Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Employee under attack, but what kind of attack and what to do?

  • Please log in to reply
3 replies to this topic

#1 tmccartney


  • Members
  • 3 posts
  • Local time:07:22 PM

Posted 01 October 2015 - 12:59 PM

One of my employees is the victim of some kind of cybercrime.  For the last two weeks, she has dealt with thieves calling her credit union, posing as her, and requesting wire transfers.  She has changed account numbers there twice, and still they find out her account numbers THE SAME DAY and attempt to steal from her.

So she changed banks completely, and immediately after the first time she used her new debit card, several fraudulent charges showed up on her account from use of her card number.

This may or may not be related:  Just before all this started, we were staffing a table at an outdoor festival, and both she and her boyfriend noticed a message on their Android phones that seemed to indicate that their phones had been bluesnarfed.  My employee thinks she remembers seeing something being installed.  She has since hard reset the phone (I think yesterday).

The FBI is not helping because she hasn't actually lost any $$ so far because of the vigilance of the banks, but it seems like it's only a matter of time before they clean her out unless she can defeat whatever access they have.
Any ideas?  Thanks!

BC AdBot (Login to Remove)


#2 Animal


    Bleepin' Animinion

  • Site Admin
  • 35,905 posts
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:04:22 PM

Posted 01 October 2015 - 01:20 PM

Has she contacted local police? At least to the point of making a report of the activity you have documented thus far. It can show pattern of behavior. In the unfortunate event she does lose access to her funds or loses them completely.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)

A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)

"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)

Follow BleepingComputer on: Facebook | Twitter | Google+

#3 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,946 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:22 PM

Posted 01 October 2015 - 01:28 PM

I agree with Animal...you should also file a report with your local law enforcement agency which most likely will have a Cyber Unit specializing in tracking down hackers and prosecuting them. Failure to notify your financial institution and local law enforcement can result in refusal to reimburse funds lost due to fraud or similar criminal activity.

Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 tmccartney

  • Topic Starter

  • Members
  • 3 posts
  • Local time:07:22 PM

Posted 01 October 2015 - 03:09 PM

She has contacted the local police and made a report.  While she's interested in prosecution, of course, what she needs to find out now is how the criminals have their hooks in her - how they're finding out her banking information as soon as she opens a new account.  This appears to be an ongoing attack.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users