth it? Anyone using Lifelock or similar services and think it's worth it?
    I am sure my info is out there because of the breaches in our fine government and their systems. I did sign up for the IDCare service provided after one of the breaches, but is that enough?
    Hurley's Gold
     

    STXdevilsquid

    Active Member
    Rating - 0%
    0   0   0
    Feb 14, 2013
    783
    31
    Live Oak
    Name, city, year of birth? No thanks.

    You don't have to give that stuff.
    IMG_0028.jpg

    Do as you wish, this site was on Fox News and this is the email I received on .mil email.
    here are the directions. If you follow them you don't have to give the info. If you search and you will see what's already in there.
     

    karlac

    Lately too damn busy to have Gone fishin' ...
    TGT Supporter
    Lifetime Member
    Rating - 0%
    0   0   0
    Aug 21, 2013
    11,773
    96
    Houston & Hot Springs
    Sorry to hear that.
    Were you using USAA's two factor authentication?
    Did you have txt message alerts turned on?

    IMO, gotta be careful how you implement USAA's 2FA.

    They allow you to use email addresses as an option and in many cases gaining control over your email from all these breaches lately is what lets the dogs out.

    Been using yubikey on all accounts that support it.
    Wish USAA would implement it.
    Security is relative, but everything that bolsters the username/password systems helps.
     

    STXdevilsquid

    Active Member
    Rating - 0%
    0   0   0
    Feb 14, 2013
    783
    31
    Live Oak
    DEPARTMENT OF THE ARMY
    United States Army Criminal Investigation


    24 Jan


    3. Subject(s):Unknown.
    ALERT: A new public website [COLOR=rgb(0.000000%, 0.000000%, 100.000000%)]http://www.familytreenow.com [/COLOR]providesinformation on a person’s full name, age, birth year, aliases, and current and pastaddresses. The website also includes the full name, age, and birth year ofpossible associates and relatives. While this is not a crime, it does present asecurity threat in today’s climate for Commander’s, Soldiers, DOD Civilians andtheir family’s safety. This website is free and contains no safe guards to ensurethe person conducting the search has a need to know or viable reason to besearching for the information.
    In order to safeguard your information and have it removed from the Family TreeNow website follow the following steps:

    • - Type [COLOR=rgb(0.000000%, 0.000000%, 100.000000%)]http://www.familytreenow.com/optout [/COLOR]into your search engine
    • - Read the step by step instructions listed and click the square marked “I’m
      not a robot.”
    • - Once a green check mark appears next to “I’m not a robot” click on theBegin Opt Out Procedure.
    • - The page will redirect you to a search page. Enter your name and clicksearch. (You may have to try variations of your full name.)


    page1image16424
    page1image16584

    CIRC-KBN
    SUBJECT: Criminal Alert Notice


    • - The website will provide a results page of possible matches for yourname. Find your information by clicking on the record details.
    • - Once you find and verify it is your record and not someone else with yoursurname click on the “Opt Out” button on the page. The page will berefreshed with a message that reads “Your opt out request is beingprocessed. Please allow up to 48 hours for your record to be removed.”
      CID requests the community to be vigilant with public websites and theinformation posted to these websites. Ensure your personal information and yourfamily’s personal information is protected and not available to the public.
     

    STXdevilsquid

    Active Member
    Rating - 0%
    0   0   0
    Feb 14, 2013
    783
    31
    Live Oak
    Sorry to hear that.
    Were you using USAA's two factor authentication?
    Did you have txt message alerts turned on?

    IMO, gotta be careful how you implement USAA's 2FA.

    They allow you to use email addresses as an option and in many cases gaining control over your email from all these breaches lately is what lets the dogs out.

    Been using yubikey on all accounts that support it.
    Wish USAA would implement it.
    Security is relative, but everything that bolsters the username/password systems helps.

    i do use the 2 factor text, that's one thing f the things he failed and they still let him in. The text alerts is how I found out it was going on. 10 mins after I froze my account he tried using it and was declined, so there's some good news. If I wouldn't have gotten my alerts when I did, he would have been able to use it.
     

    majormadmax

    Úlfhéðnar
    Rating - 100%
    9   0   0
    Aug 27, 2009
    15,839
    96
    San Antonio!
    Disregard, I just had to start the process again from the very beginning.

    I also recommend opting out any deceased relatives that are listed. Their PII can be stolen as well!

    Cheers! M2
     
    Last edited:

    Southpaw

    Forum BSer
    Rating - 100%
    14   0   0
    Mar 30, 2009
    17,862
    96
    Guadalupe Co.
    Disregard, I just had to start the process again from the very beginning.

    I also recommend opting out any deceased relatives that are listed. Their PII can be stolen as well!

    Cheers! M2

    Also took down my wife's. Opt out here is kind of trying to put the genie back in the bottle because it's all public information but it certainly can't hurt.

    Prior to the last time I moved I opened up a PO Box and it seems to be a good thing for databases like this. Minus the paid sites that use actual DMV data dumps sold to them by Texas, my current street address has never showed up on these sort of sites.

    Sorry to hear about your bank account STX, thanks for the heads up.
     

    karlac

    Lately too damn busy to have Gone fishin' ...
    TGT Supporter
    Lifetime Member
    Rating - 0%
    0   0   0
    Aug 21, 2013
    11,773
    96
    Houston & Hot Springs
    i do use the 2 factor text, that's one thing f the things he failed and they still let him in. The text alerts is how I found out it was going on. 10 mins after I froze my account he tried using it and was declined, so there's some good news. If I wouldn't have gotten my alerts when I did, he would have been able to use it.

    Damn ... So basically USAA let someone social engineer them into giving them access.
    Deja vu Apple all over again .... I'm pretty much doing exactly what you had instituted.

    If you can do so without compromise, anything further that you learned that can help other's of us using USAA from the same fate?
    Thanks!
     

    STXdevilsquid

    Active Member
    Rating - 0%
    0   0   0
    Feb 14, 2013
    783
    31
    Live Oak
    Damn ... So basically USAA let someone social engineer them into giving them access.
    Deja vu Apple all over again .... I'm pretty much doing exactly what you had instituted.

    If you can do so without compromise, anything further that you learned that can help other's of us using USAA from the same fate?
    Thanks!

    Thye can put notes in with verbal phone password, Also the questions that you put answers to you can put lies in there, or you can put numbers instead of letters, because a lot of those answers can be found on social media, or in a data base somewhere.

    This world is getting worse. They don't pursue these people and they just keep doing it. I would think in a multi bllion dollar world, this stuff must add up.
     

    Brains

    One of the idiots
    Rating - 100%
    3   0   0
    Apr 9, 2013
    6,904
    96
    Spring
    Financial institutions have to toe the line between "security" and people who BARELY remember their own name, much less be able to keep track of secure authentication credentials. Until this changes and there's a secure authentication method for people with the mental acuity of an earthworm, banks will continue to use account verification methods anyone can figure out with a quick Google search. Yes, I've had it done to me - one bank was very helpful getting "me" (hint: not me) access to my credit card rewards. How did the thief pull it off? Resoundingly simple method actually, by merely playing stupid. By answering what they could from Google, and answering "oh I can't remember what I typed there lol" to everything else, the bank decided that was enough and let them in. Cost them a few hundred for the trouble, thankfully they didn't put a fight giving it all back when I noticed it. Another bank I have never done business with decided it was perfectly OK to issue a credit card in my name, to someone NOT at my address or even in a state I've ever lived. Twice, not quite six weeks apart. Fun fact? My credit history info is already locked with the 'big three' - they just didn't bother to go beyond the promotional checks. To add a bit of humor on top, they completely refused to give me the address where "my" credit card was mailed.
     

    STXdevilsquid

    Active Member
    Rating - 0%
    0   0   0
    Feb 14, 2013
    783
    31
    Live Oak
    Financial institutions have to toe the line between "security" and people who BARELY remember their own name, much less be able to keep track of secure authentication credentials. Until this changes and there's a secure authentication method for people with the mental acuity of an earthworm, banks will continue to use account verification methods anyone can figure out with a quick Google search. Yes, I've had it done to me - one bank was very helpful getting "me" (hint: not me) access to my credit card rewards. How did the thief pull it off? Resoundingly simple method actually, by merely playing stupid. By answering what they could from Google, and answering "oh I can't remember what I typed there lol" to everything else, the bank decided that was enough and let them in. Cost them a few hundred for the trouble, thankfully they didn't put a fight giving it all back when I noticed it. Another bank I have never done business with decided it was perfectly OK to issue a credit card in my name, to someone NOT at my address or even in a state I've ever lived. Twice, not quite six weeks apart. Fun fact? My credit history info is already locked with the 'big three' - they just didn't bother to go beyond the promotional checks. To add a bit of humor on top, they completely refused to give me the address where "my" credit card was mailed.

    I don't understand why they don't try to catch these people. It couldn't be that hard, just wait until they use it, then get video or go to shipping address. There must be something else.
     

    TheDan

    deplorable malcontent scofflaw
    Rating - 100%
    8   0   0
    Nov 11, 2008
    27,536
    96
    Austin - Rockdale
    I don't understand why they don't try to catch these people. It couldn't be that hard, just wait until they use it, then get video or go to shipping address. There must be something else.
    I wonder if the crooks are caught, then they have to peruse them for damages vs. it being a total loss that is covered by insurance.

    ...or maybe they make so much money that taking the 15min to identify the criminals just isn't worth the effort.
     

    Brains

    One of the idiots
    Rating - 100%
    3   0   0
    Apr 9, 2013
    6,904
    96
    Spring
    Exactly... Have you ever heard about getting blood from a turnip? Ultimately it's just cheaper to eat the loss or file an insurance claim for the money (yep, they are insured against these losses) than it is to pay staff to collect enough information to pursue a case.

    Now if the amount exceeds a certain amount (10k? not sure) the feds might (in theory) get involved, but unlikely because work is hard and this is ultimately seen as a victimless crime. After all, the IRS steals WAY more than this and nobody bats an eye :what: They did just catch a guy in Lithuania who siphoned millions from large US corps by tricking them into sending wire transfers, obviously a bit more worth their while. Large corps contribute to super PACs after all.
     

    45tex

    TGT Addict
    Rating - 0%
    0   0   0
    Feb 1, 2009
    3,449
    96
    Kid down the street got into my WiFi/computer and bought a new Mac computer. Bank refunded the $1700 and said it was not enough for them to bother with. He ordered it in his own name.
     
    Top Bottom