Solved A good amount of money has been stolen from my bank account bypassing the double factor authentication.

Consider that it's not technically a refund. A refund would mean that the bank had the funds. What really happened was that somebody stole the money, then the bank took its own money and made good the loss. The bank lost the money that was stolen from you.

There is an entire industry around the type of scam where you "steal" your own money, and then get the bank to pay you that same amount from its own pocket. Sou you 2x'd your money.

Nothing craftier than a scam artist.
 
I understand,but I don't think it's a good tecnique because the chances that the bank will refund the money that you have stolen to yourself are low,since often there aren't backdoors or technical problems on the bank's server side. I think there are smarter and less risky tecniques for stealing moneys.
 
There wasn't a backdoor or technical problem on the bank's server. The backdoor was in the security design, on an abstract level. You are being bombarded with a dozen interfaces that you are required to use. The scammer identified this weakness and snuck in another interface. This weakness remains there. It would take an entire redesign of the bank's security strategy to close it, which would cost billions of dollars.

If you steal from yourself and ask for a refund, and you don't get it, you lose nothing. If you do and you do get it, you get 100% profit.

Imagine you are a person that dedicates every working hour to finding holes and exploting them. Those people exist.
 
ZioMario said:
I don't understand how I could have fooled them. The money that was stolen from me was mine. Would I have stolen it by myself and then asked a refund ? Does it make sense ? If I had purchased something I didn't want, I would have asked the seller for a refund. The law allows for a refund if you request it within a certain number of days.
Click to expand...
You're not the bank's only client, y'know.

Even if you are in good standing with the bank, that means absolutely nothing for the next client in line. Due diligence must be done on every single client, no exceptions. Even if you personally don't raise red flags, the bank cannot put it past the next client to NOT raise those same red flags. It's not just you, the bank needs to take a hard line and do due diligence with all of its clients.

Try pretending to be the bank, and this one client (out of many) comes to you saying that they have been scammed, and the client wants a refund. You'd want to make sure the client's complaint actually holds water, and that there are specific transactions that need to be corrected, and that the correction does not run afoul of applicable financial laws. There's plenty of times when a client tries to make a case, but things just don't add up. To be able to exist and to provide services to the public, a bank kind of needs to get things and money to add up correctly, as advertised - for each and every client.
 
astyle said:
It's just that I personally noticed that a lot of people seem really tempted to take a proverbial whack at OP. Just the perverse satisfaction of being able to claim that they, too, posted in there to tell OP that he was phished and scammed and that it's his fault for not paying attention and keeping his eyes peeled. It's those comments that I'm getting tired of.
Click to expand...
Nobody whacked Mario here. We expressed our opionon on the matter. You can have your opinion too. Whether you are tired of it is irrelevant.
In recent years, decade, I noticed the forum "atmosphere" changed, to the worse in my opinon. Well, also irrelevant.

Good for you Mario you got your money back. This doesn't change a thing that it was your fault. For bank this was small amount of money, they made a calculated dicision to refund your money.
You may not be lucky next time.

Your thread did open an interesting question -- what to do when you are victim of such scam. I personally would have to google my bank's phone #, I don't keep that information at hand.
I'm one of those people who dont' care that much about cell phone either -- many times I go out without it. It made me rethink few things about that - thanks for that.
 
Everything that was said in this thread still stands. But instead of focusing on taking all the advice that was given to him, he chose to focus on whos fault this was. Its one thing to just bash someone without giving him any advice, but its completely different when someone bashes you and then gives you a propper advice on how not to make same mistake again. Its like a parent punishing his child for doing stupid shit. Its tough love. No one here is making fun of him. We are all happy he got his money back. But i strongly suggest he goes back in this thread, and read some of those posts again without getting emotional.
 
What I'm trying to say is, some bashing/lecturing is OK, but at some point it becomes repetitive and annoying, when the next person to post in this thread just cannot think of anything better to say than to repeat (in one form or another, using different words) what others already said. It stops being a productive conversation. When are we gonna say, enough is enough, and move on to other topics? Do we have nothing better to do? Gotta think before you post, people!
 
Maybe it's more respectful to silence the thread,if you want,but keep it open for the users who wants to add something ?
 
I guess with some research, it may be possible to use a Forums feature to ignore the thread and subsequent posts... this only works on a per-user basis.
 
---> Off-topic is the best subforum in every forum. I think off-topic is great.

You can't deny that I've sometime promoted interesting threads. So long live off-topic sections, AND thanks also to Uncle Mario :)
 
What is this,bro ? Someone used my email to signup there ?


Screenshot_2025-11-30_15-05-07.jpg
 
VladiBG said:
You didn't understand. You shared the link for verification at the bottom of your picture in the black text.
Click to expand...

I know. But it's not mine. Why should I worry ? It seems a phishing email. Anyway,I didn't register my email account on that site. You understand ?
 
VladiBG said:
Because they can verify your e-mail account with this link you just posted to the entire internet.
Click to expand...

Not sure if they can. If that's a phishing email as I think,it's not safe for them. What I want to verify is if the link has been produced by someone who used my email address or if it is totally fake.
 
Sure, here's your login:

login address: navasoftwaresupportservices.zendesk.com

Now log in and change your password on close your account there.
And next time don't share verification links to the internet.
 
Yes you didn't someone is trying to use your e-mail account to register there, and you just share it's verification link.
 
You must log in or register to reply here.
Back
Top