The Fraud Blog with Tracy Kitten

Account Takeover Pt. II: The Investigation

Account Takeover Pt. II: The Investigation

It has not been a pleasant experience. But the bank credited my account for the questionable withdrawals, which totaled nearly $500 within a five- to six-hour period in two different parts of the country. While the breach is investigated over the course of the next two weeks, I just have to sit and wait. Standard protocol, so I've been told.

For me, the breach rings of irony. How could I be susceptible to a compromise like this? I write about security breaches and financial hacks for a living. I know what to look for and how to properly protect my information, right? Was I not choosy enough when it came to the ATMs I used? Did I not practice enough care when shopping online or paying for gas at the pump?

I'm going to accept that breaches are just part of modern life's equation. But I'm not going to stop trying to ensure my own security. 

I could probably save the investigators tasked with the two-week hunt into my account breach some time. No question about it: I am part of breach that includes far more than merely my mag-stripe details.

All of the fraudulent transactions that hit my account occurred within less than an hour, based on what I've gathered about the transaction history from my online banking view. One of the transactions took place in Texas, while the other six came in from Illinois.

Let's take a look at the first two transactions. One rang in at $6 and some change and was attempted at a retail location in Texas. That transaction was declined, which I learned Monday, when the fraudulent line items began shifting from pending to posted. The second transaction, which probably occurred within minutes of the first, as the fraudsters tested the waters, totaled $13 and some change at a retail store in Illinois. That charge posted, and thus was approved. After that, five consecutive transactions hit the account, all in Illinois. Aurora seems to pinpoint the vicinity, since I got hit with three transactions at a Wal-Mart in Aurora and two other transactions - one at an ExxonMobil and one at a Shell - somewhere in Illinois.

The folks that have my card details are professionals. I'm not quite sure why the transaction in Texas was turned down; but if I were the bank investigators, I would start there. Thanks to that Texas retailer, which declined the transaction and raised a red flag, this little hack was foiled sooner rather than later. That's why I know it was an organized group, because had the transactions in Illinois not occurred at nearly the same time as the transaction in Texas, those Illinois transactions would not have cleared.

I was telling a friend about the breach over a quick dinner last night, and she responded with one of the most enlightening comments I've heard in a while. She said, "Tracy, it's not a question of 'If?' anymore, but more a question of 'When?'"

I thought, "Wow. Few truer statements have ever been spoken."

My friend went on to tell me she recently had her Hotmail account hacked - an account she rarely even uses. When it happened, she said she was shocked, thinking something like that would never happen to her. But then she realized: Everyone is going to get hacked, breached or compromised sooner or later. It's inevitable. And, sadly, I think she's right.

I'm going to accept that breaches are just part of modern life's equation. But I'm not going to stop trying to ensure my own security - as I work to prevent this kind of breach from happening again anytime soon.

And I as think about that, I really have to wonder about the security of my smart phone -- the e-mails and texts I send and receive over a mobile device that is transmitting unencrypted information via cell towers. Then again, it seems like I have to wonder about and be suspicious of a lot of things these days.



About the Author

Tracy Kitten

Tracy Kitten

Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

A veteran journalist with more than 20 years' experience, Kitten has covered the financial sector for the last 13 years. Before joining Information Security Media Group in 2010, where she now serves as director of global events content and executive editor of BankInfoSecurity and CUInfoSecurity, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.