dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
13916
share rss forum feed


JALevinworth

@embarqhsd.net

"Envelope on Door" Identity Theft Scam Attempt

To note, where this occurred is in a rural, leafy county, low crime, and the town it occurred is even more so sparsely populated, but probably the most exclusive. Would net a high value identity (expensive property values, etc.)

quote:
On Jan. 9 a resident of Guinea Hollow Road called police when they came home to find an envelope hanging from their front door.

The envelope stated "Important Information Enclosed." Inside was a note purporting to be from Bank of America. The letter instructed the recipient to call an 800 phone number. When calling the number the automated message requests the caller to provide personal information; such as Social Security number, zip code and bank account number.

The officer contacted Bank of America corporate security and confirmed that this is fraud, and is an attempt at identity theft, police said.

Police emphasized that banking institutions do not request personal information over the phone that they already have on file.

Residents who receive a similar letter should call the police to report the incident. Do not call the number in the note.
Keep an eye out everyone, no matter what your property value.

-Jim


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Time Warner Cable
·Clearwire Wireless

1 recommendation

A primer on ID theft definitions...

If the message were delivered via SMS text what occurred is called "smishing"
»www.google.com/search?q=define%3···&bih=381

If the message were delivered via telephone (voice- recorded message) what occurred is called "vishing"
»www.google.com/search?q=define%3···irefox-a

The message being delivered via "envelope on front door", what's occurred is called "fdishing" (fud-ishing) for front door delivery of phishing content.
OK, yeah I just made that one up, LOL

I'm going to guess the person going door to door is not an ID thief, just someone who didn't adequately vet the person or company their working for.
Probably an online ad such as Craigslist or someone responding to spam falling victim to a bogus job offer of delivering important documents to local addresses.
I'll guess the person doing the delivering is told that the house is in or going into foreclosure so that it makes sense when their told to NOT make any contact with the home residents for their own personal safety - but to tape the docs to the door & disappear.
Tracking back to the ID thief will be next impossible if the ID thief has even minimal skills in ID thievery.

Thanks for posting that up, never heard of that before.


JALevinworth

@embarqhsd.net
F'dishing lol.

said by Snowy:

I'm going to guess the person going door to door is not an ID thief, just someone who didn't adequately vet the person or company their working for.
Probably an online ad such as Craigslist or someone responding to spam falling victim to a bogus job offer of delivering important documents to local addresses.
I'll guess the person doing the delivering is told that the house is in or going into foreclosure so that it makes sense when their told to NOT make any contact with the home residents for their own personal safety - but to tape the docs to the door & disappear.
Tracking back to the ID thief will be next impossible if the ID thief has even minimal skills in ID thievery.

I had to read this part three times.. (at first I thought you were saying it wasn't an ID theft attempt)... but agree, it probably was not the actual thief but a hired mule/accomplice to the actual ID thief.

said by Snowy:

Thanks for posting that up, never heard of that before.

Neither had I. Good on those people to smell something too as so many believe it can't or won't happen to them! Most people around here still leave their cars unlocked and many, although less, leave their homes open too it's so quiet crime wise. The rest have alarms.

-Jim


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
said by JALevinworth :

I had to read this part three times..

It get's even scarier when you consider English is my 1st language.


JALevinworth

@embarqhsd.net
said by Snowy:

said by JALevinworth :

I had to read this part three times..

It get's even scarier when you consider English is my 1st language.

It's usually my eyes. I read it _s_l_o_w_e_r_ and did so only because it was you, Snowy... cause I know you are the master here. "Ah, ok, gal is one step ahead and already dissecting the scam. That makes sense now."

Whip

join:2009-01-23
Califon, NJ
reply to JALevinworth

Re: "Envelope on Door" Identity Theft Scam Attempt

You must live near me. Got the same Nixle alert.

I'm actually thinking it may be someone that knows whoever's house it was left at because there have been no other reports. Why would it have been left at THAT house? Know what I mean?


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Time Warner Cable
·Clearwire Wireless
said by Whip:

I'm actually thinking it may be someone that knows whoever's house it was left at because there have been no other reports. Why would it have been left at THAT house?

I've had this in the back of my mind...
I'd think it it's more likely to be not nefarious activity at all, just an unfortunate string of miscommunications than a scenario where the ID thief had a special interest or knowledge about the intended victim.
BofA does indeed leave envelopes with a note to call on front doors, fences etc... in certain situations.
When (if) the client calls them BofA does have a verification process that must be successfully completed prior to them discussing whatever matter needs discussing.

An imaginative or really high strung customer could mistake the verification questions as phishing questions.
e.g., BofA: What's the last 4 digits of your SSN?
Customer to Police Officer: They wanted to get my SSN! I refused to tell them, then called you!
Police Official to BofA: Do you ask for the clients SSN?
No, we only verify the last 4 digits
etc...

Too bad the press release didn't include the 800#.
That would have been helpful.


JALevinworth

@embarqhsd.net
reply to Whip
said by Whip:

You must live near me. Got the same Nixle alert.

I'm actually thinking it may be someone that knows whoever's house it was left at because there have been no other reports. Why would it have been left at THAT house? Know what I mean?

Pretty close to you, but to the south. It was in the paper too. I hear what you are saying, but we don't know if that was just the first one or even the first time someone reported it to the police. People tend to not do that. Tewks is a shot off of the interstate. Historically, imported crime tends to come off 78.


JALevinworth

@embarqhsd.net
reply to Snowy
said by Snowy:

said by Whip:

I'm actually thinking it may be someone that knows whoever's house it was left at because there have been no other reports. Why would it have been left at THAT house?

I've had this in the back of my mind...
I'd think it it's more likely to be not nefarious activity at all, just an unfortunate string of miscommunications than a scenario where the ID thief had a special interest or knowledge about the intended victim.
BofA does indeed leave envelopes with a note to call on front doors, fences etc... in certain situations.
When (if) the client calls them BofA does have a verification process that must be successfully completed prior to them discussing whatever matter needs discussing.

An imaginative or really high strung customer could mistake the verification questions as phishing questions.
e.g., BofA: What's the last 4 digits of your SSN?
Customer to Police Officer: They wanted to get my SSN! I refused to tell them, then called you!
Police Official to BofA: Do you ask for the clients SSN?
No, we only verify the last 4 digits
etc...

"The officer contacted Bank of America corporate security and confirmed that this is fraud".

I wouldn't be dismissive this is just some high strung customer, etc. (Don't we want people to be suspicious and not considered "high strung"?).

Besides, we'd have to assume the police officer didn't investigate the phone number wasn't BoAs but is just saying don't call it on his gut?

For lack of information here, we can only guess. But with the sheer amount of BoA regular phishing attempts casting a wide net over BoA and NON-BoA customers alike - We don't even know that the potential victims here are even BoA customers to begin with. THAT could have been first their clue. This area is FLUSH with banks - BoA is not especially prominent among the fray. BoA mortgage? Not that people couldn't have them, but they aren't special. I dunno, but the fact that it was claimed to be from BoA made my ears perk up alone because of it's favored use among phishers.

-Jim


JALevinworth

@embarqhsd.net
reply to Snowy
said by Snowy:

Too bad the press release didn't include the 800#.
That would have been helpful.

This is interesting... I don't know if it's the same number but...
»800notes.com/Phone.aspx/1-800-669-0102/51
quote:
Joe
2 Dec 2012
They didn't call me. Left a door hanger on my front door saying to call and be prepared to give my account #. Name only said Mortgagor. Don't have a mortgage on my house.

quote:
Angel
6 Dec 2012
Today I came home to find an envelope in my door that didn't say much other than "IMPORTANT: Call this number and be ready to give your account number." I called & it says it's a debt collector, but you can't talk to anyone until you give your account number or ssn. I refused to do so. I know I am in good standing. I called the real Bank of America. They couldn't explain it and said it could be fraud.

quote:
cwoods
6 Dec 2012
worst process ever!!!
Caller: b of a left a note on my door.
Call Type: Debt Collector

quote:
Anonymous
18 Dec 2012
We haven't been receiving any phone calls, but we keep getting these manila envelopes on our door. The first time we actually saw a strange woman come up to our door (tiptoeing - what is that all about??) and, without knocking, put this official looking envelope on our door knob. She then got in her car across the street and watched out front door for an uncanny amount of time. After she left, we opened the door and read the message. It was very generic. It has the date handwritten, it says "IMPORTANT", and there are two lines to write in a name and number. It said "BOA" (Bank of America we assume) and had this number to call, 800-669-0102. No explanation of what it could be about. It says "Please be ready to give your account number."

I just came home today, over a month later, and low and behold, there is another envelope. The message inside is again handwritten. This time it says "Mortgager" rather than "BOA". I finally decided to Google the number on the card and that is when I came across this forum. I am extremely concerned after what I have read and thoug it was import to share our story for you too. This is definitely some kind of scam. BE CAREFUL!!

quote:
silly50
28 Dec 2012
I HAD a mortgage with CW then BOA. Used to get calls from this number. Haven't in a long time. Came home from work today to find a manila envelope with "Important Please Call. Hand written is 'Homeowners Assistance' then 800-669-0102. Now here's my kicker. They aren't ALLOWED to contact me for any reason (unless I contact them first) as this mortgage was discharged in bankruptcy in 2010. Think I'll contact my attorney & check into sanctions against them.
quote:
Anonymous
4 Jan 2013
I received an envelope on my door today to call the number. I dialed *67 first in order to block my number. You cannot speak with anyone unless you give your account number or social security number. They identify themselves as Bank of America, then say they are a debt collector, but they are not. This is a scam. I called Bank of America and reported it. They have no knowledge of this phone number. Bank of America is going to investigate. This is fraud. DO NOT call the number; instead, report it to Bank of America.
Jim note to readers: *67 does not block your phone number to 800 numbers.


psafux
Premium,VIP
join:2005-11-10
kudos:2
reply to JALevinworth
Knowing the phone number in the packet would settle whether this was legit or not pretty darn tootin' quick.


JALevinworth

@embarqhsd.net
said by psafux:

Knowing the phone number in the packet would settle whether this was legit or not pretty darn tootin' quick.

True. BTW, the above 800 notes link I found was the only meaningful google result I got searching for "bank of america" "Important Information Enclosed" "on door" where others are describing this activity too. According to that number thread, these "note on door" reports just started up in December. At least one person confirms not having a mortgage with BOA but getting it., another reports the notice first said BOA but got a second that just said "mortgagor". Others are just getting it addressed to "mortgagor".

Whether this is the same phone number and notice or not as the case I originally posted about, it does seem that there is some "note on door" activities of this nature going on that just started up no matter if it's the same one as posted or not. Might be linked to some bill collection scheme.


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Time Warner Cable
·Clearwire Wireless
reply to JALevinworth
said by JALevinworth :

said by Snowy:

said by Whip:

I'm actually thinking it may be someone that knows whoever's house it was left at because there have been no other reports. Why would it have been left at THAT house?

I've had this in the back of my mind...
I'd think it it's more likely to be not nefarious activity at all, just an unfortunate string of miscommunications than a scenario where the ID thief had a special interest or knowledge about the intended victim.
An imaginative or really high strung customer could mistake the verification questions as phishing questions.

I wouldn't be dismissive this is just some high strung customer, etc. (Don't we want people to be suspicious and not considered "high strung"?).

Yes, of course.
What I meant to get across was the possibility of the culprit having a knowledge of the home occupant -vs- the entire incident being a miscue between occupant>>>>police>>>>BofA.
Of the 2 possibilities, the latter would be more likely to occur, IMO.
The other possibility is that the incident occurred as it was reported & that is the overwhelming probable truth by an enormous margin.
~~~~~~~~~~~~
btw Originally a CountryWide number800 669-0102 is a legit BofA phone number.


JALevinworth

@embarqhsd.net
said by Snowy:

~~~~~~~~~~~~
btw Originally a CountryWide number800 669-0102 is a legit BofA phone number.

Interesting. I know, Snowy, you have a method of verifying phone numbers through some official listing (not just by calling it and assuming the message isn't lying), so your word is good as done.

I called the number anyway through a fax service. A messages goes off saying they are Bank of America, then an announcement concerning tax statements. After that it states, "We are debt collector".. blah about recording the call, and then prompts you to enter your full account number including leading zeros. Alternate method if you enter nothing, asks for you to enter your social.

Also: I think some of the people who had been posting about being harassed by this number (15 times a day), may also had been receiving spoofed calls from this number too, besides possibly legit. (Can't see BoA doing the calls 15 times a day thing some are claiming). Who knows.

-Jim


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Time Warner Cable
·Clearwire Wireless
said by JALevinworth :

Also: I think some of the people who had been posting about being harassed by this number (15 times a day), may also had been receiving spoofed calls from this number too, besides possibly legit. (Can't see BoA doing the calls 15 times a day thing some are claiming). Who knows.

Would BofA intentionally call someone xx times in one day?
Absolutely not.
Could BofA's autodialer call someone xx times in one day.
Absolutely yes.
I don't know which software BofA uses for it's autodialing but I am familiar with auto dialing systems where it's not too difficult to screw up the configuration/DB's resulting in what's commonly referred to as 'phone bombing'.
Even tough phone bombing generally refers to a malicious use, it does happen in legit systems from time to time.

As minute a chance that BofA would be responsible for the unintentional phone bombing of one of its customer, that would be more likely to occur than someone receiving a legit call plus a spoofed call from BofA in the same day or even month for that matter, IMO.

The more I think about this, the more I wonder about the veracity of the original article.