I didn’t see this in the tech section and while it may not be appropriate for GQ, I was wondering if Dopers ever came across this scenario.
I get an email from my bank late in the evening saying that someone has accepted x dollars from me. I never authorized said transaction. I instantly stop it and freeze the accounts.
The next morning, my email is spammed with literally hundreds/thousands (many were stopped by my spam blocker) of emails saying that I registered for various sites and message boards (e.g. Toshiba Help Forums, Classic Car aficionados etc. lots and lots of Russian websites) to the point that it basically shuts down my email.
So two questions:
Has anyone ever experienced the second kind of spam attack before?
Did you click a link in that first bank email to log on to your bank?
Because if so you probably went to a fake site and “logged in”, thereby giving them all the credentials they need to impersonate you at your real bank. And to really transfer all your money to someplace in Bulgaria.
And to try that email, username, and password at every one of hundreds of thousands of other sites, financial and otherwise.
If you did that your are officially pwned. As in all your money now belongs to the Bulgarian Mafia. Time to use old fashioned means like telephones and live humans to freeze everything before too many horses / dollars leave the barn never to return.
What makes you think the first email came from your bank? It is very easy to fake the email header to say that it is coming from “Bank of America” or any other bank. I am nearly 100% convinced the email came from a scammer.
I presume you clicked on the link in the email which brought you to a website that pretended to be your bank’s. Again, it wasn’t. Either the website’s address was similar to your bank’s but not actually your bank’s, or it was an entirely different address but the website itself looked convincing enough that you chose to interact with it. Anyone can copy the look of your bank’s website so you should try not to be fooled by a website that just looks the same. When you clicked on the link, the website may have installed malware on your computer. That malware could direct additional ads to your computer or spy on all the activity that you use your computer for.
Depending on the sophistication of the scam, the scammers may have asked you to log in to your bank account using your bank’s username and password. If you did so, you gave the scammers your banking information and they can exploit it to steal your money. Contact your bank immediately with the phone number on your statement or the back of your ATM card and tell hem what happened. They will start the process of shutting down your old account and opening a new one. They can check if the scammers have already tried to steal money from the account.
The scammers may also have asked you for your email login password. Your bank will never need that. It might need your email address to send you information, but it doesn’t need your login password. I assume that the scammers used this to sign up for a million newsletters and things because the scammers get paid for bringing traffic to these websites. This is mostly inconvenient but the websites may host or install additional malware. Don’t go to those websites.
Be sure to run a current version of anti-virus software on your computer to safeguard your computer from spyware.
You can sign up for email notifications from your bank, but all the ones I have ever seen say something like “A payment for $Y was generated from your account”. I can think of no situation where a bank would send you a notice saying “X has accepted a payment from your account”. That alone strongly suggests phishing.
I agree with both of these, especially the bolded part above. Stop reading the Dope and do that now. After that, file a police report.
The bombardment of signup emails might be a distraction. They may be trying to divert your attention to deal with all the spam while they empty your account. Also by flooding your account they bury the legitimate emails form your bank so you are less likely to see them and take corrective action.
(I am a computer forensic examiner and incident responder. After you call your bank and the police, PM me if I can assist.)
The email was from my bank (though I did not click on any link). I called the bank last night and closed all of my accounts. I transferred all of the funds to new accounts this morning. So I don’t think I was “phised” directly. No money was actually taken despite two efforts to do so.
Unfortunately the spam was so great that I had to change my work email address which was frustrating. I have never heard of a spam attack like this but as Bayard points out it might have been used as a distraction.
Thank you very much for your offer Bayard, I will send you a PM.
Makes me very thankful that we have only military credit union ‘bank’ accounts! I automatically know anything that doesn’t come from one of 2 military name credit unions is bogus. I have long taken the advice from some thread or another here to never click on an email link but to go to my own saved bookmarks and to mistrust anything requesting me to log in to do something. I have actually called the credit union on an email about the government leak of personal information recently to double check the information about the leak and impact on mrAru and myself.