My question exactly. Before credit cards were so common, checks were a hugely popular form of payment at stores, and even restaurants. It would be trivial to grab numbers off checks–no hi-tech skimmers required. Why wouldn’t this have been just as prevalent as credit card fraud is today?
I used to make withdrawals by filing out a withdrawal form with my name and account number and a ‘signature’.
One of the ways businesses delt with this kind of problem was to have seperate deposit and payment accounts, that didn’t have much money in them.
As I said in an earlier post, the problem is getting the money out of the system and getting away. Some people are none too bright, or hope you won’t notice the occasional small cheque, and simply pass “bad” cheques. Some businesses use the false front of a questionable business, like a book club, and rely on appearing legit and consumers giving up on chasing them. I suspect shady businesses eventually get a visit from the consumer protection branch of the local police.
Overseas? For a while, the banking systems were connected but the banks were not alert enough to the possible damage to be done. it’s one thing when the fraudulent transfer comes from some American bank, or some major bank in a western country. Once third world banks got hooked into the system, it was a short window where the transfers could happen, then money would disappear into some third world hole where the local police were not motivated to chase down the suspects. This alerted the banks to close their open doors. Today, I doubt that a bank in Nigeria can do a direct transfer out of a US bank- there are probably a dozen checks and balances in place first.
I think too that the shady book club would run afoul of many data privacy laws - the need to protect and not store financial data that was unnecessary, etc. Why would they keep your bank information once the cheque cleared.
Do people not reconcile their bank accounts anymore, or hell, even just review their bank statements for charges that don’t make sense? I’m pretty sure that most banks will credit back any fraudulent charges as long as the bank is notified within 60 days of receiving your statement.
Sadly, quite a few people don’t check. The trick is figuring out which ones these are. The ones that do check will get the investigation rolling. they you’re back to the problem of how to get away.
Crook A asks his bank B to transfer a sum from Bank C account D. When D complains, C will ask B to provide proof the transaction was authorized. B will provide a document from A which will prove to be fraudulent. Like a bad cheque, if B initiated a transfer that was not authorized, they are on the hook for whatever money disappeared to A. The only gotcha is if B is in Nigeria and there is no way to force them to give back the money… or if B closes shop and can’t make restitution.
Your share your computer’s current publicly routable IP address with every computer you connect to on the Internet, and every computer that handles intermediate traffic between your ISP’s edge routers and every computer you connect to. Hiding your publicly routable IP address is as pointless as hiding your mailing address from your pen pal.
Note that I said “publicly routable”: In this age of NATting, your computer may be assigned an IP address which isn’t routable, which means it’s only good on your local network, usually a small LAN or a somewhat larger corporate network. When a packet from your computer enters the public Internet, it’s relabeled with a new address (address port pair, if you must), which is good for the rest of the whole world and will allow any computer from the outside to access it unless other security precautions are taken. NATting alone isn’t a security precaution, just a conservation of a very finite resource.
Having read through this thread, it seems to me the key difference between Europe (where it is considered safe to share your bank account number) and the US (where it is considered dangerous) is this concept of “getting checks made in your name”.
In my experience, chequebooks are issued by the bank to me at my home address, and there is no way (that I am aware of) for another person to be issued with a cheque that allows him to draw on my account. If it were possible to get a blank cheque printed by a third party (not the bank in which the account is held) I imagine the merchant would be very unwilling to accept it.