Thursday, November 3, 2011

Hacking It

I guess it's not much fun to be a banker these days, especially if you're one of the people running the joint.  You're greedy, you're rolling in the cash, and, damn you, it's all your fault that the country's economy is falling apart.

Uh-huh.

The dumbbells who are setting up camp sites all over metropolitan areas have Wall Street and the scumbag bankers in their crosshairs and, while I'm no supporter of the "added fees" we all find in our debit columns of our bank accounts, there are two sides to every argument.

Here's mine.

All my banking business is done with Chase.  I had been with Washington Mutual and you all know where that went.  I got absorbed when WaMu dried up like a bag of beef jerky.  And, to me, this provided some symmetry.  My dad had been a longtime banker with then-Chase Manhattan.  Okay, if it was good enough for my father...

I've been quite impressed by Chase.  They have a lot of protections that you can place on your account to prevent the ever-present fraud mavens in our world.  You know what I mean?  If your account goes below five bucks, you have to be contacted.  If someone walks into a bank and pretends to be your long lost aunt, you get a call.  If you burp while in line at the ATM, a bank officer phones to ask you what you had for lunch.

Admittedly, it's a little bit of Big Brother, but when it comes to my dough, I'll take as much uncomfortable surveillance as possible.

Last year, when I was in Dallas, I used my ATM card.  Since I hadn't been in that city for some time, some do-hickey in the great Chase scheme of things started to buzz.  I got a voice mail telling me that these purchases were being made and wondered whether they were being made by me.  Please call and confirm.  I did so, alerting them that Texas was frequently on my approved list of itineraries and, oh, by the way for future reference, anything below the Equator is not.

I was good to go.

So, last week, I head to Boston for a few days.  When I got home, there was an e-mail from Chase Banking On-Line.  Hmm, they've noticed that I had made some transactions in an "unusual location."  I ignored it mainly because it didn't ask for any additional action.  I wondered why Chase themselves had not called me directly.

One day later, another e-mail.  Shame on me for not answering the first one.  If I didn't confirm within 48 hours by clicking on some link, all my Boston purchases would head off to the fraud department.

Huh?

I stupidly clicked on the link.  It took me to a very official Chase-looking screen that asked for all my personal information, including social security number and favorite side vegetable.  Something was not passing the smell test.  While it all looked perfectly legit, I couldn't understand why Chase would need all my personal details again.  Weren't they on file?

Plus I went into my account on-line and discovered that, of all things, my Boston purchases had cleared in good standing.

I went back to the e-mail from Chase On-Line and reread it.  The last sentence tipped me off that this indeed had come from a hacker.  I print it verbatim.

Please Note:

If we do no receive the appropriate account verification within 48 hours, then we will assume this Chase Bank account is fraudulent and will be suspended. The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community.

"If we do no receive..."

Would a major banking institution like Chase put out an e-mail that sounded like it was written by the last cab driver that drove me home from LAX?  Did this super-large company have no need for spell or grammar check on their servers?

Yeah, this was all bogus.

I called Chase customer service and reported this to their "abuse" department.  It's sad that such a division must exist in the first place.  I got the following acknowledgement from them.

Thank you for submitting a suspicious e-mail message for our evaluation. We review each message submitted to us via e-mail and will determine if further action is needed. A number of the suspicious e-mail messages customers and others receive appear to have originated from Chase. Fraudulent e-mail takes on many forms. Most commonly, the originators try to impersonate legitimate businesses in hopes of tricking innocent customers into providing confidential information such as account numbers or Social Security numbers.

Yeah, that's exactly what they did to me.  Lesson learned.  Luckily, no fuss, no muss.

But, I thought about the other suckers who were a little too quick to respond to these phony e-mails.  How much money did they lose?  Okay, in reality, how much money did the bank lose?

Yep, there might be more than just greed behind your bank's decision to add an additional fee to your checking account on a monthly basis.  In 2011, they might be doing this to simply survive.

I began to think about all the other ways these banking institutions can get screwed.  People cutting corners on their mortgages.  Folks not paying back student loans.  Shitheads looking for one loophole after another to beat the system.

We hear today about the poor and oppressed "99%."  Just so you all understand that, embedded in that number, is a growing percentage of rat bastards more than willing to rip you off.

Dinner last night:  Chicken and broccoli from PF Chang's. 

No comments: