Interesting People mailing list archives
IP: May I see your license (not that that does much good) from
From: David Farber <farber () cis upenn edu>
Date: Thu, 07 Aug 1997 17:24:21 -0400
Date: Fri, 01 Aug 97 19:54:00 P From: Jim Horning <horning () intertrust com> Subject: Clean Sweep wasn't quite soon enough There's another use for those forged driver's licenses. This seems to be not so much a computer-related risk, as a risk that could have been ameliorated with a little more intelligent application of computers: I am in the process of getting my checking world back in order after a Southern California ring made off with a total of about $7,000 in cash from my account one day last week. * The ring is well-organized and efficient. My branch manager in Palo Alto says that there are already three other customers of her branch that she's currently working with -- creating new accounts, getting new checks, recovering missing funds, etc., etc., etc. One customer's account was hit for $12,000. * All they need is your name and checking account number (everyone who handles any check you write has this information). They then forge a "good quality" California driver's license, with your name and their picture, to use as ID for over-the-counter bank transactions. * They know the bank's fraud prevention procedures and thresholds. They "deposited" four bad checks, taking most of the amount in cash, but each check was just under $1,000.00. They hit multiple branches, all in Southern California. They also made two cash withdrawals. * The amount they can take is not limited by the balance in your account: - If you have overdraft protection, they can go to the limit on that (e.g., the limit on your Visa account). - When they deposit a check with "cash back," they take the amount of the phony check, not the amount left in your account. - Checks and over-the-counter transactions are processed overnight, not online, so by working a number of different branches, they can take multiples of your account. * There doesn't seem to be any reasonable way (at Wells Fargo Bank) to limit over-the-counter cash withdrawals from an account (unlike ATM withdrawals). * The best protective measure seems to be to monitor your account frequently (via the Web, telephone banking, Quicken online, or whatever) and IMMEDIATELY report anything suspicious. * Everyone at Wells Fargo has been very nice and helpful, but it's a real nuisance to deal with this. To their credit, their Loss Prevention unit spotted the anomalies and notified me in less than a week -- well before I would have received my statement. I'll get all my money back, but no reimbursement for the time I'm spending. Jim H. [Added note from Jim:] There is one defense against over-the-counter raids, but it's pretty drastic. It's what they did to my old account as soon as they recognized "unusual activity": Flag the account so that all over-the-counter cash transactions require approval by a specific person in the Loss Prevention unit. This includes third parties, like our cleaning lady, who was unable to cash our $60 check, because she wanted cash -- a deposit to an account would have gone through. * I would have thought that one could restrict an account so that cash withdrawals were limited for over-the-counter as well as ATM transactions, but, no, the computer isn't programmed for that. * I would have thought that, by now, over-the-counter cash withdrawals were totalled bankwide, not just per branch, in real time, but no, screening for unusual activity apparently happens overnight. [The ring apparently knows this: There has been no further attempted fraudulent activity since the one day.] * I would have thought that a $2,100 cash withdrawal (the largest single transaction) would require more ID than a California driver's license, but apparently not. On the bright side, my money (including my July payroll deposit) has supposedly just been transferred to my new account. Of course, there's no easy way to test this, since my online banking access has been shut down to prevent fraud... Jim H.
Current thread:
- IP: May I see your license (not that that does much good) from David Farber (Aug 07)