dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
51
Zoder
join:2002-04-16
Miami, FL

2 edits

Zoder to BoulderHill1

Member

to BoulderHill1

Re: [Rant] Chase Online Banking Security

said by BoulderHill1:

If I understand you correctly some unknown third party somehow gained access to your account using their own Chase User ID.

Even though you had a strong password this third party somehow gained access either by guessing the password or proving ownership by answering security questions correctly.

I don't think it is necessarily an issue with multiple user id access, but rather an unauthorized user gained access to your account.

In other words you got hacked.

You stated that you did not get hacked but yet what do you call it when someone illicitly gains access to your account and takes your money?

That's what I originally thought last night from my conversations with the Indian reps. They told me a second User ID had been created and used. But after speaking to the US reps today, apparently it was an old ID from the WAMU days that was never deactivated properly. More details are in the post that's being held by the system. I've asked the mod to release it.

Mospaw said that post disappeared so I'll add the details here. A few months after the merger completed I tried logging in to online bank for the 1st time in several months. I got a message from the system saying that my WAMU ID expired because I hadn't logged in since the merger by a certain cutoff date and I would need to create a new ID. So I did and had been using it ever since. As far as I knew the old one was gone. Apparently it wasn't though as that's what the person used to login to the account

They actually never gained access to the user id I've been using for the past 4 years according to Chase. They got a Chase rep to change the email address associated with my WAMU ID and once they had that, they were able to get the verification code and reset the password to gain control of the old ID. It seems apparent that the person has my SS # but without getting the email changed they wouldn't have been able to enter a valid code # and access the account.

Going forward I've set it up so account changes regarding contact info can no longer be changed over the phone. Only by successfully logging into the account online or at the branch. Hopefully that will keep it from happening again.
BoulderHill1
join:2004-07-15
Montgomery, IL

BoulderHill1

Member

Wow, see you just never know, do ya.

I never would have thought that.

I knew there had to be more to it somehow.

I hope Chase is taking care of you monetarily. I don't know about you but 1800 bucks from me would be devastating.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to Zoder

Premium Member

to Zoder
You should place a fraud alert with the credit reporting agencies, if you haven't already.
Zoder
join:2002-04-16
Miami, FL

Zoder

Member

said by sivran:

You should place a fraud alert with the credit reporting agencies, if you haven't already.

I did. Thanks.

Chase is reimbursing me, but it takes them up to 5 days. So it's going to end up costing them more money as they said they will also cover the fees my credit card company is going to hit me with as the payment that was due and scheduled yesterday is going to bounce.

I don't know why they don't just give it to us immediately. We've had an account for many many years with them. If they discovered there was no fraud they could take it back later. BOA did that when their ATM ate my check deposit. once They credited me while on the phone call while they conducted their search. If the search didn't find the check they would remove the money when it was complete. But hey if they want to spend extra money on this to reimburse me for the fees, they are more than welcome.
Zoder

Zoder

Member

So it seems Chase was an innocent victim in this too.

A spoke to a senior account specialist today and found out the following. When the person called and spoke to the rep on Sunday to get the email address changed they were given a high security test. This is where they look up info from your credit report and quiz you on several questions only you should know. Like which of the following vehicles have you ever owned, etc...

The person passed the test which is why the information was allowed to be changed. But that means the person has access to my credit report. Is there a way to find out from the 3 bureaus if anyone else ordered my report and what information was used to order the report? Email address, mailing address, etc...? That way I can give the information over to the police.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran

Premium Member

They should be able to do that. Explore one of their websites to see. Calling them, as I recently found out, is an exercise in frustration as you end up in IVR hell with all three of them.
Zoder
join:2002-04-16
Miami, FL

Zoder

Member

said by sivran:

They should be able to do that. Explore one of their websites to see. Calling them, as I recently found out, is an exercise in frustration as you end up in IVR hell with all three of them.

Yes it is. I'm hoping someone has a direct number to a live person.