Delicious Monster
E*Theft @ E*Trade...
On February 2nd of this year someone found out enough information about me to start an account on E*Trade in my name. That is, they convinced E*Trade they were me, then created a new brokerage account, with my SSN and address and everything.Then the thief immediately filed a change of address on "my" account, so all my mail from E*Trade would go to a local hotel, "attention: Wil Shipley, Check-in 4/1".
The miscreant then ordered an E*Trade debit card, which was supposed to be shipped to "my" new address: the hotel. However, unfortunately for the would-be thief, (a) E*Trade sent me a paper mail confirmation of the change-of-address, which alerted me (and was the only thing E*Trade has done right in this entire story), and (b) E*Trade actually didn't process the change of address in a timely manner, so the debit card and its PIN went to me. Sorry, Mr. e-Criminal! No cash for you!
I called E*Trade on March 17th after getting the change-of-address notice and the shiny new debit card for an account I didn't open, and, after TWICE waiting on hold for THIRTY minutes to talk to an actual person (because, GASP, I didn't have my account number handy when I called), I finally spoke to a guy named Matt M., who is most definitely NOT in their "Risks" group, which is what they call the people at E*Trade who spend their days busily ignoring fraud.
I told Matt my story, gave him the phoney E*Trade account's number, and he mentioned that there was $5,000 in the account. "What?" I said. That makes no sense! "What account did it come from?" Oh, we have no way of knowing that. "REALLY? YOU HAVE NO WAY? MONEY JUST APPEARS IN ACCOUNTS THERE, AND YOU GUYS HAVE NO RECORDS?"
I checked my accounts, but I didn't see any missing $5,000, so I had no idea what kind of scam this thief was running. Was he giving *me* money? "Here, here's $5,000 in an account in your name, and here's a cash card! Go to town!"
Matt said he'd freeze it immediately. I started regretting this within an hour, which is a feeling that would increase as E*Trade screwed me slowly over the next several months.
Matt said he would have someone in the "Risks" group contact me, because you can't just call those guys -- they call you. Ok, fine, I said. I mentioned (again) that the criminal was going to check his mail at the local hotel on April 1, and that that might be an EXCELLENT day for them to have the FBI waiting. Assuming the account-freezing didn't scare him off, which it did.
After speaking to Matt I called Equifax and the other credit-monitoring bureaus, who are very professional and share information with each other, so all I really had to do was call one, and they all told each other to watch out for unusual crap with my name attached to it. I also called the USPS and filed a wire fraud claim, to which the federal government replied in a confidence-inspiring way by sending my seven identical e-mails confirming that they'd gotten my report. (And that was all I've heard from them...)
I also called my bank and told them to watch out for anything unusual, in all my accounts. Finally, I called the hotel, and left voicemail explaining the situation and telling them to call the cops if some Wil Shipley doppleganger appears and asks for his mail.
--
Slow-forward to April 20th, when my assistant is reconciling my *business* account (yes, Delicious Monster) and it turns out that $5,000 is missing. Hmm! So that's where the money came from -- I thought this was an attack on my personal funds. Silly me.
So I call the bank, and I ask them how them how I can have $5,000 missing when I never wrote a check or anything. I spoke to Stacey P. in the bank's fraud group (after being transferred twice), and she patiently explained that, in fact, the bank will transfer money to anyone with the correct three pieces of information about me and an account in my name at some other institution.
Let me say that again. ANYONE can call the bank and say, "Hi, I'd like to make an ACH transfer from this account to this other account at a different financial institution of ill-repute, and I swear I'm really Wil Shipley," and they'll do it. Just like that. There's no password, no signature, no record.
"Really?! REALLY? REALLY? IS THIS REALLY HOW IT WORKS?"
They advised me to change my bank account number, since, obviously, I can't change my name or SSN, and the thief already knows those. I'm all, "But, uh, that's just, like, a little number. It's not even a secret password. It's printed on every piece of mail you send me, and EVERY FUCKING CHECK I WRITE!" (Which, incidentally, also have my name on them, so basically all anyone has to do is find my SSN, which is used by every damn organization in the world to identify me, and they're good to go.)
Oh, it's ok, cooed, the fraud lady, because the VISA guys have built-in fraud protection, so they'll pay you back the money. Just hold on a second...
...Oh, hi, I'm back, no we won't. It's been over 60 days since they stole the money, so we don't give a damn. Sorry.
WHAT?! But I told you guys a month ago my identity had been stolen!
"Oh, well, there's a federal law, see...."
Now, I may be an idiot, but I'm going to guess the federal law does NOT say, "Hey, VISA, don't re-imburse people who didn't discover they had money stolen after 60 days!" I'm going to guess that, in fact, what it says is, "Hey, VISA, you are required to re-imburse people in the first 60 days, damn you, because we're tired of this crap." If there even IS a federal law, that is. I didn't actually get the law number.
"Well, just contact E*Trade and have them transfer back the money!" But, E*Trade claims they have no idea where it came from! "That's impossible -- E*Trade is the one who initiated the ACH transfer, at the request of the fake Wil Shipley. They must know!"
I immediately called Matt B. at E*Trade again and left him a message, since it'd been over a month and no one from E*Trade's risks group had contacted me. I'd like to point out even the HOTEL had called me back at this point. But not E*Trade. One thing E*Trade apparently didn't expect is I keep detailed logs of all phone calls I make of this sort, so if there's any problem later I can refer back to exact events and people and dates. Surprise!
--
Seven days later (April 27th) I called E*Trade again, and finally got a call back from Gary S., who I initially thought was in the risks group, but now I'm not so sure. He said, "I don't see the problem, you have your money, what do you want?" I pointed out that I did not, in fact, have my money. He was all, "Sure you do." I pointed out that I had the bank account in front of me, and the money was not in it.
"Oh, hold please..." Minutes later, he returned, slightly chagrined, and said they oddly had NOT released the funds, but that he would do so and call back the next day. CONFIDENCE INSPIRING!
"Can I have your direct number, so I can talk to you next time?" Oh, no, you can't -- we don't give out the numbers of people in the Risks group. (You know, because if we did, then angry customers who've had their money stolen could, you know, get it resolved.)
--
Hey, guess what two events did NOT happen on April 28th!
--
On May 15th I called Matt at E*Trade again, and left a slightly angrier message. I'd like to point out that up to this point I hadn't raised my voice at anyone. This message said, in part, it's been two months since I told you that you guys had my stolen money, and you still have my money, and you're making interest on it, and if I don't get my money inside of a week I'm going to call the FBI and tell them that you've generated an illegal transfer and won't release my funds back to me, and we'll see what they have to say.
Matt called me back the same day and left me an apologetic message! Hey, the Dark Side is faster! Matt said that my bank should just "reverse the ACH," as that'd be the simplest way to go. I called my banker and she wasn't familiar with that, but said she'd look into it. She called the next day and left a message saying, "Why doesn't E*Trade just credit your account?"
I finally got hold of Matt yesterday (May 16th) and we spoke for a while, and he indicated that they didn't know where they funds were from and weren't sure how to verify my identity at this point. "Matt," I said, "you KNOW the funds are from my business account. All I'm asking is you put them back from where you got them. Whether or not I'm the REAL Wil Shipley doesn't even matter, in this case! Just undo the damage you did! Put the money back from where you took it!"
He said he couldn't do this, because they needed to know, uh, mumble, something about who initiated the initial transfer, and, besides, the account was locked, and they couldn't transfer funds from locked accounts. "Well, uh, I'm guessing those rules are E*Trade's rules, not, say, immutable laws of the universe, and I'm guessing there is SOMEONE there who can do whatever and bypass whatever, and I want the money back."
Matt said he'd have someone in the Risks group call me. I indicated I'd heard this many times over several months, but that even poor, under-informed Gary didn't appear to really be from the Risks group (he had said something like, "I'll check with Risks and get back to you" at one point, although I admit I could be mistaken on this, my notes aren't perfectly clear here).
--
This brings us to today. E*Trade still has $5,000 of my money, plus the interest they've earned on it. Unsurprisingly, I haven't gotten a call from anyone in their Risks group today. In fact, so far E*Trade has indicated NO intention to actually make any effort to undo what they've done, have repeatedly told me they'd get back to me and failed to do so, have followed NO leads to actually find who stole my identity (he was going to show up at the hotel!), have apparently not called any authorities about this. In general their attitude is, "Well, good luck solving this on your own! We're pretty happy where we are, actually, since, you know, we make interest on that money of yours."
I'm not impressed, E*Trade. You've got five days.
--
Update: A most-helpful G. Wong, from the E*Trade "Fraud Unit" (I'm not sure why everyone else there called it the "Risks Unit") called me on the 18th and stepped me through what normally happens in cases like mine (and did not happen in this case); he said he has worked with Bank of America many times on fraud and normally BofA knows what to do, but in this case he felt the bank didn't handle it correctly, and E*Trade had been, I guess, waiting for the bank to figure it out. I'm not in a position to assign blame, so I'm just reporting what I've been told.
He promised to work with my bank and to actually call my business banker, which he did! He also followed up with me a few days later to let me know things were in process. I admit I don't have notes from this latter call because I was just woken up, so he may have, at that time, said that the money was back, but I don't recall him saying so.
But, out of curiosity, I checked my account, and on the 22nd I was, FINALLY, credited the missing $5,000. Sure, I've lost the interest on that money, I've stressed about this for months, I've spent countless hours on the phone getting the wrong information from Bank of America and from E*Trade, and nobody from E*Trade returned my calls until I made a huge stink.
But in the end, things got put back in order. So, big ups to Mr. Wong, who did what was wight. (Couldn't resist!)
Labels: stories
136 Comments:
Wow, that sounds like a hell of an ordeal. Good luck with that, and please make sure to post about the resolution so maybe I (and others) can feel better about the world. That is, of course, assuming it works out well.
May 17, 2006 2:04 PM
Sue them now, maybe you can get your money with all interest back. you will get only 5k back if they really do this in next five days.
May 17, 2006 2:14 PM
Geez, I hope this all works out for you, and soon.
May 17, 2006 2:24 PM
Get the FBI on this one... it sounds like there's enough evidence and trails that they can quickly nab the creep before they strike again. And now e*trade is off my list of places to do business with. Not inspiring at all...
May 17, 2006 2:33 PM
Let me say that again. ANYONE can call the bank and say, "Hi, I'd like to make an ACH transfer from this account to this other account at a different financial institution of ill-repute, and I swear I'm really Wil Shipley," and they'll do it. Just like that. There's no password, no signature, no record.
"Really?! REALLY? REALLY? IS THIS REALLY HOW IT WORKS?"
They advised me to change my bank account number, since, obviously, I can't change my name or SSN, and the thief already knows those. I'm all, "But, uh, that's just, like, a little number. It's not even a secret password. It's printed on every piece of mail you send me, and EVERY FUCKING CHECK I WRITE!" (Which, incidentally, also have my name on them, so basically all anyone has to do is find my SSN, which is used by every damn organization in the world to identify me, and they're good to go.)
That's insane, that sort of system would get failing marks in a computer security class, and this is how they protect your money?
Maybe the people hiding it in their mattresses aren't kooks after all.
May 17, 2006 2:33 PM
You should contact the FBI for sure, but also try calling someone else at your bank. Also, tell the people at e*trade that you've contacted your attorney and will be pursuing legal action if they do not get their act together, it makes a difference.
May 17, 2006 2:49 PM
Amazing. They can shift your money around like that...you should HEAR HOW Effin' hard it was when I tried to have phone company send my Mom's phone bill to my house so I could START PAYING IT.
They claimed that they don't have the system set up so people can PAY bill at another address, and suggested I GIVE hear years worth of payment money so SHE could pay it. Unbelievable.
May 17, 2006 2:50 PM
Horrifying. Did the guy actually check in at the hotel?
May 17, 2006 3:02 PM
This post has been removed by a blog administrator.
May 17, 2006 3:02 PM
I think you should send E*Trade a nastigram!
May 17, 2006 3:03 PM
has it occurred to you that "Check-in 4/1" is uh, "Check-in April Fools"?
of course... 5000$US is not exactly fooling around but uh, was this a big joke?
May 17, 2006 3:03 PM
You said: "I keep detailed logs of all phone calls I make of this sort" — it can not be stressed how important that is. It is a very-very good way to defend oneself when dealing with c******* b********* like these.
Personaly I think that you are too nice to these people. Don't be polite when they repeatedly ignore you and does not act responsibly.
Good luck
May 17, 2006 3:09 PM
when my garage was broken into and the thieves took my stuff the police also said the same thing: good luck. after i did my own legwork i found out that some of my stolen stuff was at a used record store being appraised. and they were expecting the thieves to come back the next day for the cash. when i called the cops back they seemed floored that i had done all this work on my own. that i had done their jobs for them. one of the thieves was arrested at the record store when they came back.
my lesson learned: cops are too busy to really care.
May 17, 2006 3:25 PM
Wil, you gotta move to Europe. The european way of doing transfers:
- no Checks
- no Social Security Number on it
Almost anyone is using internet for wire transfers. Crédit Suisse, my bank of trust, secures login the following way:
- RSA token with a 6-digit code, changing every ~1min
- personal password
- contract number
Unless someone gets a keylogging trojan on your PC or does a profound man in the middle-attack, your online banking is safe.
Good look doing money businesses in good, old USA ;-)
May 17, 2006 3:33 PM
henrik,
I have found that being polite is the best policy, even when it is hard.
Will,
A couple of suggestions.
Go up the food chain, supervisors have more power and are available (even if they claim not to be). Repeatedly dealing with the unempowered usually gets you caught in their endless loop of scripted responses.
Even more important, never hang up. Most call center personel are expressly forbidden from hanging up on you. Simply stay on the line until they think of a new solution. Someone I know successfully used this technique to get insurance companies to hand over millions of dollars they owed to pharmacies. It works very well.
May 17, 2006 3:52 PM
Right now, go call your local police department. This is what you should have been doing since day one. Someone steals $5k from you and you don't call the cops? Are you crazy?
Do not pass go, do not collect $200, sure and hell, don't wait 5 more days. Call the cops man. Had you called them in the first place they may have actually done something about the hotel check in and such.
May 17, 2006 3:58 PM
Wil,
If you haven't already, I would withdraw the money from that bank account and take the business elsewhere.
May 17, 2006 4:05 PM
The reason why it is this crappy is becuase the penalties for this sort of thing aren't high enough (the cost of making the system better outweighs the cost of just dealing with the brokenness).
It would probably be a good idea to file an FTC complaint (https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03), and your state's attorney general's office (consumer protection division)may be able to put some pressure on E*Trade (if it operates like the one in my state).
... and if my suggestions help at all, can I come visit your car some time? /drool/
May 17, 2006 4:09 PM
You have been dugg, sir! Loud is the Voice of the Many!
May 17, 2006 4:46 PM
Dude. Bummer.
It's amazing that someone could that easily move $5000 out of your bank account. I can't even make changes to our Verizon cell phone account because my wife's name is on the account but mine is not!
I wouldn't hold out a lot of hope of catching the guy, but there's no good reason you shouldn't get your money back with apologies from both your bank and E*Trade for letting it take so long.
May 17, 2006 5:07 PM
Evil evil evil.
I'm also a victim of identity fraud but not quite as heinous.
I called Fidelity to ask if they could have someone call me if anyone tried to change my address etc. They said no. By the time you get the snail mail letter it's usually too late!
One cool thing about Fidelity - but I'm not sure it's totally foolproof - is that you can make a "customer id" that is not your ssn, that someone is required to know. I don't work for Fidelity by the way.
That wire transfer story. Seems insane. B of A requires filling out paperwork to do a wire transfer. So does Fidelity. I'm pretty shocked at that.
Inside job?
I suggest you contact Etrade's PR dept. That could help move things along.
May 17, 2006 5:50 PM
Do *not*, do *not*, do *not* wait five days. Call them every day until you get somebody who will take ownership.
May 17, 2006 6:10 PM
B of A is my bank... amazingly (and I pointed this out to them), they require a card on file for me to make wire transfers remotely, and I have to go in and fill out a huge form every time I want to wire money to anyone (my assistant has tried to do it for me)...
BUT, this wasn't a wire transfer, it was an ACH. Don't ask me what an ACH is, but apparently it's like an inter-bank transfer that does NOT require all that paperwork. It's what your credit card company does when you pay your bill automatically, I'm told. Or might do. Or something like that.
May 17, 2006 6:33 PM
Thank you so much for this. My brokerage just got bought out by Etrade and at first i was just going to stick around due to being lazy, but from this story as well as other places, I am transfering everything out of this company. Right now when i call the customer service it is really quick, but it is a dedicated line for the former company. I bet in a year when they figure we are assimilated, it will get horrible.
May 17, 2006 8:51 PM
Wil, if I were you, I would:
A)Call every day, all day until I got someone from E*Trade on the phone to make things happen.
B)Even after getting someone on E*Trade to take responsibility and release/return the money back to your business account, I would file a civil lawsuit against E*Trade. Better yet, find out if there are any other peopel across America who have also been screwed by E*Trade and file a Class Action lawsuit. Strength in numbers will always make things happen faster. Not only will you get that $5,000 back, but you could walk away with a couple hundred thousand dollars that you could use to keep building Delicious Monster with......
May 17, 2006 8:52 PM
Just involve the feds on financial fraud and tell them that e*trade is involved and so is your bank. That's it. That should get their asses moving.
May 17, 2006 9:23 PM
A frind used this approach when a local utility tore up his property and spilled trasmission fluid all over his yard and driveway.
Write a very nice letter to them that lays out all of the particulars of the situation, along with the names and and dates of particular people you spoke with. However, the entire first page ofthe letter should be your CC list. Include all local and national media contacts, the FTC, the FDIC, all local and state political contacts (mayor, governor, Sec-state, congressmen, local police, FBI, Better Business Bureau, etc.
Everybody.
Then send it to all of them. My friend got a call from the utility's CEO within 2 days, and they had workers out ripping up his driveway to replace it 12 hours after that. No joke. All it takes is one of those people on your list to think it's somehting they can use to advance their own career, and those guys are toast.
They'll respond.
May 17, 2006 10:54 PM
Every bank I've ever used has dubious authentication protocols. Ideally, I'd like multifactor authentication with some kind of "smart card" and a secret code, and I'd like lost password recovery to be an enormous hassle. In reality, it's never harder than "Last four of your social, your ZIP code, and your phone number, thank you."
I used to bank of E*Trade. I left them because of 1) the long phone waits, 2) the offered only debit cards, and not ATM cards, 3) they hit me with too many fees. Also, I have a worthless stock that I'd like the certificate to so that I can close my brokerage account. I've requested it 5 times, and every time they say they'll take care of it right away, and then it never happens. E*Trade used to be a great bank, but I think they've grown too big.
I now bank with Bank of Internet USA. Horrible name, but they're a wonderful bank. They're prompt on the phone, they give me a card that doesn't work at all without a PIN, they reimburse $7 a month in other bank's ATM fees, and their interest rate is outrageous (3% on a checking account?!).
Anyone who needs a savings account should look into Emigrant Direct or ING Direct.
Why do you bank with Bank of America? I've heard nothing but bad things about them, and the interest rate on their "savings account" is _criminal_. It was 0.5% last I checked. This is clearly a bank that is not interested in its customer's well being.
Other unsolicited security advice: I do everything online, and I've requested that everyone (banks, credit cards, utilities, etc) refrain from mailing me anything. Mail is the #1 source of identity theft information. I use "Pay Safe" temporary credit card numbers for all online purchases, because I think negligent companies are on their way to being the #1 source of identity theft.
May 17, 2006 11:02 PM
This just gets to one of my personal rules. When someone screws up, you don't bother with the phone, cause they can always hang up, best to talk to someone straight to their face, that way they can't get away, and you can see instantly when they're BS you.
May 18, 2006 12:21 AM
Social security numbers are a really bad idea. Only the geniuses that make up the government would come up with a universal ID number that, once leaked, gives access to nearly your entire life.
May 18, 2006 1:21 AM
I was wondering why I never received your E*Trade debit card. Damn you.
BoA fisted me with some fraudlent ACH transfers that never got resolved. I was only 17 at the time and didn't really pursue it much (it was some $200 odd dollars, not $5000 mind you). I love banks.
May 18, 2006 1:22 AM
Why do you even personally bother with this ? A lawyer would love this stuff and he would send his bill to E*Trust not to you.
May 18, 2006 2:42 AM
Wil,
You want this fixed fast? You should use the equivalent of the local TV station's consumer reporter...
Go tell CNet your story (if they haven't picked it up already). They'll have it plastered on their front page in no time, and ETrade will fall over themselves to get it fixed.
May 18, 2006 5:08 AM
I've had a similar issue, although in my case the amount in question is only 180€. I've been trying for six month to get it back. Basically it seems that if someone screws you, the companies of which you are a so-called client will screw you as well and there's nothing you can do about it. At least, nothing I know of. In short, life sucks and people are schmucks.
May 18, 2006 7:13 AM
This is worthy of a dramaticized TV show starring smooth-looking actors you've never heard of on Fox.
May 18, 2006 8:19 AM
Wow what a mess!! Why don't you contact your bank from which the funds were transfered to E*trade? Your bank suppose to help you in the first place. You contacting Etrade and complaining about it without understanding the process, is not the correct way to go.
If you want to resolve this issue fast contact your bank ask them to talk to ETRADE. BOA is your bank they need to help you somehow.
May 18, 2006 10:51 AM
ACH = Automated Clearing House
http://www.nacha.org/About/what_is_ach_.htm
May 18, 2006 12:16 PM
You sure blast etrade, but it sounds like it was your bank that gave your money to someone who wasn't you. Why don't you tell us who your bank is 50 times, so we can all hate them too?
May 18, 2006 12:31 PM
Let me do the honor.
Mr Shipley's bank is B of A - Bank of America
May 18, 2006 12:46 PM
To assume that a financial institution would not have some sort of security is proposterous. Any bank that u have to call ask for verifing information. From what i hear sounds like someone isnt shreading there precious info when they through it away.......
May 18, 2006 12:53 PM
When you ultimately transfer your accounts away from E*TRADE, if you find a brokerage that doesn't suck, let us know because I'll be closing my E*TRADE account and following you there.
May 18, 2006 12:58 PM
I don't blast Bank of America because I've had a wonderful relationship with them for ten years. During that time they've done things like come out to my café to have me sign papers (instead of making me go to them), paid overdrafts without being asked and without any penalty, and set up a $150,000 line of credit over the phone in one day in a single call.
In this matter it may be that Bank of America should have taken a more active role. I don't know, I'm obviously not a fraud expert. What I do know is that they've returned my calls within hours every time they said they would, and followed up with me.
It goes a long way with me if you are actually TRYING to help me, or even act like it, even if you don't get the results I want immediately. I'm a pretty forgiving dude.
I should note that I got a call from a new guy at E*Trade in the fraud group today, and he seemed very, very helpful and explained what he was going to do to get my money back and what steps I might take as well, and said he'd work with Bank of America today and call me back when he gets some status.
I wish I'd talked to this new guy sooner. Assuming he follows through, I'll make an update to the main post, but hopefully I'll be forgiven if I'm a little conservative in my hope.
May 18, 2006 1:24 PM
If there's a TV movie, I want to be played by George Clooney. Or N.P.H.
May 18, 2006 1:25 PM
Maybe this can help you:
http://www.consumerist.com/consumer/top/how-to-get-through-having-your-identity-stolen-171194.php
May 18, 2006 1:28 PM
I work at a Brokerage firm (not E*Trade) and the thing that puts the fear of God in these places is the SEC and the NASD.
http://www.sec.gov
http://apps.nasd.com/Investor_Information/complaints/complaintCenter.asp
You also should report the ID Theft to the FTC at 1-877-IDTHEFT (438-4338).
Last, you might want to file a complaint with your State's Office of Attorney General.
So I would file a complaint with these agencies and mention it to ET as often as you can.
May 18, 2006 7:02 PM
I have had bad luck with E*Trade too.
A number of years ago I had a company created E*Trade account for my options and ESPP shares. One day I tried to wire transfer 8K from my account which had a balance of 10K. It was supposed to be done by the next day. The next day, my bank account didn't have the 8K and my E*Trade account only showed 4K.
Needless to say, I was pretty scared/pissed/annoyed and agitated.
When I called E*Trade to figure out what happened, customer support told me that my account has two internal parts and neither one had enough to cover the transfer. They were fixing it.
Then he gave me the scariest quote ever.
"Don't worry, it's just an internal software problem"
WTF? Internal software problem which takes 6K from my account with no record. It took days to straighten it all out.
I've never done any business with E*Trade since .
May 18, 2006 7:26 PM
Can you write checks against your account? Can't you simply write a check that takes the funds from your Etrade account and deposit that to your Bank?
Robert N.
May 18, 2006 8:52 PM
When assembled, comments suggest a quite powerful speech:
1) I've called my attorney and am going towards legal action
2) I've warned SEC and NSAD
3) I'm running the story online
May 19, 2006 3:06 AM
Having read this story I went into my local BoA today and enquired about this ACH transfer and they swore blind to me that you needed a lot more information to complete such a transfer. He left me with the impression that it simply isn't possible. Do you know if this is because your Bank is still using Seafirst policies?
May 19, 2006 8:22 AM
What account did it come from?" Oh, we have no way of knowing that. "REALLY? YOU HAVE NO WAY? MONEY JUST APPEARS IN ACCOUNTS THERE, AND YOU GUYS HAVE NO RECORDS?"
E*Trade knows where the money came from, but Matt did not because E*Trade prevents many employees from having access to ACH data. I had this problem after a credit card firm said I had missed a payment that I had made on-line. They said the payment was rejected by the bank; I asked what bank rejected it (if it was mine, then I would check with them). The rep did not know; she didn't have access to that data.
Apparently it is hard to track down. I challenged the late-payment fee in writing unless they told me what bank rejected it. The CC firm credited me the fee rather than provide the info.
May 19, 2006 9:51 AM
when i called the cops back they seemed floored that i had done all this work on my own. that i had done their jobs for them. one of the thieves was arrested at the record store when they came back.
my lesson learned: cops are too busy to really care
They cared enough to come arrest the guy at the record store on your say so. Few PDs have the resources to investigate non-violent robberies. Even fraud in the six-figure range is hard to deal with. At Columbia U. in the 1990s an employee defrauded and embezzled 100Ks of meals, equipment, and cash. When caught he paid some restitution but served weekends only in jail. Why such a light sentence? Prosecutors said that if he fled he would virtually impossible to re-arrest. Few PDs would put any effort into searching for a non-violent offender.
May 19, 2006 9:57 AM
Sue them now, maybe you can get your money with all interest back. you will get only 5k back if they really do this in next five days.
Small claims court might work, but attorney's fees will quickly exceed the 5K.
May 19, 2006 9:58 AM
Wil - Contact the US Postal Inspection Service Seattle field office at 206-442-6300. They have Special Agents ready to help. Put your tax dollars to work for you.
May 21, 2006 3:11 AM
It is actually **easier** to initiate an ACH transfer than what Wil suggests here; it can be as simple as knowing your checking account number and bank routing number.
Anyone concerned about unauthorized and/or fraudulent ACH transfers should contact their bank to get an ACH block placed on the relevant accounts. This will block all ACH transfers out of the account. If you need to allow some ACH transfers (such as auto-payment for a credit card), it may be possible to allow transfers only to a pre-approved list of accounts.
May 21, 2006 11:34 PM
"Let me say that again. ANYONE can call the bank and say, "Hi, I'd like to make an ACH transfer from this account to this other account at a different financial institution of ill-repute, and I swear I'm really Wil Shipley," and they'll do it. Just like that. There's no password, no signature, no record."
"Really?! REALLY? REALLY? IS THIS REALLY HOW IT WORKS?"
Actually, no. There is no requirement for a SSN. All they have to know to take money out of your account is the account number and the bank routing number. Printed on every check, there is no security at all for the consumer aside from the 60 day window to protest.
May 22, 2006 2:23 PM
E trade handles all of Apple's employee stock purchase plan accounts. Perhaps Apple should start looking for a more reliable vendor for that business? After all, there are so many to choose from.
-jcr
May 22, 2006 3:29 PM
Have you seen this Cocoa developer.
May 22, 2006 3:30 PM
Wil,
I wouldn't bother with any further communication to E-Trade except for a summons. As soon as any paperwork hits their legal department, you'd better believe they'll get it fixed ASAP.
-jcr
May 22, 2006 3:30 PM
Mark: Yes, I've seen that cocoa developer.
May 22, 2006 3:36 PM
Let's Burn The Fuckers!!!
May 22, 2006 4:14 PM
One of the biggest scams that the banking and credit card industry has perpetrated is to convince their own customers that the account holder is the victim of identity theft.
Let me tell you... If someone opens a false account in my name and kites a bunch of bad checks, the bank should be the victim - not me. And if some jerk phones up e*trade and wires $5k out of Wil's account then e*trade is the victim - not Wil.
Through a campaign of fear mongering, they convinced us to be afraid of identity theft (aarrrggh!, someone is taking my identity!). Once we were afraid we were one step away from being victims. And once we accepted the victim role, we got screwed.
Seriously.
Now when this crap happens, it's my credit rating that is sent into the toilet. Or Wil's $5K that gets frozen, or worse... what if you needed that money to pay your mortgage?
As software developers, we all know how to make this stuff work rock solid, but Social Security Numbers? "Can I have your mother's maiden name for verification?" Are you kidding me? This is their idea of "security"???
If the banks actually ended up paying for all the stupid things they do that LET PEOPLE TAKE MONEY from poorly secured accounts then maybe, just maybe, they'd do something about it. But to add insult to injury, the bank will probably be happy to sell you their "gold credit watch" service for $49/year. I.e., they want you to pay to protect yourself from their lax practices.
I'm just trying to change the way that people think about this crap. The bank was the victim of the identity theft. Wil, you were the victim of the bank.
May 22, 2006 11:42 PM
I can take care of them for you, they won't bother you anymore...
Clean and cheap, no evidence...
May 23, 2006 2:07 AM
LOL @ the guy about moving to Europe. It's the same here in Canada pretty much, the banks will fall over backwards and kiss your ass like you wouldn't believe IF this ever happened, which of course wouldn't. My bank tellers know me personally and in order to do anything on the phone you need to jump through about 10 hoops. Also there's very little on a cheque that would be useful.
Good luck with this Wil. I'd agree with most of the people here to start calling some serious authority figures. Don't live in the states so I can't say who, but FBI and that postal service authority thing someone mentioned sound pretty good to me!
May 23, 2006 10:06 PM
It's been over 5 days. What happened?
May 24, 2006 2:41 PM
Having worked in the Finance industry the other thing that scares banks is "Know Your Customer". Its a huge deal these days about preventing money laundering and many financial institutions get hit with big fines for not having the right procedures in place. Where I worked, every single employee, including contractors, had to complete an online tutorial about KYC and Money Laundering. I was in IT, but I believe kitchen staff were expected to do it as well.
Anyway if E*Trade opened account under your name and it wasn't you and worse couldn't identify where he money came from, then their KYC / Money Laundering prevention is seriously faulty and should be reported to the SEC.
May 25, 2006 4:46 PM
That great ETrade Service/Communications!
It took them 6 months to close my account, many telephone hours of we'll take care it. Meanwhile they sold some stock and collected $520 in service charges.
An automated E*Rip-Off.
May 26, 2006 11:18 AM
Now that you have your money back, where's your update? Seems that the financial institutions (E*T / B of A) aren't really to blame after all... One thing you did right is not take the advice of the (I'm sure well meaning but misinformed) bloggers. Still wondering why you didn't reply to my PM offer to assist you the day that you created this blog.
May 26, 2006 4:40 PM
Former: I'm not sure how you determined I have my money back... psychic? At any rate, I had a lot of very generous offers of assistance, but since I finally got some traction at E*Trade itself, I decided to give them their week.
And the update is happening... now!
May 26, 2006 6:02 PM
It would be highly unlikely after this amount of time that your issues would remain unresolved, so I just assume you have your money back. If not, I'm wrong but I was waiting to hear how it came out.
May 26, 2006 7:01 PM
ACH is easy to use IF you're setup to do that sort of transfers. Generally, banks won't let you do ach unless you're a business and you've gone through their risk analysis. However, that's not exactly hard for someone like E*trade. And once you have that ACH access, you need something (remotely) like the account holder's name, and their account & routing number. The SSN really never enters into it. The only real control is trust in the party making the initiation.
Depending on exactly which sort of ACH, you have between 2 and 60 days to dispute what happened - If it's a business transaction code it's the lower end of the spectrum, since there are supposed to be tighter controls on those accounts.
You should have been able to go into BoA in that time and advise them that this was not an authorized transfer, sign an affidavit under penalty of perjury, and BoA would then be able to return the ACH and grab your money back. E*trade could dishonor that return, but that doesn't happen often.
The real security problem is that someone managed to open an account in your name at Etrade. Etrade should have done a much better job about handling the cleanup from that mistake.
May 26, 2006 11:51 PM
Sue them now, maybe you can get your money with all interest back.
No offense, but when I read this I thought "Heh, Americans..."
This is probably due to the McDonalds thing: "I'm gonna sue you because your fat makes me fat". I'm glad the court had some sense and dismissed that.
I can't help but think suing is a very slow, expensive, and pointlessly stressing solution, and should be the very last resort.
May 27, 2006 2:07 AM
Wil Shipley said...
If there's a TV movie, I want to be played by George Clooney. Or N.P.H.
Naw, try Drew Cary!
May 27, 2006 11:48 AM
Drew Carey rules.
May 27, 2006 12:47 PM
What's really inspiring about this bean counting is that it takes no time or red tape at all to do the wrong thing but it's nigh on bureaucratically impossible to do the right.
You poor!
May 30, 2006 9:53 AM
oh! My God! That's awful!
i keep getting mail from E Trade as well, it's such a shady organisation.
May 31, 2006 11:38 AM
It took me a month to get my money out of my last eTrade CD. It was going to be early withdrawal, so I had to pay a penalty. By the time I got the money, it would have been a normal withdrawal with no penalty. But after a few weeks of waiting an going to the local eTrade office every day to personally ask why it's taking so long, I was just happy to get my money, and I did not care about the penalty. I'll never deal with them again.
June 01, 2006 10:06 AM