The Straight Dope

Go Back   Straight Dope Message Board > Main > General Questions

Reply
 
Thread Tools Display Modes
  #1  
Old 07-05-2007, 02:20 PM
Cagey Drifter Cagey Drifter is offline
Guest
 
Join Date: Apr 2005
Can someone steal money with just a bank routing and account number?

If someone has just your bank routing and account number, can they steal money from you? If so, how do they do it? What are the security measures in place to prevent it?
Reply With Quote
Advertisements  
  #2  
Old 07-05-2007, 02:36 PM
pulykamell pulykamell is online now
Charter Member
 
Join Date: May 2000
Location: SW Side, Chicago
Posts: 30,812
Quote:
Originally Posted by Cagey Drifter
If someone has just your bank routing and account number, can they steal money from you? If so, how do they do it? What are the security measures in place to prevent it?
I would hope not since most (if not all) personal checks contain both pieces of information on them.
Reply With Quote
  #3  
Old 07-05-2007, 02:37 PM
Smitty Smitty is offline
Guest
 
Join Date: Oct 2000
That's all you need to order checks from certain third party vendors. If you could get a fake ID, you could pass them.
Reply With Quote
  #4  
Old 07-05-2007, 02:44 PM
sturmhauke sturmhauke is offline
Guest
 
Join Date: Nov 2000
Yes. It happened to me a few years ago. I don't know if any security procedures have been added since then, but there sure didn't seem to be any at the time.

What seems to have happened is that someone stole outgoing mail from our mailbox, and got checking account and credit card numbers that way. Then they used that information to set up electronic payments for stuff they wanted, leaving us with the charges. We had to change all our account numbers and transfer the balance over, but we did in the end get refunded for the fradulent charges. We also started sending mail only through actual Post Office drop points to prevent theft that way, but now we've moved to a different apartment that has its own drop point.
Reply With Quote
  #5  
Old 07-05-2007, 02:48 PM
Wee Bairn Wee Bairn is offline
BANNED
 
Join Date: Apr 2006
Location: Biafra
Posts: 5,734
Quote:
Originally Posted by Smitty
That's all you need to order checks from certain third party vendors. If you could get a fake ID, you could pass them.
Are these type check vendors required to verify the info they receive? If not, why do banks accept them? You wouldn't even need to get the fake ID if you are paying by check through the mail.
Reply With Quote
  #6  
Old 07-05-2007, 02:55 PM
CookingWithGas CookingWithGas is offline
Charter Member
 
Join Date: Mar 1999
Location: Tysons Corner, VA, USA
Posts: 9,745
I pay my state taxes online and all they require is a routing/transit number and the account number. However, they know whose taxes you are paying, so it's not like you are going to run away with merchandise.

Quote:
Originally Posted by Wee Bairn
Are these type check vendors required to verify the info they receive?
I think they may require a voided check for your first order. But all you'd have to do is steal a check.
Reply With Quote
  #7  
Old 07-05-2007, 02:59 PM
Cagey Drifter Cagey Drifter is offline
Guest
 
Join Date: Apr 2005
All this is rather shocking in this day and age.
Reply With Quote
  #8  
Old 07-05-2007, 03:23 PM
Uncommon Sense Uncommon Sense is offline
Guest
 
Join Date: Oct 2002
Quote:
Originally Posted by Cagey Drifter
All this is rather shocking in this day and age.
Right, another reason to do away with checks altogether.
Reply With Quote
  #9  
Old 07-05-2007, 04:14 PM
Harriet the Spry Harriet the Spry is offline
Guest
 
Join Date: Jun 2003
Quote:
Originally Posted by sturmhauke
Yes. It happened to me a few years ago. I don't know if any security procedures have been added since then, but there sure didn't seem to be any at the time.

What seems to have happened is that someone stole outgoing mail from our mailbox, and got checking account and credit card numbers that way. Then they used that information to set up electronic payments for stuff they wanted, leaving us with the charges. We had to change all our account numbers and transfer the balance over, but we did in the end get refunded for the fradulent charges. We also started sending mail only through actual Post Office drop points to prevent theft that way, but now we've moved to a different apartment that has its own drop point.
It seems like the perpetrator here had access to a lot more than your check routing and account numbers .
Reply With Quote
  #10  
Old 07-05-2007, 04:16 PM
t-bonham@scc.net t-bonham@scc.net is offline
Guest
 
Join Date: Mar 2003
Quote:
Originally Posted by Uncommon Sense
Right, another reason to do away with checks altogether.
Oh, bull! And replace them with what?

At least with paper checks, I can point to the bottom and say 'that signature is not mine' and easily show they are fraudulent. It's a lot harder for EFT, Paypal, online or phone credit cards, etc.

I've been paying bills by check for over 40 years now, and never had a fraud case. I've used credit cards for far fewer years, but have had 2 cases where somebody many states away was charging things to my credit card. And it took a lot of effort to get those charges reversed.
Reply With Quote
  #11  
Old 07-05-2007, 04:19 PM
Harriet the Spry Harriet the Spry is offline
Guest
 
Join Date: Jun 2003
Quote:
Originally Posted by CookingWithGas
I think they may require a voided check for your first order. But all you'd have to do is steal a check.
Additionally, they mail the new checks to the address on the old check. The weakness is in the security of the mailbox. So you would need to steal a blank check, then commit the federal crime of stealing the new checks from the mailbox. In a practical sense, many people's mailboxes are not secure, though.
Reply With Quote
  #12  
Old 07-05-2007, 04:55 PM
Mike Fun Mike Fun is offline
Guest
 
Join Date: Mar 2007
Not only is it possible, it's extremely easy via EFT. I won't elaborate on how to do so, but at my work I have seen it happen many times.
Reply With Quote
  #13  
Old 07-05-2007, 05:21 PM
sturmhauke sturmhauke is offline
Guest
 
Join Date: Nov 2000
Quote:
Originally Posted by Mike Fun
Not only is it possible, it's extremely easy via EFT. I won't elaborate on how to do so, but at my work I have seen it happen many times.
That seems to have been what happened to me. The bank pretty much said that it was the most likely explanation.
Reply With Quote
  #14  
Old 07-05-2007, 05:40 PM
Geek Mecha Geek Mecha is offline
Guest
 
Join Date: Feb 2000
I assume this is what happened with my checking account last year. Someone started passing checks with my account and routing numbers, but entirely different names, addresses, phone numbers, signatures, and check designs. They passed about a dozen checks worth several hundred dollars. Since I rarely pay anything but rent and utilities with checks and I've never been told my payment wasn't received, I suspect a bank statement (containing cancelled checks) was stolen out of my mailbox.

Thieves suck and should burn in hell, etc., but I am most upset with my bank for not having sirens going off and red flags waving when those obviously different checks appeared. Apparently, the discrepancies raised no alarms, and if they did, no one checked into it or deeply enough. It's the primary reason I'm leaving that bank. (I live in a better, more secure apartment now, too.)
Reply With Quote
  #15  
Old 07-05-2007, 06:02 PM
Gfactor Gfactor is offline
of the Gladiators
Moderator
 
Join Date: Dec 2003
Location: Detroit
Posts: 9,491
As a poster:
Quote:
When providing over the phone a checking account number and a bank routing number (numbers reproduced at the bottom of the check), you are giving the caller the opportunity to withdraw money from your account as if you had written a check. In most states, including Michigan, you can pre-authorize a draft from your checking account. This occurs when you provide your checking account and bank routing numbers and authorize a certain amount of money to be withdrawn from your account. Your signature is not required for money to be drawn out of a checking account in this manner. Demand drafts closely resemble checks and are processed through the check clearing system, which handles millions of items daily.
http://www.michigan.gov/ag/0,1607,7-...2462--,00.html

Factual answer: Under some circumstances, yes, that's enough information for some people to get money from your account.
Reply With Quote
  #16  
Old 07-05-2007, 06:04 PM
Gfactor Gfactor is offline
of the Gladiators
Moderator
 
Join Date: Dec 2003
Location: Detroit
Posts: 9,491
As a moderator:

Let's keep the discussion about whether it's possible and refrain from discussing methodology.

Gfactor, General Questions Moderator
Reply With Quote
  #17  
Old 07-05-2007, 06:26 PM
Common Tater Common Tater is offline
Guest
 
Join Date: Jul 2006
Quote:
Originally Posted by AudreyK
...but I am most upset with my bank for not having sirens going off and red flags waving when those obviously different checks appeared. Apparently, the discrepancies raised no alarms, and if they did, no one checked into it or deeply enough. It's the primary reason I'm leaving that bank. (I live in a better, more secure apartment now, too.)
I don't believe this is a good reason to leave a bank, not at all. Checks are machine read and processed, so there isn't anything to be gleaned by green, sparkly checks one day and something completely different the next. This is the same reason post-dating checks doesn't work nor mean anything legally. To further add insult to injury, modern banking regulations just enacted by congress makes a written check, theoretically at least, payable on the spot or very nearly so.
Reply With Quote
  #18  
Old 07-05-2007, 07:08 PM
ASAKMOTSD ASAKMOTSD is offline
Guest
 
Join Date: Apr 2006
As a manager of mine (an EVP of a Credit Union) said to me long ago when I would come up with various ways that people could steal from the CU: "Never embezzle with a check. It passes through too many hands."
Reply With Quote
  #19  
Old 07-05-2007, 08:09 PM
bob_co bob_co is offline
Guest
 
Join Date: Jul 2007
I know a person who was a door to door salesman for bottled water. Part of the contract agreement for what he was selling was an authorazation for automatic withdrawl of the monthly bill. Apparently this gave him the routing and account numbers for hundreds of accounts. Someone stole this information from one of the business computers without being noticed and they literally printed their own checks for about a year and a half before being caught.
Reply With Quote
  #20  
Old 07-05-2007, 08:12 PM
psychonaut psychonaut is offline
Guest
 
Join Date: Apr 2001
I'm not denying that it's possible, but I can testify that it's so unlikely as not to deter companies in continental Europe from printing this information on their letterhead. I worked for three years for a German university research institute, and our bank, routing number, and account numbers were printed for all to see on the official letterhead we used for all correspondence. Similarly, whenever I received a letter from a company, government agency, or sometimes even an individual, this information would be included along with the return address and phone number.
Reply With Quote
  #21  
Old 07-05-2007, 09:05 PM
Balthisar Balthisar is offline
Charter Member
 
Join Date: Nov 2000
Location: Nanjing, China
Posts: 8,931
Quote:
Originally Posted by psychonaut
I'm not denying that it's possible, but I can testify that it's so unlikely as not to deter companies in continental Europe from printing this information on their letterhead. I worked for three years for a German university research institute, and our bank, routing number, and account numbers were printed for all to see on the official letterhead we used for all correspondence. Similarly, whenever I received a letter from a company, government agency, or sometimes even an individual, this information would be included along with the return address and phone number.
Even in fraud-prone Mexico this is standard practice. It's how I paid my rental deposit for a job a few years ago; it's how I paid the fishing charter; and it's how a lot of companies prefer big payments.
Reply With Quote
  #22  
Old 07-05-2007, 11:41 PM
Geek Mecha Geek Mecha is offline
Guest
 
Join Date: Feb 2000
Quote:
Originally Posted by Common Tater
I don't believe this is a good reason to leave a bank, not at all. Checks are machine read and processed, so there isn't anything to be gleaned by green, sparkly checks one day and something completely different the next. This is the same reason post-dating checks doesn't work nor mean anything legally. To further add insult to injury, modern banking regulations just enacted by congress makes a written check, theoretically at least, payable on the spot or very nearly so.
Granted, but I no longer feel secure with them.
Reply With Quote
  #23  
Old 07-06-2007, 03:04 AM
si_blakely si_blakely is offline
Guest
 
Join Date: Jul 2002
Quote:
Originally Posted by psychonaut
I'm not denying that it's possible, but I can testify that it's so unlikely as not to deter companies in continental Europe from printing this information on their letterhead. I worked for three years for a German university research institute, and our bank, routing number, and account numbers were printed for all to see on the official letterhead we used for all correspondence. Similarly, whenever I received a letter from a company, government agency, or sometimes even an individual, this information would be included along with the return address and phone number.
In the UK, account and sort code info are NOT sufficient information to allow withdrawal from an account (anyone can put money in). Companies that operate Direct Debit require your signed authority and (as a company) must be vetted by the banks before they can operate in that manner. Otherwise, banks cannot move money out of your account without additional identification. These days, this info will be much more than public information (like date of birth/mothers maiden name etc). I'm hopeful that banks will start using security tokens to validate access (private code plus personal time varying code) to really make things secure.

Si
Reply With Quote
  #24  
Old 07-06-2007, 03:16 AM
Mangetout Mangetout is online now
Charter Member
 
Join Date: May 2001
Location: England
Posts: 51,713
Quote:
Originally Posted by Uncommon Sense
Right, another reason to do away with checks altogether.
Speaking of which, I was mildly surprised the other day to see a sign in Sainsburys (one of the big supermarket chains in the UK) stating that they will no longer be accepting cheques as payment from 1st August. I guess it had to happen sooner or later and I suppose it makes perfect sense - since they always require a cheque guarantee card now, and those cards are nearly always their own means of payment anyway (they're typically credit or debit cards).
Reply With Quote
  #25  
Old 07-06-2007, 06:01 AM
Ottoerotic Ottoerotic is offline
Guest
 
Join Date: Jun 2001
Quote:
If someone has just your bank routing and account number, can they steal money from you? If so, how do they do it? What are the security measures in place to prevent it?
Short answer, yes technically they can, and short of never using bank accounts there isn't much you can do to prevent it.

The good news is that you are pretty well protected in most cases. The worst possible scenario is someone simply printing checks of their own with your info on them and signing them as was already mentioned. This requires the theif to actually perform the fraud in person though and they run the risk of being asked for ID or being caught on camera. More often than not the thieves prefer to simply use the numbers to do ACH transactions. The good news about this is that as long as you report the fraudulent activity within 60 days of receiving the statement there is nearly a 100% chance of you getting all of your money back in a very short time.

Is it possible to steal your money and get away with it? Of course it is, there is a gentleman from Ohio that has been doing it for at least 6 years across the country and will probably never get caught. I won't get into exactly how he does it, but it does involve raiding the mailboxes of people who put those little red flags up. Even in this worst case scenario though, the customer is made whole again very quickly. (Its actually easier in this specific case because most fraud officers at major banks can recognize this particular felon's handwriting)

So it is an issue, but I wouldn't lose any sleep over it.

Last edited by Ottoerotic; 07-06-2007 at 06:02 AM..
Reply With Quote
  #26  
Old 07-06-2007, 06:13 AM
Common Tater Common Tater is offline
Guest
 
Join Date: Jul 2006
Quote:
Originally Posted by AudreyK
Granted, but I no longer feel secure with them.
But, you'll be no more secure with a different bank. Just sayin'.
Reply With Quote
  #27  
Old 07-06-2007, 07:21 PM
CookingWithGas CookingWithGas is offline
Charter Member
 
Join Date: Mar 1999
Location: Tysons Corner, VA, USA
Posts: 9,745
Quote:
Originally Posted by bob_co
I...they literally printed their own checks for about a year and a half before being caught.
That's interesting. The numbers at the bottom are printed in special magnetic ink. I suppose if the machine can't read it, it just goes to manual rather than triggering a fraud alert.
Reply With Quote
  #28  
Old 07-06-2007, 09:54 PM
Ottoerotic Ottoerotic is offline
Guest
 
Join Date: Jun 2001
True they are printed with Micr ink which has magnetic properties, however with so many small businesses out there doing their own payroll the ink isn't as inaccessible as it used to be. You can also enter the numbers and there are enough bank issued checks that use cheap ink so that it isn't unusual for a cashier to manually punch in the numbers.
Reply With Quote
  #29  
Old 07-06-2007, 10:03 PM
hlanelee hlanelee is offline
Charter Member
 
Join Date: May 2003
Location: Great Salkehatchie Swamp
Posts: 1,195
In January 2004, Mrs.lanelee did a "check over the phone" transaction. She gave out the account number and routing number and they had a recording of her okay the transaction. I did not know that this took place and in April 2005 a counter check was issued so I called the bank to find out how and why. I was told that Mrs.lanelee had authorized the transaction that month and the bank was shocked, shocked I tell you, to find out that Mrs.lanelee had died in June 2004.
Reply With Quote
  #30  
Old 07-07-2007, 01:24 AM
t-bonham@scc.net t-bonham@scc.net is offline
Guest
 
Join Date: Mar 2003
Quote:
Originally Posted by CookingWithGas
That's interesting. The numbers at the bottom are printed in special magnetic ink. I suppose if the machine can't read it, it just goes to manual rather than triggering a fraud alert.
You can buy a toner cartridge for most of the major laser printers containing micr ink, so it's pretty easy to print real, MICR-encoded checks at your laser printer. There are several software packages to let you do this -- VersaCheck is one of the biggest.

But the magnetic toner is hardly necessary. Nearly all the bank check-sorting machines now have the capability top do both MICR reading and normal OCR scans on those numbers. (Back in 1954, when MICR was designed, OCR reading was primitive & unreliable, so they went with the magnetic ink.) If it doesn't read with the MICR, they just get the OCR read of those printed numbers. All automatic, never even noticed by the bank employees. There might be a few banks out in the sticks with real old machines, that do require manual intervention, but they pretty rare now.
Reply With Quote
  #31  
Old 07-07-2007, 06:34 AM
Ottoerotic Ottoerotic is offline
Guest
 
Join Date: Jun 2001
Yes, I neglected to mention that banks can certainly read it regardless of the ink used. Most grocery stores and the like however, at least the ones around here, have older equipment and if the check doesn't have the micr ink they're forced to enter it by hand. Since they do this frequently though, it doesn't usually raise any suspicion or concern on the merchants end.
Reply With Quote
  #32  
Old 09-05-2014, 11:17 PM
mtp7389 mtp7389 is offline
Guest
 
Join Date: Sep 2014
mike

Yeas in fact it has just happened to me in todays day of supercomputers all you need is some ones routing number and account number which are easily available but you really have to have the account number. Which some people like myself are willing to share online if we believe we are sharing with a reputable company which we may be but their site could be hacked and someone is skimming data from them without their or your knowledge. routing numbers are even easier because all banks and credit unions post them online.

Then as in my case all the thief's have to do is generate a fake electronic check and put your email address which usually is your real email address which they skimmed with the account number and use the IP address of the server you were on. Fortunately that is the only unique piece of data that the thief's can't get their grubby little fingers on and is the only thing that proves you didn't initiate the transaction making a legitimate purchase for goods or services.

Every computer has a unique IP. I have looked up my own before and others who gained entry to my Google account which is provided in the security settings a google.com if you have a google account. So as long as you don't share you personal IP you are safe. Another tip off is when an electronic check is generated for A so called membership when the account owner has a debit or credit card which are harder to spoof due to the security code and other identifiable trackers when used.

So if you too get your bank account emptied for every dollar as I have tonight you will surely believe that it does and can happen even in todays age. Luckily the banks can figure it out and return the stolen money to you but they will never see it because chances are it has already left this country headed for somewhere over there.
Reply With Quote
  #33  
Old 09-06-2014, 01:05 AM
Doug K. Doug K. is online now
Guest
 
Join Date: Jul 1999
Quote:
Originally Posted by mtp7389 View Post

Every computer has a unique IP. I have looked up my own before and others who gained entry to my Google account which is provided in the security settings a google.com if you have a google account. So as long as you don't share you personal IP you are safe. Another tip off is when an electronic check is generated for A so called membership when the account owner has a debit or credit card which are harder to spoof due to the security code and other identifiable trackers when used.
In most cases every computer in a given location will share the same public IP. At my workplace (a small school district) that's hundreds of computers, tablets, and smartphones. A handful of devices on our network always have the same private IP, but most will have different IPs from one day to the next, or even multiple IPs in the same day if they aren't left on all the time. And private IPs are only unique within a subnet. You could have a block of houses with internet access and every house could have a device with the IP 192.168.0.1 or 10.10.10.1, depending what addressing scheme they use.

Chances are what you think of as your "personal IP" starts with either 192.168 or 10.10.
Reply With Quote
  #34  
Old 09-06-2014, 02:55 AM
ALOHA HATER ALOHA HATER is offline
Guest
 
Join Date: Oct 2013
Printing checks is easy and account numbers aren't hard to get. But it doesn't matter because check fraud is even easier to catch than to commit. At the end you're on video if you were cashing a phony. As a criminal, wouldn't you rather buy some compromised card numbers? Get yourself a crate of Android phones you can resell, something like that. Very little exposure, not much to worry about, no paper trail that'll be held onto nigh to perpetuity.

The security simply isn't there yet for cards and that's one reason I write checks and use cash when I can.
Reply With Quote
  #35  
Old 09-06-2014, 12:30 PM
md2000 md2000 is offline
Guest
 
Join Date: Feb 2009
As several people have mentioned, the numbers on the bottom of the check could be more than enough to steal money from your account. The trick is getting away with it. This is the problem too with credit cards. How do you translate data into money? The holy grail of course, is to get the mag-stripe and PIN from an ATM card and take cash from an automated dispenser, far from human witnesses and disguised for the cameras.

For the routing information and account, as mentioned, you can make phony cheques - these then have to be passed. Like fraudulent credit cards, one option is to buy easily fenced goods - but then there are witnesses, and trails with serial numbered goods, etc.

From my experience, I suspect most banks barely do a cursory inspection of cheques for name, signature match, etc. However, merchants that sell valuable and easily fenced goods probably have their own anti-fraud measures. The trusting days of "Catch Me If You Can" are long gone. I would also not be surprised if the US banks apply some of the same antifraud patterns to cheques that they do to credit card transactions, looking for unusual patterns.

If you create electronic transfers - well, I typically use these for more established vendors - the city for taxes, my cable company or to pay the heating bill. They want this information for regular withdrawals, and so are not the sort to monkey with accounts.

I don't know what criteria banks use to allow account transfers, but I suspect if we can dream this up in a few minutes, banks have thought of this and have procedures to vet accounts that want to do a lot of paperless transactions against random accounts. I doubt you can go to the bank, set up your Acme Inc. account, and transfer money from 10,000 "customers" in one month, covert it into a cash withdrawal, and disappear - without setting off alarm bells before you even got started.

I don't even know if merchants in Canada typically still take cheques - everything is debit card or credit card nowadays. The cost for a bounced cheque is so high, that even 20 years ago one of the local restaurants I went to would have a display behind the cash register "buy back your bad cheque" where anyone could read who had written an NSF cheque. Back then, IIRC, the fee was $15 or $25 or something. There was no real upside in taking cheques when everyone had a debit card for the ATM.

Of course, the numbers are still useful to Nigerians, apparently, so most banks have procedures in place to prevent transfers to foreign banks.
Reply With Quote
  #36  
Old 09-07-2014, 05:01 AM
Senegoid Senegoid is offline
Member
 
Join Date: Sep 2011
Location: Sunny California
Posts: 7,600
About a year ago, someone in my apartment rental office lost the rent check I gave him (about $600). This was discovered about a week later when the manager called me to ask where the rent was.

I went to the bank to stop payment on the check (for which there would have been a fee, of course). They told me that if such a check had fallen into the wrong hands, anyone with those two magic numbers could suck money out of my account. The bank, therefore, insisted that I close the account altogether and open a new account -- all of which they did for me without any fee at all.
Reply With Quote
  #37  
Old 09-07-2014, 09:57 AM
Fubaya Fubaya is offline
Guest
 
Join Date: Apr 2008
I fell victim to a checking "scam" although I guess it was legal. At a kids event there was some some educational company selling a "$50 a month membership and we'll send tons of educational books" thing. No way was I doing that, but I bought one book that my daughter liked and paid with a check. They took my email address and I later got an email. When I clicked a link in it that was supposed to go to a special offer, a page briefly said "thanks for joining" or something, then it went to their main page.

Six months later, I noticed that I was being charged $19.99 a month by some company. I googled them and found it was the book people charging for membership to their site. A lot of people were complaining about them online. If you click the link in the email, apparently the site briefly flashes info saying you've signed up for monthly membership, but it's so fast you can't read it. I never signed up or gave them a credit card or anything, they had taken the numbers from my check then planted the email link which went to a special page for my address. The email wasn't necessary to get my money, it was just to keep it legal.

I talked to my bank who suggested I call the company and see if they'd give the money back, otherwise they'd refund it, close my account and open another, and let their fraud team go after the company. The company said they'd refund half, so I took that and let the bank handle the rest.
Reply With Quote
  #38  
Old 09-07-2014, 11:42 AM
Hey Hey Paula Hey Hey Paula is offline
Guest
 
Join Date: Mar 2000
Quote:
Originally Posted by sturmhauke View Post
That seems to have been what happened to me. The bank pretty much said that it was the most likely explanation.
It happened to us too. Thief stole outgoing mail I had left on our mailbox at home (I now mail everything at work or an official post office drop box) and made checks with my husband's account information and routing number, with her (fake) name and address. She then went on a spending spree. We had closed both husband's and my accounts, but husband's account didn't get closed properly - the bank clerk meant to leave it open only for his upcoming Social Security direct deposit, no outgoing funds, but that didn't happen somehow. It took us a while to get everything straightened out, but the money was eventually all refunded.
Reply With Quote
  #39  
Old 09-07-2014, 01:20 PM
EdwardLost EdwardLost is offline
Guest
 
Join Date: Apr 2009
This topic is something that has puzzled me for a long time. I would read these stories all the time: Someone (usually overseas) agrees to pay you some money and you give them your account and routing numbers so they can deposit it. Next thing you know, all the money in your account has been withdrawn. Moral: Only give out your account info to reputable venders.

I have to conclude that these stories are just bogus, urban legends. The examples in posts in this thread (sad though they are) are of relatively small charges or involve check theft or forgery--nothing like the instantaneous draining of an entire balance. If two numbers could give someone such power then that horror would be happening all the time and be a HUGE issue. As pulykamell pointed out above (7 years ago) every one of the many checks we write displays those two numbers, and eventually someone "disreputable" would jot them down and we'd lose everything.

I'd really like to know the straight dope behind those stories and learn why that kind of large-scale theft does not really seem to happen.
Reply With Quote
  #40  
Old 09-07-2014, 07:34 PM
mcgato mcgato is offline
Guest
 
Join Date: Aug 2010
I was on grand jury duty in a county in New Jersey, and one of the cases that came before us dealt with this. It appeared that a courier for a number of businesses, who dealt with delivering checks as payments to vendors, had copied the account numbers and routing codes from some of the checks. He then got checks made in his name (yes, he used his real name and address) with those numbers. He then would send in payments to the cable company, utility company, etc, far in excess of the bill amount using the fake checks. If the bill for cable was 124.37, he would send a check for 1124.37. After a bit, he would contact the cable company and request a refund on the amount he payed in excess of the bill. So he would get a clean check from the cable company for 1000 that he would deposit in his bank account.

It was fairly hard to detect and prosecute, since the business had a large amount of checks going in and out. Once the business owner detected the check fraud, he went to the police who did pretty much nothing. They said that the check fraudster probably used a fake name and address. The business guy pursued it though, and he found out what was happening with the courier and pressed charges somehow.

This is all supposed to be secret grand jury testimony, so don't tell anyone. We voted to indict.

It occurred a number of years ago, so I think the secret is out of the bag.

Last edited by mcgato; 09-07-2014 at 07:36 PM.. Reason: clarity
Reply With Quote
  #41  
Old 09-07-2014, 08:35 PM
CookingWithGas CookingWithGas is offline
Charter Member
 
Join Date: Mar 1999
Location: Tysons Corner, VA, USA
Posts: 9,745
Quote:
Originally Posted by EdwardLost View Post
...If two numbers could give someone such power then that horror would be happening all the time and be a HUGE issue. As pulykamell pointed out above (7 years ago) every one of the many checks we write displays those two numbers, and eventually someone "disreputable" would jot them down and we'd lose everything.

I'd really like to know the straight dope behind those stories and learn why that kind of large-scale theft does not really seem to happen.
My question exactly. Before credit cards were so common, checks were a hugely popular form of payment at stores, and even restaurants. It would be trivial to grab numbers off checks--no hi-tech skimmers required. Why wouldn't this have been just as prevalent as credit card fraud is today?
Reply With Quote
  #42  
Old 09-07-2014, 11:29 PM
Melbourne Melbourne is offline
Guest
 
Join Date: Nov 2009
Quote:
Originally Posted by EdwardLost View Post
This topic is something that has puzzled me for a long time. I would read these stories all the time: Someone (usually overseas) agrees to pay you some money and you give them your account and routing numbers so they can deposit it. Next thing you know, all the money in your account has been withdrawn. Moral: Only give out your account info to reputable venders.

I have to conclude that these stories are just bogus, urban legends.
I used to make withdrawals by filing out a withdrawal form with my name and account number and a 'signature'.

One of the ways businesses delt with this kind of problem was to have seperate deposit and payment accounts, that didn't have much money in them.
Reply With Quote
  #43  
Old 09-08-2014, 10:42 AM
md2000 md2000 is offline
Guest
 
Join Date: Feb 2009
Quote:
Originally Posted by EdwardLost View Post
This topic is something that has puzzled me for a long time. I would read these stories all the time: Someone (usually overseas) agrees to pay you some money and you give them your account and routing numbers so they can deposit it. Next thing you know, all the money in your account has been withdrawn. Moral: Only give out your account info to reputable venders.

I have to conclude that these stories are just bogus, urban legends. The examples in posts in this thread (sad though they are) are of relatively small charges or involve check theft or forgery--nothing like the instantaneous draining of an entire balance. If two numbers could give someone such power then that horror would be happening all the time and be a HUGE issue. As pulykamell pointed out above (7 years ago) every one of the many checks we write displays those two numbers, and eventually someone "disreputable" would jot them down and we'd lose everything.

I'd really like to know the straight dope behind those stories and learn why that kind of large-scale theft does not really seem to happen.
Quote:
Originally Posted by CookingWithGas View Post
My question exactly. Before credit cards were so common, checks were a hugely popular form of payment at stores, and even restaurants. It would be trivial to grab numbers off checks--no hi-tech skimmers required. Why wouldn't this have been just as prevalent as credit card fraud is today?
As I said in an earlier post, the problem is getting the money out of the system and getting away. Some people are none too bright, or hope you won't notice the occasional small cheque, and simply pass "bad" cheques. Some businesses use the false front of a questionable business, like a book club, and rely on appearing legit and consumers giving up on chasing them. I suspect shady businesses eventually get a visit from the consumer protection branch of the local police.

Overseas? For a while, the banking systems were connected but the banks were not alert enough to the possible damage to be done. it's one thing when the fraudulent transfer comes from some American bank, or some major bank in a western country. Once third world banks got hooked into the system, it was a short window where the transfers could happen, then money would disappear into some third world hole where the local police were not motivated to chase down the suspects. This alerted the banks to close their open doors. Today, I doubt that a bank in Nigeria can do a direct transfer out of a US bank- there are probably a dozen checks and balances in place first.

I think too that the shady book club would run afoul of many data privacy laws - the need to protect and not store financial data that was unnecessary, etc. Why would they keep your bank information once the cheque cleared.
Reply With Quote
  #44  
Old 09-08-2014, 11:32 AM
Omar Little Omar Little is offline
Guest
 
Join Date: Apr 2000
Do people not reconcile their bank accounts anymore, or hell, even just review their bank statements for charges that don't make sense? I'm pretty sure that most banks will credit back any fraudulent charges as long as the bank is notified within 60 days of receiving your statement.
Reply With Quote
  #45  
Old 09-08-2014, 11:48 AM
md2000 md2000 is offline
Guest
 
Join Date: Feb 2009
Quote:
Originally Posted by Omar Little View Post
Do people not reconcile their bank accounts anymore, or hell, even just review their bank statements for charges that don't make sense? I'm pretty sure that most banks will credit back any fraudulent charges as long as the bank is notified within 60 days of receiving your statement.
Sadly, quite a few people don't check. The trick is figuring out which ones these are. The ones that do check will get the investigation rolling. they you're back to the problem of how to get away.

Crook A asks his bank B to transfer a sum from Bank C account D. When D complains, C will ask B to provide proof the transaction was authorized. B will provide a document from A which will prove to be fraudulent. Like a bad cheque, if B initiated a transfer that was not authorized, they are on the hook for whatever money disappeared to A. The only gotcha is if B is in Nigeria and there is no way to force them to give back the money... or if B closes shop and can't make restitution.
Reply With Quote
  #46  
Old 09-09-2014, 04:16 AM
Derleth Derleth is offline
Guest
 
Join Date: Apr 2000
Quote:
Originally Posted by mtp7389 View Post
So as long as you don't share you personal IP you are safe.
Your share your computer's current publicly routable IP address with every computer you connect to on the Internet, and every computer that handles intermediate traffic between your ISP's edge routers and every computer you connect to. Hiding your publicly routable IP address is as pointless as hiding your mailing address from your pen pal.

Note that I said "publicly routable": In this age of NATting, your computer may be assigned an IP address which isn't routable, which means it's only good on your local network, usually a small LAN or a somewhat larger corporate network. When a packet from your computer enters the public Internet, it's relabeled with a new address (address port pair, if you must), which is good for the rest of the whole world and will allow any computer from the outside to access it unless other security precautions are taken. NATting alone isn't a security precaution, just a conservation of a very finite resource.
__________________
"Ridicule is the only weapon that can be used against unintelligible propositions. Ideas must be distinct before reason can act upon them."
If you don't stop to analyze the snot spray, you are missing that which is best in life. - Miller
I'm not sure why this is, but I actually find this idea grosser than cannibalism. - Excalibre, after reading one of my surefire million-seller business plans.
Reply With Quote
  #47  
Old 09-09-2014, 04:05 PM
hibernicus hibernicus is offline
Charter Member
 
Join Date: Oct 2000
Location: Dublin, Ireland
Posts: 1,967
Having read through this thread, it seems to me the key difference between Europe (where it is considered safe to share your bank account number) and the US (where it is considered dangerous) is this concept of "getting checks made in your name".

In my experience, chequebooks are issued by the bank to me at my home address, and there is no way (that I am aware of) for another person to be issued with a cheque that allows him to draw on my account. If it were possible to get a blank cheque printed by a third party (not the bank in which the account is held) I imagine the merchant would be very unwilling to accept it.
Reply With Quote
Reply



Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 07:15 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.

Send questions for Cecil Adams to: cecil@chicagoreader.com

Send comments about this website to: webmaster@straightdope.com

Terms of Use / Privacy Policy

Advertise on the Straight Dope!
(Your direct line to thousands of the smartest, hippest people on the planet, plus a few total dipsticks.)

Publishers - interested in subscribing to the Straight Dope?
Write to: sdsubscriptions@chicagoreader.com.

Copyright 2013 Sun-Times Media, LLC.