If I have given my bank details to someone by email what should I do now? [duplicate]
This question already has an answer here:
I gave a scammer my telephone number, address, and name. How bad is it?
2 answers
I have given someone my bank account details including my home address and phone number by email, supposedly so that money can be transferred into my account.
I am now quite sure this is a scam.
What do I do next, i.e. how do I protect myself from this scammer?
canada banking scams identity-theft
edited Dec 11 at 14:05
Ben Miller
76.5k19207274
asked Dec 11 at 10:15
Julianne bhana
9913
marked as duplicate by Pete B., JoeTaxpayer♦ Dec 12 at 3:36
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |
This question already has an answer here:
I gave a scammer my telephone number, address, and name. How bad is it?
2 answers
I have given someone my bank account details including my home address and phone number by email, supposedly so that money can be transferred into my account.
I am now quite sure this is a scam.
What do I do next, i.e. how do I protect myself from this scammer?
canada banking scams identity-theft
edited Dec 11 at 14:05
Ben Miller
76.5k19207274
asked Dec 11 at 10:15
Julianne bhana
9913
marked as duplicate by Pete B., JoeTaxpayer♦ Dec 12 at 3:36
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
34
Do your "bank account details" include your online banking password?
– Philipp
Dec 11 at 10:31
6
Did you provide a copy of your ID? Some criminals aim to get access by showing a (copy) of the ID to the bank.
– Willem Van Onsem
Dec 11 at 10:41
8
If money does show up in your account from a source you can't identify, don't touch it. Report it to the bank, let them figure it out.
– Steve-O
Dec 11 at 14:18
5
Just by paying someone with a check you give a lot of bank account details out. Have you given more that could be found on the face of a check?
– SolutionMill
Dec 11 at 17:05
Close the account and open another. But I don't think they can do something with your details.
– i486
Dec 11 at 20:42
add a comment |
This question already has an answer here:
I gave a scammer my telephone number, address, and name. How bad is it?
2 answers
I have given someone my bank account details including my home address and phone number by email, supposedly so that money can be transferred into my account.
I am now quite sure this is a scam.
What do I do next, i.e. how do I protect myself from this scammer?
canada banking scams identity-theft
edited Dec 11 at 14:05
Ben Miller
76.5k19207274
asked Dec 11 at 10:15
Julianne bhana
9913
This question already has an answer here:
I gave a scammer my telephone number, address, and name. How bad is it?
2 answers
I have given someone my bank account details including my home address and phone number by email, supposedly so that money can be transferred into my account.
I am now quite sure this is a scam.
What do I do next, i.e. how do I protect myself from this scammer?
This question already has an answer here:
I gave a scammer my telephone number, address, and name. How bad is it?
2 answers
canada banking scams identity-theft
canada banking scams identity-theft
edited Dec 11 at 14:05
Ben Miller
76.5k19207274
asked Dec 11 at 10:15
Julianne bhana
9913
edited Dec 11 at 14:05
Ben Miller
76.5k19207274
asked Dec 11 at 10:15
Julianne bhana
9913
edited Dec 11 at 14:05
Ben Miller
76.5k19207274
edited Dec 11 at 14:05
Ben Miller
76.5k19207274
edited Dec 11 at 14:05
Ben Miller
76.5k19207274
76.5k19207274
asked Dec 11 at 10:15
Julianne bhana
9913
asked Dec 11 at 10:15
Julianne bhana
9913
asked Dec 11 at 10:15
Julianne bhana
9913
9913
marked as duplicate by Pete B., JoeTaxpayer♦ Dec 12 at 3:36
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by Pete B., JoeTaxpayer♦ Dec 12 at 3:36
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
34
Do your "bank account details" include your online banking password?
– Philipp
Dec 11 at 10:31
6
Did you provide a copy of your ID? Some criminals aim to get access by showing a (copy) of the ID to the bank.
– Willem Van Onsem
Dec 11 at 10:41
8
If money does show up in your account from a source you can't identify, don't touch it. Report it to the bank, let them figure it out.
– Steve-O
Dec 11 at 14:18
5
Just by paying someone with a check you give a lot of bank account details out. Have you given more that could be found on the face of a check?
– SolutionMill
Dec 11 at 17:05
Close the account and open another. But I don't think they can do something with your details.
– i486
Dec 11 at 20:42
add a comment |
34
Do your "bank account details" include your online banking password?
– Philipp
Dec 11 at 10:31
6
Did you provide a copy of your ID? Some criminals aim to get access by showing a (copy) of the ID to the bank.
– Willem Van Onsem
Dec 11 at 10:41
8
If money does show up in your account from a source you can't identify, don't touch it. Report it to the bank, let them figure it out.
– Steve-O
Dec 11 at 14:18
5
Just by paying someone with a check you give a lot of bank account details out. Have you given more that could be found on the face of a check?
– SolutionMill
Dec 11 at 17:05
Close the account and open another. But I don't think they can do something with your details.
– i486
Dec 11 at 20:42
34
34
Do your "bank account details" include your online banking password?
– Philipp
Dec 11 at 10:31
Do your "bank account details" include your online banking password?
– Philipp
Dec 11 at 10:31
6
6
Did you provide a copy of your ID? Some criminals aim to get access by showing a (copy) of the ID to the bank.
– Willem Van Onsem
Dec 11 at 10:41
Did you provide a copy of your ID? Some criminals aim to get access by showing a (copy) of the ID to the bank.
– Willem Van Onsem
Dec 11 at 10:41
8
8
If money does show up in your account from a source you can't identify, don't touch it. Report it to the bank, let them figure it out.
– Steve-O
Dec 11 at 14:18
If money does show up in your account from a source you can't identify, don't touch it. Report it to the bank, let them figure it out.
– Steve-O
Dec 11 at 14:18
5
5
Just by paying someone with a check you give a lot of bank account details out. Have you given more that could be found on the face of a check?
– SolutionMill
Dec 11 at 17:05
Just by paying someone with a check you give a lot of bank account details out. Have you given more that could be found on the face of a check?
– SolutionMill
Dec 11 at 17:05
Close the account and open another. But I don't think they can do something with your details.
– i486
Dec 11 at 20:42
Close the account and open another. But I don't think they can do something with your details.
– i486
Dec 11 at 20:42
add a comment |
4 Answers
4
active
oldest
votes
Do not disclose any more information and change your passwords to the bank website. You might possibly have to change your phone number that you have linked to the bank account. This is important since you might be receiving One Time Passwords (OTPs) on the mobile number which can be used to gain access to your account.
Personally, I think physical address is not doing much of a harm, but report this to your bank and let them know that you have done this so they can call you in case there is a large transaction that is happening without your knowledge.
Ask them to get approval for any transactions above X amount (X being any amount in your currency that you deem large enough).
Keep an eye on your transactions and report any fraudulent transactions immediately.
Report the fraud to the police.
And most importantly, do not share any personal details to an unathorized person in future.
Be safe.
answered Dec 11 at 10:40
Arpit
36625
33
Ideally, you should insist that your bank should open a new account for you, close the compromised account and you should change any auto-debit or direct deposits to the new account.
– pboss3010
Dec 11 at 13:32
34
@pboss3010: Ideally, you should make that an Answer! ;)
– Daniel
Dec 11 at 13:33
2
@pboss3010 Except Arpit's answer is only stating what he should do to remediate the situation in the immediate sense - your suggestion is much more effective at completely solving the problem, and is definitely worth a full answer. I know that I scrolled down to see if I could upvote it right now, and was disappointed that it was not there.
– Zibbobz
Dec 11 at 17:16
1
"you might possibly have to change your phone number that you have linked" Why is that?
– xiaomy
Dec 11 at 20:27
1
@mckenzm Is it really practical or even possible for a scammer to try to port your phone number without you knowing? Given how often data breaches happen, if that's true I fear I'd be changing phone numbers every week.
– xiaomy
Dec 11 at 23:15
|
show 7 more comments
When you say "details" I don't know if that includes your username/password to online banking. If it does, first step is change that password, but you should do that while you're on the phone. Changing your password is not enough, you must also do the next step.
Tell your bank. Right now.
Call them on their customer support line. Don't wait for an opportunity to visit a branch.
Because they can provide practical defenses about what is about to happen. Or, if it's already happened, time is of the essence in reversing it.
The more proactive you are, the more likely you'll get your money back.
Then, do mop-up activities
Notify Google that the mail is a scam, Gmail provides a way to report that.
File a police report. They may not want to take your report unless the bad guy actually tried a transfer.
I am breaking these out into "mop-up" to emphasize that these are not as urgent, and don't do them first.
answered Dec 11 at 16:53
Harper
19.7k32966
What makes you think the scammer and/or OP is using GMail?
– mastov
Dec 14 at 10:41
@mastov I don't. I do work professionally in anti-spam, though. Every email provider provides a way to report spam on their platform.
– Harper
Dec 14 at 16:30
add a comment |
Report to your bank, close that compromised account and open a new account.
Change any password, create a new email account if you have to and never chat to the scammer.
edited Dec 12 at 3:33
kachan64
31
answered Dec 11 at 14:01
Mohd Danish
1195
add a comment |
What do I do next? how do I protect myself from this scammer?
As others have noted, your first phone call is to your bank's fraud department to inform them of the situation. They deal with this every day and can advise.
If you gave the scammers your mobile phone number then you have an additional problem to deal with. After you call the bank, call your mobile provider's fraud department. Make sure you get the fraud department; the front-line phone support people for mobile phone companies are frequently undertrained and incompetent when dealing with cases of fraud. A good friend of mine has been dealing with a mobile phone fraud recently, and the phone support people got it all wrong until she spoke to an expert in the fraud department.
The kinds of problems to anticipate if they have your mobile phone number include:
- They may execute a social engineering attack against your mobile phone provider to convince them that they are you, and that you've lost your phone, and get the company to replace it and charge your account. They get a new phone with your number, your phone gets deactivated, you pay for it, and then they use your phone number to commit more crimes. This is the situation my friend is in right now, and it is very upsetting. But it gets worse! The worse situation is:
- If they manage to get control of your phone number via social engineering attack, or bribing a phone company insider, or whatever, and they also have your email address, then they can execute the following series of steps: first, they'll attempt to log in to your email, but they won't have your password. Suppose you have two factor authentication turned on. They'll start the password reset process on your email account, and now they have "your" phone to satisfy the two-factor authentication, and they can reset your password to a password of their choice. Now they have your password and your email address, so they'll then read your emails and figure out what other services you registered that email to, and they'll reset the passwords on all of those as well.
- Then they'll look at your email contacts, your social networking friends, and so on, try to figure out which of them is the most gullible, and start further attacks against them. Got a grandparent? They'll get an email from you saying that you're in Paris and someone stole your wallet and grandma, can you send me $200 to this sketchy money company right away?
In short: our lives are in our phones, and many services use possession of a phone as a proxy for authorization. If they have your phone number, talk to a fraud specialist immediately, because these attackers will likely be sophisticated and know what to do with the resources they've got.
answered Dec 11 at 17:59
Eric Lippert
2,7631015
If it's really 2-factor-authentication then the phone is not enough to access the mail account - the phone is only ONE of the factors.
– mastov
Dec 14 at 10:47
@mastov: Indeed. Unfortunately, a lot of so-called "two factor" authentication systems are systems where one of the factors can be used to change the other. If logging in requires a password and a phone verification, but resetting your password only requires phone verification, then have you really got two factor authentication, or just the illusion of it? Also, plenty of people use two factor authentication where one of the authentications is very weak -- weak passwords, weak security questions, and so on.
– Eric Lippert
Dec 14 at 15:31
add a comment |
protected by Ganesh Sittampalam♦ Dec 11 at 14:10
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Do not disclose any more information and change your passwords to the bank website. You might possibly have to change your phone number that you have linked to the bank account. This is important since you might be receiving One Time Passwords (OTPs) on the mobile number which can be used to gain access to your account.
Personally, I think physical address is not doing much of a harm, but report this to your bank and let them know that you have done this so they can call you in case there is a large transaction that is happening without your knowledge.
Ask them to get approval for any transactions above X amount (X being any amount in your currency that you deem large enough).
Keep an eye on your transactions and report any fraudulent transactions immediately.
Report the fraud to the police.
And most importantly, do not share any personal details to an unathorized person in future.
Be safe.
answered Dec 11 at 10:40
Arpit
36625
33
Ideally, you should insist that your bank should open a new account for you, close the compromised account and you should change any auto-debit or direct deposits to the new account.
– pboss3010
Dec 11 at 13:32
34
@pboss3010: Ideally, you should make that an Answer! ;)
– Daniel
Dec 11 at 13:33
2
@pboss3010 Except Arpit's answer is only stating what he should do to remediate the situation in the immediate sense - your suggestion is much more effective at completely solving the problem, and is definitely worth a full answer. I know that I scrolled down to see if I could upvote it right now, and was disappointed that it was not there.
– Zibbobz
Dec 11 at 17:16
1
"you might possibly have to change your phone number that you have linked" Why is that?
– xiaomy
Dec 11 at 20:27
1
@mckenzm Is it really practical or even possible for a scammer to try to port your phone number without you knowing? Given how often data breaches happen, if that's true I fear I'd be changing phone numbers every week.
– xiaomy
Dec 11 at 23:15
|
show 7 more comments
Do not disclose any more information and change your passwords to the bank website. You might possibly have to change your phone number that you have linked to the bank account. This is important since you might be receiving One Time Passwords (OTPs) on the mobile number which can be used to gain access to your account.
Personally, I think physical address is not doing much of a harm, but report this to your bank and let them know that you have done this so they can call you in case there is a large transaction that is happening without your knowledge.
Ask them to get approval for any transactions above X amount (X being any amount in your currency that you deem large enough).
Keep an eye on your transactions and report any fraudulent transactions immediately.
Report the fraud to the police.
And most importantly, do not share any personal details to an unathorized person in future.
Be safe.
answered Dec 11 at 10:40
Arpit
36625
33
Ideally, you should insist that your bank should open a new account for you, close the compromised account and you should change any auto-debit or direct deposits to the new account.
– pboss3010
Dec 11 at 13:32
34
@pboss3010: Ideally, you should make that an Answer! ;)
– Daniel
Dec 11 at 13:33
2
@pboss3010 Except Arpit's answer is only stating what he should do to remediate the situation in the immediate sense - your suggestion is much more effective at completely solving the problem, and is definitely worth a full answer. I know that I scrolled down to see if I could upvote it right now, and was disappointed that it was not there.
– Zibbobz
Dec 11 at 17:16
1
"you might possibly have to change your phone number that you have linked" Why is that?
– xiaomy
Dec 11 at 20:27
1
@mckenzm Is it really practical or even possible for a scammer to try to port your phone number without you knowing? Given how often data breaches happen, if that's true I fear I'd be changing phone numbers every week.
– xiaomy
Dec 11 at 23:15
|
show 7 more comments
Do not disclose any more information and change your passwords to the bank website. You might possibly have to change your phone number that you have linked to the bank account. This is important since you might be receiving One Time Passwords (OTPs) on the mobile number which can be used to gain access to your account.
Personally, I think physical address is not doing much of a harm, but report this to your bank and let them know that you have done this so they can call you in case there is a large transaction that is happening without your knowledge.
Ask them to get approval for any transactions above X amount (X being any amount in your currency that you deem large enough).
Keep an eye on your transactions and report any fraudulent transactions immediately.
Report the fraud to the police.
And most importantly, do not share any personal details to an unathorized person in future.
Be safe.
answered Dec 11 at 10:40
Arpit
36625
Do not disclose any more information and change your passwords to the bank website. You might possibly have to change your phone number that you have linked to the bank account. This is important since you might be receiving One Time Passwords (OTPs) on the mobile number which can be used to gain access to your account.
Personally, I think physical address is not doing much of a harm, but report this to your bank and let them know that you have done this so they can call you in case there is a large transaction that is happening without your knowledge.
Ask them to get approval for any transactions above X amount (X being any amount in your currency that you deem large enough).
Keep an eye on your transactions and report any fraudulent transactions immediately.
Report the fraud to the police.
And most importantly, do not share any personal details to an unathorized person in future.
Be safe.
answered Dec 11 at 10:40
Arpit
36625
edited Dec 11 at 15:30
answered Dec 11 at 10:40
Arpit
36625
answered Dec 11 at 10:40
Arpit
36625
answered Dec 11 at 10:40
Arpit
36625
36625
33
Ideally, you should insist that your bank should open a new account for you, close the compromised account and you should change any auto-debit or direct deposits to the new account.
– pboss3010
Dec 11 at 13:32
34
@pboss3010: Ideally, you should make that an Answer! ;)
– Daniel
Dec 11 at 13:33
2
@pboss3010 Except Arpit's answer is only stating what he should do to remediate the situation in the immediate sense - your suggestion is much more effective at completely solving the problem, and is definitely worth a full answer. I know that I scrolled down to see if I could upvote it right now, and was disappointed that it was not there.
– Zibbobz
Dec 11 at 17:16
1
"you might possibly have to change your phone number that you have linked" Why is that?
– xiaomy
Dec 11 at 20:27
1
@mckenzm Is it really practical or even possible for a scammer to try to port your phone number without you knowing? Given how often data breaches happen, if that's true I fear I'd be changing phone numbers every week.
– xiaomy
Dec 11 at 23:15
|
show 7 more comments
33
Ideally, you should insist that your bank should open a new account for you, close the compromised account and you should change any auto-debit or direct deposits to the new account.
– pboss3010
Dec 11 at 13:32
34
@pboss3010: Ideally, you should make that an Answer! ;)
– Daniel
Dec 11 at 13:33
2
@pboss3010 Except Arpit's answer is only stating what he should do to remediate the situation in the immediate sense - your suggestion is much more effective at completely solving the problem, and is definitely worth a full answer. I know that I scrolled down to see if I could upvote it right now, and was disappointed that it was not there.
– Zibbobz
Dec 11 at 17:16
1
"you might possibly have to change your phone number that you have linked" Why is that?
– xiaomy
Dec 11 at 20:27
1
@mckenzm Is it really practical or even possible for a scammer to try to port your phone number without you knowing? Given how often data breaches happen, if that's true I fear I'd be changing phone numbers every week.
– xiaomy
Dec 11 at 23:15
33
33
Ideally, you should insist that your bank should open a new account for you, close the compromised account and you should change any auto-debit or direct deposits to the new account.
– pboss3010
Dec 11 at 13:32
Ideally, you should insist that your bank should open a new account for you, close the compromised account and you should change any auto-debit or direct deposits to the new account.
– pboss3010
Dec 11 at 13:32
34
34
@pboss3010: Ideally, you should make that an Answer! ;)
– Daniel
Dec 11 at 13:33
@pboss3010: Ideally, you should make that an Answer! ;)
– Daniel
Dec 11 at 13:33
2
2
@pboss3010 Except Arpit's answer is only stating what he should do to remediate the situation in the immediate sense - your suggestion is much more effective at completely solving the problem, and is definitely worth a full answer. I know that I scrolled down to see if I could upvote it right now, and was disappointed that it was not there.
– Zibbobz
Dec 11 at 17:16
@pboss3010 Except Arpit's answer is only stating what he should do to remediate the situation in the immediate sense - your suggestion is much more effective at completely solving the problem, and is definitely worth a full answer. I know that I scrolled down to see if I could upvote it right now, and was disappointed that it was not there.
– Zibbobz
Dec 11 at 17:16
1
1
"you might possibly have to change your phone number that you have linked" Why is that?
– xiaomy
Dec 11 at 20:27
"you might possibly have to change your phone number that you have linked" Why is that?
– xiaomy
Dec 11 at 20:27
1
1
@mckenzm Is it really practical or even possible for a scammer to try to port your phone number without you knowing? Given how often data breaches happen, if that's true I fear I'd be changing phone numbers every week.
– xiaomy
Dec 11 at 23:15
@mckenzm Is it really practical or even possible for a scammer to try to port your phone number without you knowing? Given how often data breaches happen, if that's true I fear I'd be changing phone numbers every week.
– xiaomy
Dec 11 at 23:15
|
show 7 more comments
When you say "details" I don't know if that includes your username/password to online banking. If it does, first step is change that password, but you should do that while you're on the phone. Changing your password is not enough, you must also do the next step.
Tell your bank. Right now.
Call them on their customer support line. Don't wait for an opportunity to visit a branch.
Because they can provide practical defenses about what is about to happen. Or, if it's already happened, time is of the essence in reversing it.
The more proactive you are, the more likely you'll get your money back.
Then, do mop-up activities
Notify Google that the mail is a scam, Gmail provides a way to report that.
File a police report. They may not want to take your report unless the bad guy actually tried a transfer.
I am breaking these out into "mop-up" to emphasize that these are not as urgent, and don't do them first.
answered Dec 11 at 16:53
Harper
19.7k32966
What makes you think the scammer and/or OP is using GMail?
– mastov
Dec 14 at 10:41
@mastov I don't. I do work professionally in anti-spam, though. Every email provider provides a way to report spam on their platform.
– Harper
Dec 14 at 16:30
add a comment |
When you say "details" I don't know if that includes your username/password to online banking. If it does, first step is change that password, but you should do that while you're on the phone. Changing your password is not enough, you must also do the next step.
Tell your bank. Right now.
Call them on their customer support line. Don't wait for an opportunity to visit a branch.
Because they can provide practical defenses about what is about to happen. Or, if it's already happened, time is of the essence in reversing it.
The more proactive you are, the more likely you'll get your money back.
Then, do mop-up activities
Notify Google that the mail is a scam, Gmail provides a way to report that.
File a police report. They may not want to take your report unless the bad guy actually tried a transfer.
I am breaking these out into "mop-up" to emphasize that these are not as urgent, and don't do them first.
answered Dec 11 at 16:53
Harper
19.7k32966
What makes you think the scammer and/or OP is using GMail?
– mastov
Dec 14 at 10:41
@mastov I don't. I do work professionally in anti-spam, though. Every email provider provides a way to report spam on their platform.
– Harper
Dec 14 at 16:30
add a comment |
When you say "details" I don't know if that includes your username/password to online banking. If it does, first step is change that password, but you should do that while you're on the phone. Changing your password is not enough, you must also do the next step.
Tell your bank. Right now.
Call them on their customer support line. Don't wait for an opportunity to visit a branch.
Because they can provide practical defenses about what is about to happen. Or, if it's already happened, time is of the essence in reversing it.
The more proactive you are, the more likely you'll get your money back.
Then, do mop-up activities
Notify Google that the mail is a scam, Gmail provides a way to report that.
File a police report. They may not want to take your report unless the bad guy actually tried a transfer.
I am breaking these out into "mop-up" to emphasize that these are not as urgent, and don't do them first.
answered Dec 11 at 16:53
Harper
19.7k32966
When you say "details" I don't know if that includes your username/password to online banking. If it does, first step is change that password, but you should do that while you're on the phone. Changing your password is not enough, you must also do the next step.
Tell your bank. Right now.
Call them on their customer support line. Don't wait for an opportunity to visit a branch.
Because they can provide practical defenses about what is about to happen. Or, if it's already happened, time is of the essence in reversing it.
The more proactive you are, the more likely you'll get your money back.
Then, do mop-up activities
Notify Google that the mail is a scam, Gmail provides a way to report that.
File a police report. They may not want to take your report unless the bad guy actually tried a transfer.
I am breaking these out into "mop-up" to emphasize that these are not as urgent, and don't do them first.
answered Dec 11 at 16:53
Harper
19.7k32966
answered Dec 11 at 16:53
Harper
19.7k32966
answered Dec 11 at 16:53
Harper
19.7k32966
answered Dec 11 at 16:53
Harper
19.7k32966
19.7k32966
What makes you think the scammer and/or OP is using GMail?
– mastov
Dec 14 at 10:41
@mastov I don't. I do work professionally in anti-spam, though. Every email provider provides a way to report spam on their platform.
– Harper
Dec 14 at 16:30
add a comment |
What makes you think the scammer and/or OP is using GMail?
– mastov
Dec 14 at 10:41
@mastov I don't. I do work professionally in anti-spam, though. Every email provider provides a way to report spam on their platform.
– Harper
Dec 14 at 16:30
What makes you think the scammer and/or OP is using GMail?
– mastov
Dec 14 at 10:41
What makes you think the scammer and/or OP is using GMail?
– mastov
Dec 14 at 10:41
@mastov I don't. I do work professionally in anti-spam, though. Every email provider provides a way to report spam on their platform.
– Harper
Dec 14 at 16:30
@mastov I don't. I do work professionally in anti-spam, though. Every email provider provides a way to report spam on their platform.
– Harper
Dec 14 at 16:30
add a comment |
Report to your bank, close that compromised account and open a new account.
Change any password, create a new email account if you have to and never chat to the scammer.
edited Dec 12 at 3:33
kachan64
31
answered Dec 11 at 14:01
Mohd Danish
1195
add a comment |
Report to your bank, close that compromised account and open a new account.
Change any password, create a new email account if you have to and never chat to the scammer.
edited Dec 12 at 3:33
kachan64
31
answered Dec 11 at 14:01
Mohd Danish
1195
add a comment |
Report to your bank, close that compromised account and open a new account.
Change any password, create a new email account if you have to and never chat to the scammer.
edited Dec 12 at 3:33
kachan64
31
answered Dec 11 at 14:01
Mohd Danish
1195
Report to your bank, close that compromised account and open a new account.
Change any password, create a new email account if you have to and never chat to the scammer.
edited Dec 12 at 3:33
kachan64
31
answered Dec 11 at 14:01
Mohd Danish
1195
edited Dec 12 at 3:33
kachan64
31
edited Dec 12 at 3:33
kachan64
31
edited Dec 12 at 3:33
kachan64
31
31
answered Dec 11 at 14:01
Mohd Danish
1195
answered Dec 11 at 14:01
Mohd Danish
1195
answered Dec 11 at 14:01
Mohd Danish
1195
1195
add a comment |
add a comment |
What do I do next? how do I protect myself from this scammer?
As others have noted, your first phone call is to your bank's fraud department to inform them of the situation. They deal with this every day and can advise.
If you gave the scammers your mobile phone number then you have an additional problem to deal with. After you call the bank, call your mobile provider's fraud department. Make sure you get the fraud department; the front-line phone support people for mobile phone companies are frequently undertrained and incompetent when dealing with cases of fraud. A good friend of mine has been dealing with a mobile phone fraud recently, and the phone support people got it all wrong until she spoke to an expert in the fraud department.
The kinds of problems to anticipate if they have your mobile phone number include:
- They may execute a social engineering attack against your mobile phone provider to convince them that they are you, and that you've lost your phone, and get the company to replace it and charge your account. They get a new phone with your number, your phone gets deactivated, you pay for it, and then they use your phone number to commit more crimes. This is the situation my friend is in right now, and it is very upsetting. But it gets worse! The worse situation is:
- If they manage to get control of your phone number via social engineering attack, or bribing a phone company insider, or whatever, and they also have your email address, then they can execute the following series of steps: first, they'll attempt to log in to your email, but they won't have your password. Suppose you have two factor authentication turned on. They'll start the password reset process on your email account, and now they have "your" phone to satisfy the two-factor authentication, and they can reset your password to a password of their choice. Now they have your password and your email address, so they'll then read your emails and figure out what other services you registered that email to, and they'll reset the passwords on all of those as well.
- Then they'll look at your email contacts, your social networking friends, and so on, try to figure out which of them is the most gullible, and start further attacks against them. Got a grandparent? They'll get an email from you saying that you're in Paris and someone stole your wallet and grandma, can you send me $200 to this sketchy money company right away?
In short: our lives are in our phones, and many services use possession of a phone as a proxy for authorization. If they have your phone number, talk to a fraud specialist immediately, because these attackers will likely be sophisticated and know what to do with the resources they've got.
answered Dec 11 at 17:59
Eric Lippert
2,7631015
If it's really 2-factor-authentication then the phone is not enough to access the mail account - the phone is only ONE of the factors.
– mastov
Dec 14 at 10:47
@mastov: Indeed. Unfortunately, a lot of so-called "two factor" authentication systems are systems where one of the factors can be used to change the other. If logging in requires a password and a phone verification, but resetting your password only requires phone verification, then have you really got two factor authentication, or just the illusion of it? Also, plenty of people use two factor authentication where one of the authentications is very weak -- weak passwords, weak security questions, and so on.
– Eric Lippert
Dec 14 at 15:31
add a comment |
What do I do next? how do I protect myself from this scammer?
As others have noted, your first phone call is to your bank's fraud department to inform them of the situation. They deal with this every day and can advise.
If you gave the scammers your mobile phone number then you have an additional problem to deal with. After you call the bank, call your mobile provider's fraud department. Make sure you get the fraud department; the front-line phone support people for mobile phone companies are frequently undertrained and incompetent when dealing with cases of fraud. A good friend of mine has been dealing with a mobile phone fraud recently, and the phone support people got it all wrong until she spoke to an expert in the fraud department.
The kinds of problems to anticipate if they have your mobile phone number include:
- They may execute a social engineering attack against your mobile phone provider to convince them that they are you, and that you've lost your phone, and get the company to replace it and charge your account. They get a new phone with your number, your phone gets deactivated, you pay for it, and then they use your phone number to commit more crimes. This is the situation my friend is in right now, and it is very upsetting. But it gets worse! The worse situation is:
- If they manage to get control of your phone number via social engineering attack, or bribing a phone company insider, or whatever, and they also have your email address, then they can execute the following series of steps: first, they'll attempt to log in to your email, but they won't have your password. Suppose you have two factor authentication turned on. They'll start the password reset process on your email account, and now they have "your" phone to satisfy the two-factor authentication, and they can reset your password to a password of their choice. Now they have your password and your email address, so they'll then read your emails and figure out what other services you registered that email to, and they'll reset the passwords on all of those as well.
- Then they'll look at your email contacts, your social networking friends, and so on, try to figure out which of them is the most gullible, and start further attacks against them. Got a grandparent? They'll get an email from you saying that you're in Paris and someone stole your wallet and grandma, can you send me $200 to this sketchy money company right away?
In short: our lives are in our phones, and many services use possession of a phone as a proxy for authorization. If they have your phone number, talk to a fraud specialist immediately, because these attackers will likely be sophisticated and know what to do with the resources they've got.
answered Dec 11 at 17:59
Eric Lippert
2,7631015
If it's really 2-factor-authentication then the phone is not enough to access the mail account - the phone is only ONE of the factors.
– mastov
Dec 14 at 10:47
@mastov: Indeed. Unfortunately, a lot of so-called "two factor" authentication systems are systems where one of the factors can be used to change the other. If logging in requires a password and a phone verification, but resetting your password only requires phone verification, then have you really got two factor authentication, or just the illusion of it? Also, plenty of people use two factor authentication where one of the authentications is very weak -- weak passwords, weak security questions, and so on.
– Eric Lippert
Dec 14 at 15:31
add a comment |
What do I do next? how do I protect myself from this scammer?
As others have noted, your first phone call is to your bank's fraud department to inform them of the situation. They deal with this every day and can advise.
If you gave the scammers your mobile phone number then you have an additional problem to deal with. After you call the bank, call your mobile provider's fraud department. Make sure you get the fraud department; the front-line phone support people for mobile phone companies are frequently undertrained and incompetent when dealing with cases of fraud. A good friend of mine has been dealing with a mobile phone fraud recently, and the phone support people got it all wrong until she spoke to an expert in the fraud department.
The kinds of problems to anticipate if they have your mobile phone number include:
- They may execute a social engineering attack against your mobile phone provider to convince them that they are you, and that you've lost your phone, and get the company to replace it and charge your account. They get a new phone with your number, your phone gets deactivated, you pay for it, and then they use your phone number to commit more crimes. This is the situation my friend is in right now, and it is very upsetting. But it gets worse! The worse situation is:
- If they manage to get control of your phone number via social engineering attack, or bribing a phone company insider, or whatever, and they also have your email address, then they can execute the following series of steps: first, they'll attempt to log in to your email, but they won't have your password. Suppose you have two factor authentication turned on. They'll start the password reset process on your email account, and now they have "your" phone to satisfy the two-factor authentication, and they can reset your password to a password of their choice. Now they have your password and your email address, so they'll then read your emails and figure out what other services you registered that email to, and they'll reset the passwords on all of those as well.
- Then they'll look at your email contacts, your social networking friends, and so on, try to figure out which of them is the most gullible, and start further attacks against them. Got a grandparent? They'll get an email from you saying that you're in Paris and someone stole your wallet and grandma, can you send me $200 to this sketchy money company right away?
In short: our lives are in our phones, and many services use possession of a phone as a proxy for authorization. If they have your phone number, talk to a fraud specialist immediately, because these attackers will likely be sophisticated and know what to do with the resources they've got.
answered Dec 11 at 17:59
Eric Lippert
2,7631015
What do I do next? how do I protect myself from this scammer?
As others have noted, your first phone call is to your bank's fraud department to inform them of the situation. They deal with this every day and can advise.
If you gave the scammers your mobile phone number then you have an additional problem to deal with. After you call the bank, call your mobile provider's fraud department. Make sure you get the fraud department; the front-line phone support people for mobile phone companies are frequently undertrained and incompetent when dealing with cases of fraud. A good friend of mine has been dealing with a mobile phone fraud recently, and the phone support people got it all wrong until she spoke to an expert in the fraud department.
The kinds of problems to anticipate if they have your mobile phone number include:
- They may execute a social engineering attack against your mobile phone provider to convince them that they are you, and that you've lost your phone, and get the company to replace it and charge your account. They get a new phone with your number, your phone gets deactivated, you pay for it, and then they use your phone number to commit more crimes. This is the situation my friend is in right now, and it is very upsetting. But it gets worse! The worse situation is:
- If they manage to get control of your phone number via social engineering attack, or bribing a phone company insider, or whatever, and they also have your email address, then they can execute the following series of steps: first, they'll attempt to log in to your email, but they won't have your password. Suppose you have two factor authentication turned on. They'll start the password reset process on your email account, and now they have "your" phone to satisfy the two-factor authentication, and they can reset your password to a password of their choice. Now they have your password and your email address, so they'll then read your emails and figure out what other services you registered that email to, and they'll reset the passwords on all of those as well.
- Then they'll look at your email contacts, your social networking friends, and so on, try to figure out which of them is the most gullible, and start further attacks against them. Got a grandparent? They'll get an email from you saying that you're in Paris and someone stole your wallet and grandma, can you send me $200 to this sketchy money company right away?
In short: our lives are in our phones, and many services use possession of a phone as a proxy for authorization. If they have your phone number, talk to a fraud specialist immediately, because these attackers will likely be sophisticated and know what to do with the resources they've got.
answered Dec 11 at 17:59
Eric Lippert
2,7631015
answered Dec 11 at 17:59
Eric Lippert
2,7631015
answered Dec 11 at 17:59
Eric Lippert
2,7631015
answered Dec 11 at 17:59
Eric Lippert
2,7631015
2,7631015
If it's really 2-factor-authentication then the phone is not enough to access the mail account - the phone is only ONE of the factors.
– mastov
Dec 14 at 10:47
@mastov: Indeed. Unfortunately, a lot of so-called "two factor" authentication systems are systems where one of the factors can be used to change the other. If logging in requires a password and a phone verification, but resetting your password only requires phone verification, then have you really got two factor authentication, or just the illusion of it? Also, plenty of people use two factor authentication where one of the authentications is very weak -- weak passwords, weak security questions, and so on.
– Eric Lippert
Dec 14 at 15:31
add a comment |
If it's really 2-factor-authentication then the phone is not enough to access the mail account - the phone is only ONE of the factors.
– mastov
Dec 14 at 10:47
@mastov: Indeed. Unfortunately, a lot of so-called "two factor" authentication systems are systems where one of the factors can be used to change the other. If logging in requires a password and a phone verification, but resetting your password only requires phone verification, then have you really got two factor authentication, or just the illusion of it? Also, plenty of people use two factor authentication where one of the authentications is very weak -- weak passwords, weak security questions, and so on.
– Eric Lippert
Dec 14 at 15:31
If it's really 2-factor-authentication then the phone is not enough to access the mail account - the phone is only ONE of the factors.
– mastov
Dec 14 at 10:47
If it's really 2-factor-authentication then the phone is not enough to access the mail account - the phone is only ONE of the factors.
– mastov
Dec 14 at 10:47
@mastov: Indeed. Unfortunately, a lot of so-called "two factor" authentication systems are systems where one of the factors can be used to change the other. If logging in requires a password and a phone verification, but resetting your password only requires phone verification, then have you really got two factor authentication, or just the illusion of it? Also, plenty of people use two factor authentication where one of the authentications is very weak -- weak passwords, weak security questions, and so on.
– Eric Lippert
Dec 14 at 15:31
@mastov: Indeed. Unfortunately, a lot of so-called "two factor" authentication systems are systems where one of the factors can be used to change the other. If logging in requires a password and a phone verification, but resetting your password only requires phone verification, then have you really got two factor authentication, or just the illusion of it? Also, plenty of people use two factor authentication where one of the authentications is very weak -- weak passwords, weak security questions, and so on.
– Eric Lippert
Dec 14 at 15:31
add a comment |
protected by Ganesh Sittampalam♦ Dec 11 at 14:10
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
34
Do your "bank account details" include your online banking password?
– Philipp
Dec 11 at 10:31
6
Did you provide a copy of your ID? Some criminals aim to get access by showing a (copy) of the ID to the bank.
– Willem Van Onsem
Dec 11 at 10:41
8
If money does show up in your account from a source you can't identify, don't touch it. Report it to the bank, let them figure it out.
– Steve-O
Dec 11 at 14:18
5
Just by paying someone with a check you give a lot of bank account details out. Have you given more that could be found on the face of a check?
– SolutionMill
Dec 11 at 17:05
Close the account and open another. But I don't think they can do something with your details.
– i486
Dec 11 at 20:42