It’s been a little over three weeks since I published my harrowing experience dealing with bank fraud and something called an Auto ACH Out. In that time, it became amazingly clear that I wasn’t the only person who was impacted. I’d like to do a quick summary post if you have had a similar experience with some things I learned and some recommended courses of action.
From the moment I posted the original story, the hits to my blog started exploding immediately. It went from a robust average of 6-8 a day to anywhere from 200-300 a day. As of 4/2, the story has been viewed 1193 and that doesn’t include the number when it was located on the front page (the front page had 1038 hits in the last 30 days). As of this writing, there has also been 59 comments… And, as an added bonus, even 18 people viewed the About Me link (you can also check me out on Google+ here)! Hooray! Jokes aside, this isn’t an isolated incident. There has, without question, been a data breach and it seems the banks affected are still in denial.
Summary of The Issue
Judging from the comments, it appears there is a scam going on due to a security breach somewhere…. probably from a 3rd Party Processing company. This is especially scary because this means that multiple banks could have been breached. To name a few from the comments…. Everhome, Capital One, M&I, 5/3, PNC, etc.
Equally scary is that nothing has been announced and the banks haven’t been proactive about the breach (Although Everhome did reach out personally to let me know they weren’t aware of a breach on their end).
If I do the quick math based on hits to this site…. I’ll conservatively estimate that the article has generated 1500 hits between the front page and the direct link to the story. I doubt anyone would hit the keyword unless they had an unauthorized breach on their account…. However, we’ll say 75% of those who viewed the site had the breach occur to them. This puts the number of impacted people at 1125. At $29.95 each x 1125, the scammers could have netted close to $33693.75 in only three weeks. And that’s just from people who found their way to my blog.
My Actions and Resolution
After making numerous phone calls, I was able to get the charge reversed. Global Web backed out the charge and Capital One also reversed the charge. I let Capital One know on March 28th that the charge had been reversed, but they didn’t seem too concerned. I have also had my checking account number changed to ensure the number isn’t readily available. Getting the account number changed is probably the most important because once someone has access, it’s much easier to repeat the scam. I’m still amazed how easy this was for the scammers. Logically, I would expect to have to authorize all auto-ach out’s as a common sense security measure.
Recommended Actions if This Happens to You
A lot of people in the comments of the original post have posted phone numbers and recommendations based on various banks. Some of these also include contacting various law enforcement agencies and also the FCC.
In my opinion, I think the first thing to do is contact your bank and let them know there has been a breach. This should involve them backing out the charge and also getting you a new account number. If the bank wants you to pay for a service to keep fraud from happening, it’s time to switch to a new bank (See SL’s comment on the original story).
Next, I would contact the number (if available) on the Auto-ACH and get them to back out the charge and let them know it is fraud. If they end of backing out the charge, contact your bank and let them know, but still change your account number. It’s a pain in the butt, but it absolutely needs to be done.
It’s unfortunate that people do this to others, but it is a fact of life. Knowing the facts and the processes can make dealing with it a lot easier.
If you have any additional recommendations or stories you’d like to share with others, I encourage you to drop a note in the comments.