Public Wi-Fi = 'Russian Roulette' ! | Your stories | Discussion forum

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Public Wi-Fi = 'Russian Roulette' !
December 4, 2023
11:30 am
Dean
Valhalla Mountains, British Columbia
Member
Members
Forum Posts: 1992
Member Since:
January 12, 2019
sp_UserOfflineSmall Offline

.
I thought I'd share this recent, sad Fraud story. Take notes . . .

.
We just Can't be too careful ! sf-confused

    Dean

sf-cool " Live Long, Healthy ... And Prosper! " sf-cool

December 4, 2023
11:32 am
Yatti420
Canada
Member
Members
Forum Posts: 415
Member Since:
July 10, 2011
sp_UserOfflineSmall Offline

The big banks should pay me for using their line of credit. Maybe what they offer on there standard run of the mill savings account. Banks should pay you. Period.

December 4, 2023
11:50 am
savemoresaveoften
Member
Members
Forum Posts: 2946
Member Since:
March 30, 2017
sp_UserOfflineSmall Offline

never use public wifi ever, as simple as that.

also the story of the victim does not seem to hold up if u ask me.

December 4, 2023
11:59 am
Alexandre
Member
Members
Forum Posts: 1189
Member Since:
November 8, 2018
sp_UserOfflineSmall Offline

I am skeptical of bank account breach explanation by its owner. WiFi is not secure, but communication with bank Web site in browser and through the app is secure.

Then, there is money that didn't disappear as a wire transfer somewhere. It were payment to the biller. A bank will have an easy time to find where did that money go, and so does account owner. What is the business name of that biller, again?

Finally, 2FA by SMS, which bank says did happen but account owner says did not.

Conference in Vegas is red flag. I believe true explanation of what had happened is in line with "What happens in Vegas, stays in Vegas."

December 4, 2023
12:55 pm
AltaRed
BC Interior
Member
Members
Forum Posts: 3020
Member Since:
October 27, 2013
sp_UserOfflineSmall Offline

I agree there has to be a bit more to that story.

Further, why did this woman not have a number of alerts set up on her bank account, e.g. any withdrawal, Bill Pay, e-transfer over some nominal value...alerting her of any account transactions?

For all of my credit cards and bank accounts, I have both email and SMS alerts set up for any transaction over a nominal $X.

December 4, 2023
2:07 pm
Dean
Valhalla Mountains, British Columbia
Member
Members
Forum Posts: 1992
Member Since:
January 12, 2019
sp_UserOfflineSmall Offline

.
Even the best of us can get Scammed. But the more 'Interweb/Tech-Savvy' we are, the less likely it will happen.

I'm guessing the lady in the article had No idea how unsecure Public Wi-Fi is. She now pretty much admits that that's probably how she got scammed. She may also not have been aware of the security notices she could have had set up for her accounts.

I'm also guessing that her continued attempts to recover her money from the bank, will be fruitless. A costly $10K+ lesson for her (and her family) ... Sad sf-frown

Stay Sharp Out There !

    Dean

sf-cool " Live Long, Healthy ... And Prosper! " sf-cool

December 4, 2023
2:33 pm
Jimmy
Member
Members
Forum Posts: 33
Member Since:
August 5, 2022
sp_UserOfflineSmall Offline

I was in a hotel for a seminar awhile back. I was waiting in the reception area until the seminar began and connected to their wi-fi on my laptop.
After a few minutes a message popped up saying 'a program is trying to turn off your anti- virus.'

I immediately disconnected from their wi-fi and ran the virus scan. Fortunately nothing ever came of it.

December 4, 2023
2:50 pm
althisa
Member
Members
Forum Posts: 106
Member Since:
September 5, 2023
sp_UserOfflineSmall Offline

I am surprised how much personal financial information people put out on this forum. If its accurate someone watching knows which bank you are opening accounts at, which ones you are transferring in and out of, including dollar amounts.

I know most of it is helpful for others who want to follow a similar process, but we need to be careful.

There is no real vetting process for people lurking on this site.

December 4, 2023
4:00 pm
Dean
Valhalla Mountains, British Columbia
Member
Members
Forum Posts: 1992
Member Since:
January 12, 2019
sp_UserOfflineSmall Offline

althisa said

I am surprised how much personal financial information people put out on this forum. If its accurate someone watching knows which bank you are opening accounts at, which ones you are transferring in and out of, including dollar amounts.

I know most of it is helpful for others who want to follow a similar process, but we need to be careful.

There is no real vetting process for people lurking on this site.  

I'm sometimes surprised at the details some people mention here as well !

However, I'm not sure how much risk/exposure there really is, as no one mentions account #s, or passwords, etc., and most of us don't use our real names.

In addition ... this site's connection is secure, and the certificate is valid.

What say you, Peter ?

    Dean

sf-cool " Live Long, Healthy ... And Prosper! " sf-cool

December 4, 2023
4:02 pm
Itellyouwutt
Member
Members
Forum Posts: 106
Member Since:
November 22, 2023
sp_UserOfflineSmall Offline

What VPN do you folks use?

December 4, 2023
4:11 pm
Peter
Admin
Forum Posts: 1417
Member Since:
May 15, 2007
sp_UserOfflineSmall Offline

Dean said

I'm sometimes surprised at the details some people mention here as well !

However, I'm not sure how much risk/exposure there really is, as no one mentions account #s, or passwords, etc., and most of us don't use our real names.

In addition ... this site's connection is secure, and the certificate is valid.

What say you, Peter ?

    Dean

  

Maybe there is some article on general best practices that we can link to in various places (welcome message, pinned post in the forum, for example).

December 4, 2023
4:35 pm
Alexandre
Member
Members
Forum Posts: 1189
Member Since:
November 8, 2018
sp_UserOfflineSmall Offline

AltaRed said
Further, why did this woman not have a number of alerts set up on her bank account, e.g. any withdrawal, Bill Pay, e-transfer over some nominal value...alerting her of any account transactions?

Note that she claims she hasn't received 2FA SMS sent to her phone. Even if bank would have forced her to set account transactions alerts, she could have said she didn't receive them either.

December 4, 2023
4:55 pm
AltaRed
BC Interior
Member
Members
Forum Posts: 3020
Member Since:
October 27, 2013
sp_UserOfflineSmall Offline

The article said the bank's investigative work showed the 2FA text was sent to her phone number on record in her account and the passcode was successfully entered to complete the login process. That phone number cannot be changed without first accessing the account and changing the phone number which triggers a passcode alert to the phone number on record first.

It is also a reason for alerts to be sent by email as well as SMS text in event one is out of country and has their phone switched off to avoid roaming charges.

Best guess I have is she was not in control of her phone at all times and someone accessed it unknown to her. She maybe did not have the appropriate Lock Screen credentials in place, e.g. lock after X seconds of inactivity and/or someone guessed her PIN or biometrics or.... I've seen a number of people set extraordinary times for screens to lock, especially if they are allowing a child to use the phone to watch a vid or play a game, or to keep a recipe on the screen in the kitchen.

There are enough checks and balances, if employed, to prevent compromised access.

December 4, 2023
6:36 pm
Dean
Valhalla Mountains, British Columbia
Member
Members
Forum Posts: 1992
Member Since:
January 12, 2019
sp_UserOfflineSmall Offline

Peter said

Maybe there is some article on general best practices that we can link to in various places (welcome message, pinned post in the forum, for example).  

Good idea , but I'm not sure where we'd find such an article. Something along the lines of; "What not to say/reveal on a internet financial forum."

I'll try to keep and eye-out, and hopefully others will too.

    Dean

sf-cool " Live Long, Healthy ... And Prosper! " sf-cool

December 4, 2023
8:03 pm
serendipity
Member
Members
Forum Posts: 168
Member Since:
October 30, 2023
sp_UserOfflineSmall Offline

Ok. I’m an Apple guy. I would suggest to have current devices with up to date operating systems and up to date security.

My iPad reports this regularly.

IMG_0028-1.jpeg

Would also suggest that when you name your device to NOT use a name. I used to have an APP that listed all the devices names that were logged into “free wifi”. Just imagine a guy in a bar … says hey Sally your car is on fire or some other gimmick.

Banks are just pushing their luck, hoping you won’t pursue. They have forced us to use the internet and in some cases their APPS. So they have to assume some blame and compensation.

I never use APPS if there is another way. I recently considered a smart watch and upon reviewing the APPS and what goes to China or? .. I don’t consider APPS to be safe. But we all use them. I don’t have a banking app.

I have no line of credit. BMO took mine away with no forewarning. I am a good risk too. I only bank at home on my internet and if I must bank out of the house, which is extremely rare, I use my data. And never open URLS in email or text. And like Dean, I changed all my Oaken passwords when I received the login notice at 4am three days later.

Look at the TD APP on TV with money easily moving back and forth. It’s kind of irresponsible, isn’t it? Do an Interac with an incorrect email. And your phone has Apple Pay. All these conveniences have to be chosen wisely and used with caution. But I am sure they aren’t until you get burnt. And how often is that phone in an unsecured purse or location?

I am tending to think to put my funds into to quarterly and floating rate GICS vs an HISA account. (Other than my day to day bank). That should add another level of protection. And alerts, if available, are turned to the fullest extent … even if a quarter moves in or out.

December 5, 2023
7:34 am
RetirEd
Member
Members
Forum Posts: 1076
Member Since:
November 18, 2017
sp_UserOfflineSmall Offline

I was going to post about the $10K fraud but you've all beaten me to it.

Let's add to the warnings a reminder never to let your browser or app to save passwords and credentials. And of course don't use apps.

And how about "Stay the hell away from Las Vegas?" Or anywhere chat charges bogus "resort fees" too!

RetirEd

Please write your comments in the forum.