MUCH MORE ON CHASE SCAM
Here is more relating to the Chase-related scam; I am not a cybersecurity expert but I’ve learned some things. Sorry this is so long, but maybe this will be of interest to others.
My Social Security number (SSN) and name were revealed in a breach, most likely thru the WA State Employment Security Department (ESD) breach. Because some of my info was earlier revealed in a Premera breach, I had been provided free service from Identity Guard and I’m glad I took advantage of it. I was recently alerted to an attempt to open a JP Morgan Chase bank account in my name. The bank confirmed that it was both my name and my SSN used in the attempt. The bank did not open the account (didn’t say why) and I did not receive a card in the mail as others have reported.
Regarding the credit reporting agencies (for which info has already been posted) in addition to putting a freeze on your information you can add a fraud alert. These are for just a year, but with a bit more trouble (eg notary public) you can do it for seven years. Since it seems the information will be out there forever it makes sense to me to do the longer options; I don’t imagine folks will try changing names or social security numbers.
In addition to the three main credit reporting agencies. I was told about something similar for banks, and I put a freeze on my information here too: Chex Systems Inc. : “Chex Systems, Inc. (ChexSystems) is a nationwide specialty consumer reporting agency under the federal Fair Credit Reporting Act (FCRA). ChexSystems’ clients regularly contribute information on closed checking and savings accounts.”
Here’s a resource for some related information. It may suggest other measures: Consumer Financial Protection Bureau: “The Consumer Financial Protection Bureau is a U.S. government agency that makes sure banks, lenders, and other financial companies treat you fairly.”
And here are other things one might do to reduce the risk of identity theft:
Google yourself and see what comes up on ‘people finder’ services. Two that I saw, Intelius and Radaris, had a way for me to get my profile deleted (I did this last summer). Such sites trawl the web for public documents and will display prior addresses, schools attended, names of family members, etc. I think it is worth the trouble to ask them to delete you.
My opinion is that people using social media should refrain from answering those quizzy posts that go around and seem to prey on people’s nostalgia, as in ‘who was your favorite teacher?’. When your friend says their Facebook account was hacked, it’s also you and your friend’s other friends that are the pay-dirt. There are troves of data circulating on the dark web with information about us. My theory is that all that breached data may soon be combined with data gathered via social media via hacked accounts (if it’s not already). This data can help thieves answer the challenge questions they encounter pretending to be you. You know, the kind of questions the bank asks you over the phone to be sure it is you.
I put a fraud alert on my bank account. Now they’re scrutinizing charges a bit more. WECU offers another layer of protection via a verbal password option.
Use two-factor authentication where you can. That’s where you receive a text message or email that you must respond to before your password gets you to where you tried to go. Yes, it’s a hassle but worth it.
Make your passwords as long as you can make them – the longer they are the harder to crack. If very long, make them easy to type in chunks (as opposed to having to type letter by letter for completely random characters). To thwart attempts to crack passwords, either by a person guessing or by the brute force of a computer making many attempts, make passwords that will make no sense to anyone but you. Avoid using text that exists elsewhere (for example, don’t use a famous quotation without adding some very oddball alterations).
Don’t reuse passwords (and use an offline ‘password safe’ to keep track of your passwords, the safe being protected by one mega-complicated password). I’ve heard some say using the same password in multiple places doesn’t matter to them except in cases where one is exposed to credit troubles or loss of money. But with unique passwords, you gain some information when you see one of your passwords echoed back to you in a phishing attempt (which has happened to me twice). As an illustration, imagine that I get an email that says “I know your password, it’s “ILoveKazooAndHotdogMuseumsDontYouAgree” and I’ve taken control of your computer and infected, it including your backups, and I’ve been reading everything and watching your webcam for months and I’ll blackmail you unless you do such and such.” That password gives me an idea of where the breach was, and I know that that password will yield absolutely nothing if it’s used to try to access anywhere else.
However, if someone gets my email password somehow, and can then do a password reset on other accounts tied to that email address, which is more possible now that they looked up who my favorite teacher is, well, there is trouble ahead. Hope this helps. ~ Sally Sheedy
My friend just called me back and mentioned that it’s all in Whatcom county. It was addressed to her here in Blaine and the post office forwarded it to her in AZ. Hopefully these victims are reporting it to the police. She said she’d be happy to provide her cell,number if the police here want to contact her.
I also got an unsolicited Chase debit card. I thought it was a gimmick, cut it up and tossed it. That was a few weeks ago. Once I read about the scam on this blog – thank you!! – I called Chase but, like Carolyn Dale, couldn’t get any answers. So, I went to a Chase bank and there was in fact an account opened in my name. I learned that the scammers had my name, SS#, birthdate, address and phone number. The account had been opened on February 8th and there were dozens of small deposits – most between 10 and 25 cents. The thought is that these types of accounts are part of a much larger scheme, maybe money laundering. I was given a very helpful packet of information – one recommendation is to file a fraud report online with Bellingham Police Dept [don’t call, they’re being swamped]. I also placed alerts with my bank and, as mentioned, put fraud alerts on the credit agencies. And now we wait…. ~ Carolyn DeSilva
I also became a member of the Chase account club, when a new debit card appeared in the mail on 2/25.
I first called the Chase Customer Service 800 number and didn’t get a lot of help, other than a suggestion to reach out to a local branch office.
I directly called our downtown Chase branch and spoke with someone there who told me that they’ve just had an onslaught of these issues, and who emailed me a link to their ID Theft info package.
He also said to come into the office to deal with it.
I came in, and filled out an internal report, similar to what you tell the FTC.
They told me that someone had opened the new checking account online, and we verified that they had my correct name, address, and SSN. They also had an old, unused home phone number of mine, but the email address was something they must’ve been using to make the transactions (“alan….@…).
Chase said that the online use had transferred several small amounts of money in and out of the account, but nothing substantial.
We then closed the account.
I then contacted 4 credit monitoring agencies (same as what has already been listed, plus TransUnion) and had access to my credit reports frozen.
That stops anyone from trying to open new accounts, modify or close my old accounts, take out loans, etc,, without my direct OK.
I also ran one of the free credit reports, to see what credit cards and accounts THEY think I have.
So far, no surprises, but I will run another one, in a week or two.
I also filed a police report with the BPD, and with the FTC (both have links to online forms).
I also touched base with my own banks and credit card companies, to make sure I had a good level of access security with each of them. Some of them added a secret word that they will ask for, when anyone tries to access the account (remotely or in–person).
All of the above is a PITA, but it’s necessary now.
If anyone else in the area has had a similar experience – PLEASE deal with it as I have, and make sure to report it to the police and FTC. They need all the help they can get, to figure out how/why many of us in this geographic are being targeted. –Tom Halsted
FROM 3/6/2021. CHASE SCAM FOLLOW-UP
I also received an unsolicited debit card from Chase, and I pursued the matter by phone. Maybe other people can do this too, rather than trying to deal with websites.
First I called the consumer contact number on the letter, saying I wanted to report fraud: 1-800-935-9935. (Keep pressing the “0” zero key to bypass having to enter an account number, etc.) The person who came on transferred me to Chase’s fraud department; that direct line is 800-457-9802.
The Fraud person I spoke with would not confirm that an actual bank account in my name had been opened at Chase, even when I asked her several pointed questions. She would only say was that IF there had been one, it was now closed or inactive. (By then I was suspecting this might be a marketing effort by Chase that has gone off-kilter.)
She then suggested that I check the three credit-reporting entities so see IF anyone had opened a fraudulent account in my name at some other bank. Here are the numbers to call: Equifax 800-525-6285; Experion 888-397-3742; TransUnion 800-680-7289.
I hope this is helpful — Carolyn Dale
FROM 3/5/2021. CHASE SCAM: HELP NEEDED
I became a victim, as well, of an unauthorized opening of a Chase Checking Account through my somehow stolen ID, as quite a few neighbors and other Whatcom County Residents have to endure.
For mostly the better (but, in this case, may be the worse!) I’m not good at doing things via the web, yet, that’s where I was pointed. It has me baffled to straighten this out.
I did report it to the helpful downtown branch, but now the weight in the pit of my stomach grows. I started with the recommended credit freeze process, but can’t understand what is being asked, said or what I could do to make things even worse or, to think positively, incredible easy!
I would like to connect with a knowledgable real someone and talk about what I need to do in a way that my dated, analog brain can grasp. Full disclosure: I’m equipped with an I phone only. Help ? ~ Max Eberhard 360.801.3249
FROM 3/4/2021. CHASE SCAM
I also received a debit card from Chase and found out someone had stolen my identity when I called their fraud department. Someone opened an account in my name on 2/10/21. It’s closed now, and evidently there’s a lot of this going on right now as people try to take advantage of the money coming from the government. With the latest update on the blog, I wanted to add my name to the list of those affected in our neighborhood. It’s now officially rampant! Mattie Wheeler Utter St.
And I keep hearing about more. Check your junk mail, neighbors! ~ Fl!p
3/3/2021 FIRST NOTICE
Just a heads up to your email subscribers– Last week I received an unsolicited debit card from Chase Bank. When I reported this to Chase on March 1, I was told that my identity (social security, birth date and address) had been stolen and used to open an account at Chase (where I have never banked). Chase closed the account but I now have to deal with the issue of identity theft. I have talked with two other local people who have had this happen and the teller at Chase said they are seeing many cases of this in our area. Just a heads up if someone receives an unsolicited debit or credit card. Thanks, Betsy Pernotto