Log In
Register
Home
Topic RSS
Facebook
Twitter
Email this10:54 am
January 12, 2019
Offline
.
I received an email from Oaken this morning, written as follows ... "This email is to confirm that we have updated your information as requested."
I made no such request, so I logged onto my Oaken account and started searching for unauthorized activity, and any changes to my information. It turns out that without my knowledge, approval, or request, my email address on file had been changed to a completely different, unknown email address ❗
I called Oaken right away and let them know what happened. My account is now under investigation by their IT Dept., for a possible hacking attempt.
As a precaution ... you may want to check your Oaken account(s) and search for any unauthorized activity. And just as important ... also check the accuracy of all the information on your 'Profile & Settings' page.
I'll report back when I know more,
- Dean
P.S.
As a precaution, I just finished draining
my Oaken SA to another FI.
" Live Long, Healthy ... And Prosper! "
11:02 am
October 21, 2013
Offline
Thanks for the warning, Dean.
Sounds like an actual hack, not merely an attempt..
11:05 am
November 8, 2018
Offline
You should change your Oaken account password. Select strong password and one you haven't used anywhere before.
11:14 am
January 12, 2019
Offline
.
Oaken described this situation as; "a 'possible' hacking attempt", as no other changes were made, and no money was moved.
The unauthorized change of my email address 'may' be the first step, in a multi step process to hack the account. Or ... it may just be a goof/blunder by an Oaken staffer.
I hope to know more, in the next day or two.
- Dean
" Live Long, Healthy ... And Prosper! "
11:17 am
March 30, 2017
Offline
Dean said
.
Oaken described this situation as; "a 'possible' hacking attempt", as no other changes were made, and no money was moved.The unauthorized change of my email address 'may' be the first step, in a multi step process to hack the account. Or ... it may just be a goof/blunder by an Oaken staffer.
I hope to know more, in the next day or two.
Dean
Thats definitely the first step that hackers do once they get into the account. Make sure u have both SMS alert turn on as well.
Also I assume Oaken already put ur account under security alert in the sense no one can access funds electronically for now, either EFT or transfer.
Given they still dont have 2-factor verification, monitor it like a hawk !
Under the manage device type, u can see which IP was logged in and time.
12:19 pm
October 21, 2013
Offline
OK. Oaken is not yet willing to admit it's a hack. I think that means they haven't ruled out that you did it yourself or that it's an inside job, but I'm no expert.
1:09 pm
November 8, 2018
Offline
savemoresaveoften said
Under the manage device type, u can see which IP was logged in and time.
I checked under my account, all I can see is device name and time of first login. No IP address.
Also, time of first login is not very helpful. If someone uses one of my devices, for example, their access to account won't be shown. For that, Oaken should have had time of last login, but they don't.
2:15 pm
March 30, 2017
Offline
Alexandre said
I checked under my account, all I can see is device name and time of first login. No IP address.
Also, time of first login is not very helpful. If someone uses one of my devices, for example, their access to account won't be shown. For that, Oaken should have had time of last login, but they don't.
Interesting, I can see browser used (in my case Chrome), date of log in, and an IP. Mind you some of the IP looks weird (could be maybe cuz I was on my VPN which I cant remember). This is all thru desktop access.
2:45 pm
January 3, 2009
Offline
I only access through a web browser and it only shows The first time I logged in with the device as being several months back and nothing before or after. I know this isn't accurate, so this functionality on their website is suspect imo.
It also only shows me the O/S as Windows/Mac, the app as Mobile Banking, browsers as Other browser(s), the date and active.
So nothing concerning is showing up in the log, but also the log is not accurate or containing any information outside of the very vague.
3:01 pm
February 7, 2019
Offline
I have noticed a number of websites including Streaming and Financial sites, flagging a login as comimg from a 'new device' when in fact it's not a new device but rather a 'major browser update' or a new browser. I get this at least once a month with Netflix.
| CGO |
3:51 pm
January 12, 2019
Offline
.
Meanwhile, back at the Ranch . . .
I just finished checking All my other online accounts (FIs, etc.) for unauthorized transactions, changes to personal info, etc. .... Nada ❗
Given that no other changes were made to my Oaken account (see Post #1), I'm beginning to suspect that the unauthorized changing of my email address in my account was an Oaken system and/or staff error.
Oaken is to call me back on this, in the next day or two.
- Dean
P.S.
As a precaution, the withdrawal I made
at Oaken today will render my total
exposure at Oaken to $1 & 37¢. 
" Live Long, Healthy ... And Prosper! "
6:14 pm
December 18, 2018
Offline
You can turn on the email notification of each successful login, this way you would know right away if somebody else is logging in to your account.
It's in Security Notification, under profile and Settings. I enable that on all banks that allows it.
8:44 am
January 12, 2019
Offline
- That ⬆
Good point, Chamnic ❗
I've been using that feature (at Oaken & elsewhere) since day 1,
but others may not be aware.
- Dean
" Live Long, Healthy ... And Prosper! "
11:19 am
January 12, 2019
Offline
.
Update . . .
I just finished a phone call from an Oaken IT Tech who is investigating this matter.
The first thing they looked at was to see if 'I' made the change to the email address, but they could find no evidence of that ... it's just as well, cuz I didn't! The email address that it was changed to, belongs to a customer of theirs. The email address on my account has since been corrected, and changed back to mine again.
They now suspect that this 'may' have been caused by an internal Oaken error, and that's where the investigation is now focused. They hope to get back to me on this again, sometime early next week.
Until then ... my Oaken account remains locked-out, and the investigation continues.
- Dean
" Live Long, Healthy ... And Prosper! "
Please write your comments in the forum.