This is a true story passed on to me from the actual victim who is a client of mine and actually became aware of this fraud the day I listed her home. She wrote this excellent essay and sent it to me so that I may post it here, feel free to copy, repost or send to clients as your own:
We were the victims of "Phishing" Fraud". "Phishing" is an email scam used to determine a user's identity, and or passwords and login information as well as determining what a user is authorized to access, such as secure electronic information held in financial databases. The most common form of authentication is user name and password.
"Phishing" is apparently wide spread and has been for some time now. Although I had never heard of it until now - I have learned that I am among the masses of people who have never heard of "Phishing" or the term itself. I am not sure why we are not informed directly about "Phishing Fraud" by our financial institutions and/or credit card companies. I do understand there is now an alert message on the websites of many banks - to caution people about this sort of Fraud. This is not exclusive to banking and credit cards either. Pay Pal and even Facebook and many other things you have login ID's have been known to send emails that look very legitimate and will ask you to enter your Login information from a link in the email. DON'T DO IT!
The individual who "Phished" our bank account information had access for several days - before the successful attempt was made to transfer funds. The information they could access but is not limited to; bank accounts, bill payees - which may include; credit cards and account information, account numbers, and sadly my social insurance number - which was used by MSP as an account number. MSP has just changed this policy of using Social Insurance Numbers for ID numbers effective sometime in January 2010, however I was not made aware of this change either. COST: To Be Determined
At the time of the incident, MSP was set up as a Bill Payee which included the SIN as the account number. Had I known the levity of the situation, I would have deleted this Bill Payee from my online banking which was set up as telebanking over 10 years ago.
You can change account numbers for most things, but your SIN cannot be changed unless you can prove someone has used it in a fraudulent manner. The one thing you cannot change when your SIN is compromised is the number. In my life, I have never been asked to show this piece of ID to anyone - but I do know the number by heart. I keep the card itself in a Safe Deposit box in the Bank. This criminal could also see our address (and both names on the joint accounts) as our bank statements could be viewed in PDF format (viewable as though you took a picture of the Statement you receive in the mail). This statement was available for viewing - 6 months worth of them! They could also see all the things we buy, transfers we made the type of transactions we perform, pay cheques that are deposited automatically which tells the individual where you work. They could see a lot of information about us! Much worse than losing your wallet which contains your Identification.
When I called to change account information and update security passwords, it was shocking to learn that the handful of questions they ask you - is known to the criminal as a result of "Phishing" the account. I then changed all passwords to a word known only to me that is never used for any other purpose.
What we had to do to protect ourselves.....and I implore you to take the time while you are not in the midst of being the victim of something like this to protect yourself.
We had to take 12 days and over 100 hours of time making phone calls, sending, letters, emails, and faxes and attend personal meetings with Financial institutions to close all accounts. We had to cancel every credit card, and debit card and wait for new ones. We had to phone many companies with voice response systems (Press 1, Press 2 and then wait for great lengths of time in some cases over an hour for each company - to explain the situation to them and cancel the accounts and figure out how to continue to live while this occurs - these things take time I can assure you.
Meanwhile our life was truly frozen financially. This was for all of our Payees. This process required the ultimate priority to protect ourselves and our banks and credit cards immediately! We had to locate and find the fax numbers to over 50 payees we deal with both in business and on a personal level and notify them of the Fraud (our Due Diligence). We also had to notify Equifax and Transunion Immediately of the Fraud so a Fraud Alert could be placed on our personal names. This will remain there for 6 years. We had to have a Computer company come to our home and offices to "clean our computers". Cost of this - $149 per computer (money well spent - value: PRICELESS).
The Police had to be notified and they informed me this is a "Preventable Crime", which did not make me feel much better - and truly made me feel as though I did something wrong. The Prevention part of this I suppose...make yourself aware of any Fraud that exists in the world? I suspect unethical individuals already have a work around with these as soon as it gets known. How do you educate yourself to think like a criminal?
I was lucky in this regard; I have a long standing personal relationship with my Financial Institution who knows us personally. They caught this in the very early stages. They have also moved mountains for us to try to get our lives back together and all of us have learned something as a result.
MY ADVICE TO ANYONE - Please forward this to everyone you know - the more we educate ourselves the better.
- DO NOT CLICK ON LINKS IN EMAILS - as soon as you click on the link - your Anti Virus software is "out of the loop" so to speak and no longer protects you. Inform your children not to click on links.
- DO NOT OPEN EMAILS FROM SOMEONE YOU DON'T KNOW. (Even if it looks like it's from someone you know and these emails really look like someone you know - trust me)
- TAKE EVERY PRECAUTION AND THEN TAKE SOME MORE TO PASSWORD YOUR FINANCIAL INFORMATION! Call your creditors and verbally password your accounts. (It was scary how few "security questions" were asked before I was able to access my information and close or open new accounts). Even after they were notified of the Fraud.
- USE AN ANTIVIRUS SOFTWARE THAT COSTS MONEY - (free ones are not as secure - imagine why you are offered free ones - nothing good is free).
- NEVER GIVE OUT YOUR LOGIN AND PASSWORD INFORMATION TO ANYONE - Of course that much I knew. I would surely not have given out this information over the phone when I was asked - nor would I discuss it with anyone, however they still "Got me".
- ON THE PHONE OR IN AN EMAIL - EVEN IF IT LOOKS/SOUNDS LIKE IT IS FROM YOUR BANK, OR CREDIT CARD COMPANY (I can assure you, these emails look just like the ones your bank might send you - right down to the email address). After you click the link, the screens you type your password and login information into look just like the screens the bank uses to login. Meanwhile this information is actually being "recorded". It even sends back a message after you type the password and login information. The message tells you the "Internet banking is not available right now due to maintenance...." and includes a toll free phone number to contact - I called that number and received a busy signal and thought nothing more of it. This gave the individual lots of time to "set up". It was some 5 days later when the Fraud Occurred.
- AFTER BANKING ONLINE - Clear your "Cache" and "Dump your Cookies". Google these words to find out how and what they mean and how to do it - and only go to Trusted Sites. I know those words have an unfamiliar meaning to most people in the world. Here's a tip to remember the importance of doing this....."Clearing your Cash" is what can happen to you. "Dumping your Cookies" - is really what you physically want to do after this happens to you. It is quite a roller coaster ride of emotions and stress, particularly to very busy or non savvy computer users or for the regular people who do not spend their days thinking up crimes.
- ALWAYS MANUALLY TYPE IN THE BANK'S WEBSITE ADDRESS
- ASK YOUR FINANICAL INSITUTIONS TO SHOW YOU WHAT THE FRAUDULENT EMAILS LOOK LIKE - So you KNOW!
I also learned that the Government never sends emails - did you know that? Did you know Banks never send emails? Did you know credit card companies also never send emails? I wish I had known that a few weeks ago.
Cost of Lesson: PRICELESS.
your Coquitlam, Port Coquitlam, Pitt Meadows, Maple Ridge and surrounding areas Realtor
Situated on the shores of the mighty Fraser River and nestled against the Coast Mountains, Maple Ridge is a mecca of adventure for the outdoor enthusiast. Located 45 kilometers east of Vancouver, it is a progressive community well-known for its beautiful countryside and spectacular scenery. It is a community of urban sophistication that retains a sense of rural charm.
flyg till köpenhamn
Highland View Farm Estates in Mission BC are 2 acre dream home lots, two of which are situated on a very private no through road. Surrounded by greenbelt, forest and watercourse but only limited by a 15M enviromental setback this lot is very buildable and offers stunning views of the mountains. Farmed by the current owners family for years without pesticide, the land beside your new home could even by used for organic farming. Located rurally but just a couple of minutes north of the city you're never too far away from the action.
Got an IPhone, IPad or IPod Touch and like to search MLS Real Estate listings of homes for sale in the Greater Vancouver, Fraser Valley and Whistler corridor?
