Attempted Hack on my Vanguard Accounts
Attempted Hack on my Vanguard Accounts
In addition to my Quicken download issues that Vanguard admits to their server problem,
someone is attempting to get into my accounts. I have "not" tried signing in for at least
a week yet account is blocked again this weekend.
Is it enough to simply give the info and assign a new password? Or is there more I can do
to protect myself like a new user name?
By the way, I did report the issue to V.
someone is attempting to get into my accounts. I have "not" tried signing in for at least
a week yet account is blocked again this weekend.
Is it enough to simply give the info and assign a new password? Or is there more I can do
to protect myself like a new user name?
By the way, I did report the issue to V.
Re: Attempted Hack on my Vanguard Accounts
I believe you can configure your account to only allow signon from a particular computer.
Re: Attempted Hack on my Vanguard Accounts
I'd make sure my password was as complex as they allow with numbers, caps and symbols if permitted.
Re: Attempted Hack on my Vanguard Accounts
May/June 2012 I was assured I would not be able to access my accounts from out of the country. Logged in from Thailand on my g/f's (now wife) computer without issue.JamesSFO wrote:I believe you can configure your account to only allow signon from a particular computer.
Re: Attempted Hack on my Vanguard Accounts
My wife's email was hacked into last year. It took three months to get most of the headaches cleared up.
This morning I received a phone call from a man claiming to be from Microsoft asking for me by name. He had a very thick Indian or Pakistani accent, He went on to state that my computer has been hacked by keystroker theft and he 'needed' to 'walk me through fixing the problem.' He asked if I was sitting at the computer - I wasn't. He asked if I could get to the computer - I couldn't. He stated he would call back. I stopped him and asked for his call back number, which I wrote down and googled. It's a hacker's scam.
The number is 315-633-4050. DO NOT CALL THEM OR GIVE THEM ANY INFO. My caller ID indicated the call came from
a nonsense number 58-974-5625
It's a brazen attempt by these shmucks to get you to unwittingly hack yourself and give them your sensitive data.
This morning I received a phone call from a man claiming to be from Microsoft asking for me by name. He had a very thick Indian or Pakistani accent, He went on to state that my computer has been hacked by keystroker theft and he 'needed' to 'walk me through fixing the problem.' He asked if I was sitting at the computer - I wasn't. He asked if I could get to the computer - I couldn't. He stated he would call back. I stopped him and asked for his call back number, which I wrote down and googled. It's a hacker's scam.
The number is 315-633-4050. DO NOT CALL THEM OR GIVE THEM ANY INFO. My caller ID indicated the call came from
a nonsense number 58-974-5625
It's a brazen attempt by these shmucks to get you to unwittingly hack yourself and give them your sensitive data.
Last edited by Swampy on Tue Oct 22, 2013 11:18 am, edited 1 time in total.
If I have seen further, it was by standing on the shoulders of giants.
Re: Attempted Hack on my Vanguard Accounts
Under Account Maintenance > Security > Computer access restrictionsJamesSFO wrote:I believe you can configure your account to only allow signon from a particular computer.
Then pick "Restrict unrecognized computers from accessing my accounts." and save.
Re: Attempted Hack on my Vanguard Accounts
deleted
Last edited by gulliver on Tue Jan 14, 2014 9:40 pm, edited 1 time in total.
- bertilak
- Posts: 10725
- Joined: Tue Aug 02, 2011 5:23 pm
- Location: East of the Pecos, West of the Mississippi
Re: Attempted Hack on my Vanguard Accounts
When I signed up for VG I gave them an ID I wanted to use but it turned out someone else already had it so I picked another ID out of the air. It took me a while to stop using my preferred ID by mistake. I probably locked out the poor VG customer several times!gulliver wrote:Make sure that your user name is sufficiently unusual. Often the problem is caused by some other Vanguard member accidentally keying yours.
If that's you, sorry!
I am past that now, I hope. But wait 'till senility sets in then watch out!
Last edited by bertilak on Tue Oct 22, 2013 12:09 pm, edited 1 time in total.
May neither drought nor rain nor blizzard disturb the joy juice in your gizzard. -- Squire Omar Barker (aka S.O.B.), the Cowboy Poet
- abuss368
- Posts: 27850
- Joined: Mon Aug 03, 2009 2:33 pm
- Location: Where the water is warm, the drinks are cold, and I don't know the names of the players!
- Contact:
Re: Attempted Hack on my Vanguard Accounts
You can also call client services and add an "enhanced password" that you would have to provide each time you call. This would at least help from a telephone standpoint.
John C. Bogle: “Simplicity is the master key to financial success."
Re: Attempted Hack on my Vanguard Accounts
Yes, this is a classic scam.Swampy wrote:My wife's email was hacked into last year. It took three months to get most of the headaches cleared up.
This morning I received a phone call from a man claiming to be from Microsoft asking for me by name. He had a very thick Indian or Pakistani accent, He went on to state that my computer has been hacked by keystroker theft and he 'needed' to 'walk me through fixing the problem.' He asked if I was sitting at the computer - I wasn't. He asked if I could get to the computer - I couldn't. He stated he would call back. I stopped him and asked for his call back number, which I wrote down and googled. It's a hacker's scam.
The number is 315-633-4050. DO NOT CALL THEM OR GIVE THEM ANY INFO. My caller ID indicated the call came from
a nonsense number 58-974-5625
It's a brazen attempt by these shmucks to get you to unwittingly hack yourself and give them your sensitive data.
Just as Microsoft doesn't do anything "if you forward this e-mail to 20 people by such-and-such date," they aren't monitoring your computer for problems, and they won't call you.
These people will likely tell you to install TeamViewer, or otherwise enable remote access - giving them direct control over your PC. They might just take data outright, or as soon as they get in, you'll start getting all kinds of wacky problems, at which point I'm sure they'll ask for your credit card info.
If someone calls or e-mails you and wants any kind of personal information, payment information, or asks you to do something to your computer, they're probably up to no good.
If you get an e-mail talking about some account needing attention (Your Visa bill is late! Click here now to avoid penalties!), do not click the link. If you want to be sure of it, go to your Internet browser, type in the correct address manually, and go to the billing site that way. You'll probably find nothing wrong.
Re: Attempted Hack on my Vanguard Accounts
I routinely clear the cache and history from my browser, especially after entering personal information on a web site. Does that make it an "unrecognized computer" or is some other feature of the computer used for recognition?JamesSFO wrote:Under Account Maintenance > Security > Computer access restrictionsJamesSFO wrote:I believe you can configure your account to only allow signon from a particular computer.
Then pick "Restrict unrecognized computers from accessing my accounts." and save.
Re: Attempted Hack on my Vanguard Accounts
No clue, I don't use this feature, perhaps call Vanguard.AAA wrote:I routinely clear the cache and history from my browser, especially after entering personal information on a web site. Does that make it an "unrecognized computer" or is some other feature of the computer used for recognition?JamesSFO wrote:Under Account Maintenance > Security > Computer access restrictionsJamesSFO wrote:I believe you can configure your account to only allow signon from a particular computer.
Then pick "Restrict unrecognized computers from accessing my accounts." and save.
Re: Attempted Hack on my Vanguard Accounts
Previous poster said:
"My wife's email was hacked into last year. It took three months to get most of the headaches cleared up."
My granddaughter got an email from my Verizon email promoting a weight loss product. No one else appears to have gotten this email. This alarmed me so:
I added an alias email at Verizon and an using that now. They would not cancel my old email address since it was in the computer as their contact email.
I notified everyone in my contact list about the potential problem.
I change my Amazon login, and password.
Canceled the credit card used in Amazon and other on line uses.
Changed email name on my on line accounts. Notified regular senders of the change,
Notified Vanguard about the email change. I do not have an online Vanguard account. I used to, but someone tried to login and it was locked, so I bailed on the online account. I have telephone password when I call Vanguard. Vanguard already has a certified letter revoking redemption privileges in my IRA account until further notice.
Also had a note added to my file that I do not anticipate any withdrawals from my IRA for a few years.
Placed a credit fraud alert on 3 credit agencies, and later a credit freeze or lockout with 3 agencies.
I think I over reacted, but did everything I could think of.
Any other advice or comments?
Thanks
Dan
"My wife's email was hacked into last year. It took three months to get most of the headaches cleared up."
My granddaughter got an email from my Verizon email promoting a weight loss product. No one else appears to have gotten this email. This alarmed me so:
I added an alias email at Verizon and an using that now. They would not cancel my old email address since it was in the computer as their contact email.
I notified everyone in my contact list about the potential problem.
I change my Amazon login, and password.
Canceled the credit card used in Amazon and other on line uses.
Changed email name on my on line accounts. Notified regular senders of the change,
Notified Vanguard about the email change. I do not have an online Vanguard account. I used to, but someone tried to login and it was locked, so I bailed on the online account. I have telephone password when I call Vanguard. Vanguard already has a certified letter revoking redemption privileges in my IRA account until further notice.
Also had a note added to my file that I do not anticipate any withdrawals from my IRA for a few years.
Placed a credit fraud alert on 3 credit agencies, and later a credit freeze or lockout with 3 agencies.
I think I over reacted, but did everything I could think of.
Any other advice or comments?
Thanks
Dan
Dan999
-
- Posts: 218
- Joined: Sun Mar 03, 2013 2:57 pm
Re: Attempted Hack on my Vanguard Accounts
It's possible no one was trying to hack your account unless you have an unusual user name. If Vanguard has 12 John Smiths, one of them could forget whether his user name was johnsmith7 or johnsmith8.
Re: Attempted Hack on my Vanguard Accounts
This panics me that someone could hack into one of our brokerage accounts and execute some weird trade, like buying 400,000 shares of Etoys or something at the ask. How could you prove you didn't do the trade?
Re: Attempted Hack on my Vanguard Accounts
Most likely just someone with a user name like yours, as someone mentioned above.
I had an e-mail like MyFirstName@MyCableCompnayName.Com.
Every two weeks someone would lock me out of my account trying to change what they thought was their e-mail password. Or someone in Michigan would use it to set up a iTunes account and I'd see all of their personal info.
I had an e-mail like MyFirstName@MyCableCompnayName.Com.
Every two weeks someone would lock me out of my account trying to change what they thought was their e-mail password. Or someone in Michigan would use it to set up a iTunes account and I'd see all of their personal info.
Re: Attempted Hack on my Vanguard Accounts
This doesn't necessarily mean your email was hacked; return addresses are easy to forge and spammers like to do that. I occasionally get bounce messages from spam sent using my email address. Nothing I can do about it.Dan999 wrote:My granddaughter got an email from my Verizon email promoting a weight loss product. No one else appears to have gotten this email. This alarmed me so:
Did you overreact? Perhaps, but better safe than sorry.
Re: Attempted Hack on my Vanguard Accounts
It's probably not a hack. It may be your attempts through Quicken that don't go through that is causing the problem. Vanguard may think they are hacks and blocks the account.In addition to my Quicken download issues that Vanguard admits to their server problem,
someone is attempting to get into my accounts. I have "not" tried signing in for at least
a week yet account is blocked again this weekend.
A scientist looks for THE answer to a problem, an engineer looks for AN answer and lawyers ONLY have opinions. Investing is not a science.
- widestance
- Posts: 143
- Joined: Fri Jun 07, 2013 5:37 pm
Re: Attempted Hack on my Vanguard Accounts
Are you sure you don't have Quicken setup to automatically login and download recent transactions?
If it has bad login info, it could be responsible to locking out your account.
If it has bad login info, it could be responsible to locking out your account.
Everybody's got a plan until they get punched in the face - Mike Tyson
Re: Attempted Hack on my Vanguard Accounts
Initially with the Quicken problem, I did get blocked a couple of times due to the download requests.
However,I do not get anything automatically downloaded. Waiting for Van to give me the ok for future downloads.
After talking to V today, we decided nothing to be gained with new user name if it is an unusual ID. Started new
password and only enabled access to my computer as suggested above.
I'll keep my fingers crossed.
However,I do not get anything automatically downloaded. Waiting for Van to give me the ok for future downloads.
After talking to V today, we decided nothing to be gained with new user name if it is an unusual ID. Started new
password and only enabled access to my computer as suggested above.
I'll keep my fingers crossed.
Re: Attempted Hack on my Vanguard Accounts
Entirely possible some software you were running or trying to run keeps locking you out. If you weren't having lockout problems until you tried to integrate the software that's probably the problem. Use a complex, non significant password and enable all available security options on your account.
- frugaltype
- Posts: 1952
- Joined: Wed Apr 24, 2013 9:07 am
Re: Attempted Hack on my Vanguard Accounts
+1 Also, if you look at the full header of the email your granddaughter received, you may find that the return address is not yours.telemark wrote:This doesn't necessarily mean your email was hacked; return addresses are easy to forge and spammers like to do that. I occasionally get bounce messages from spam sent using my email address. Nothing I can do about it.Dan999 wrote:My granddaughter got an email from my Verizon email promoting a weight loss product. No one else appears to have gotten this email. This alarmed me so:
Did you overreact? Perhaps, but better safe than sorry.
Re: Attempted Hack on my Vanguard Accounts
On my system, Vanguard (and my bank too) uses a flash cookie to indicate that it is a trusted computer. If it doesn't recognize the system, you have to answer security questions. I have a flash control panel where I can see which flash cookies are on the system and delete ones that I don't recognize. I have it set that it asks me before storing any information in a new flash cookie. If the flash cookie gets corrupted and you are constantly asked to answer the security questions, deleting the flash cookie restores the functionality.AAA wrote: I routinely clear the cache and history from my browser, especially after entering personal information on a web site. Does that make it an "unrecognized computer" or is some other feature of the computer used for recognition?
I also only allow javascript for sites that I trust and clear cookies, cache and browser history on quitting.
-
- Posts: 28
- Joined: Fri May 10, 2013 11:31 am
Re: Attempted Hack on my Vanguard Accounts
I have had the same problem crop up in the past month. Locked out of my vanguard account over 5 times now. I cannot tell who or what is locking it out, as access logs are not available for my perusal. I have to commend google on their security settings, both recent activity and 2 stage security would be nice to have for all financial institutions.
Vanguard's suggestion to me is to change the account username.
Vanguard's suggestion to me is to change the account username.
Re: Attempted Hack on my Vanguard Accounts
Rkhusky – thanks for the tip on flash cookies. I didn’t know anything about their existence. And yes, I see vanguard.com in the list of local shared objects. I would recommend everyone check their systems. I do routinely run Ccleaner and it defaults to cleaning Adobe flash player file. However I did not realize the significance of the cleaning nor the fact that companies were skipping HTTP cookies in favor of flash cookies. Here is a link that gives a live look at the flash cookies.
http://www.macromedia.com/support/docum ... ger07.html
http://www.macromedia.com/support/docum ... ger07.html
Re: Attempted Hack on my Vanguard Accounts
This happened to me also. Change your username to something more complicated. Then they can't keep locking up your account by guessing a bunch of passwords. If they can't guess your username they can't lock up he account with failed attempts.
Re: Attempted Hack on my Vanguard Accounts
Rather than call I wish Vanguard could send us a Security Token like Schwab. Everytime you login you enter the random number on your token along with your password. Of course creating tokens for everyone is an added cost for Vanguard, but it would make many feel safer.abuss368 wrote:You can also call client services and add an "enhanced password" that you would have to provide each time you call. This would at least help from a telephone standpoint.
- Majormajor78
- Posts: 910
- Joined: Mon Jan 31, 2011 8:13 pm
Re: Attempted Hack on my Vanguard Accounts
I hate to admit it but I accidentally block somebodies Vanguard account at least once or twice a year. Somebody has the same username as I have on one of my TD Ameritrade accounts so I'll plug in my username and password on autopilot and then oops!
My bad. Sorry.
My bad. Sorry.
"Oh, M. le Comte, it is only a loss of money which I have sustained... nothing worth mentioning, I assure you."
Re: Attempted Hack on my Vanguard Accounts
If you delete your cookies or clear your cache with this setting, I believe your computer will become unrecognizable. Then you'll need to call Vanguard. That seems less than ideal but could work for someJamesSFO wrote:Under Account Maintenance > Security > Computer access restrictionsJamesSFO wrote:I believe you can configure your account to only allow signon from a particular computer.
Then pick "Restrict unrecognized computers from accessing my accounts." and save.
Re: Attempted Hack on my Vanguard Accounts
I have used the token system with a Wells Fargo business account. This would be great if Vanguard would do this.
I would even pay a surcharge for this feature. I would go back to using an online account.
Hey Vanguard, are you listening?
Dan
I would even pay a surcharge for this feature. I would go back to using an online account.
Hey Vanguard, are you listening?
Dan
Dan999
Re: Attempted Hack on my Vanguard Accounts
You don't just have to answer a security question? I'll have to look into it.sunnyday wrote:If you delete your cookies or clear your cache with this setting, I believe your computer will become unrecognizable. Then you'll need to call Vanguard. That seems less than ideal but could work for someJamesSFO wrote:Under Account Maintenance > Security > Computer access restrictionsJamesSFO wrote:I believe you can configure your account to only allow signon from a particular computer.
Then pick "Restrict unrecognized computers from accessing my accounts." and save.
Re: Attempted Hack on my Vanguard Accounts
I can second this. If you change your settings to "Restrict unrecognized computers from accessing my accounts" and you delete your cookies and cache...it WILL become an unrecognized computer. I've dealt with this first hand multiple times...rkhusky wrote:You don't just have to answer a security question? I'll have to look into it.sunnyday wrote:If you delete your cookies or clear your cache with this setting, I believe your computer will become unrecognizable. Then you'll need to call Vanguard. That seems less than ideal but could work for someJamesSFO wrote:Under Account Maintenance > Security > Computer access restrictionsJamesSFO wrote:I believe you can configure your account to only allow signon from a particular computer.
Then pick "Restrict unrecognized computers from accessing my accounts." and save.
- Phineas J. Whoopee
- Posts: 9675
- Joined: Sun Dec 18, 2011 5:18 pm
Re: Attempted Hack on my Vanguard Accounts
I've concluded my user name, rather than my account, at a reasonably secure site was attacked.
I tried to log in one week on my ordinary schedule, and it told me to contact customer service. Somebody had tried my user name from an untrusted computer and failed to answer the security questions correctly. The CSR unlocked the account and I logged in.
The next week, as usual, I tried and the same thing happened. I contacted customer service, and somebody had attempted again, but failed to answer security questions. He unlocked the account and I logged in.
Out of curiosity I tried the very next day and again was locked out. This time the CSR suggested I change my username, because somebody was "obviously confused" about their own. She enabled it, and I did it.
Again out of curiosity, a few days later, I tried my old user name. It existed and with different security questions.
That's why I've concluded somebody really wanted my user name. Fortunately, I don't care, so they can have it. But I'd not thought before about even the possibility of that sort of a denial-of-service attack.
PJW
I tried to log in one week on my ordinary schedule, and it told me to contact customer service. Somebody had tried my user name from an untrusted computer and failed to answer the security questions correctly. The CSR unlocked the account and I logged in.
The next week, as usual, I tried and the same thing happened. I contacted customer service, and somebody had attempted again, but failed to answer security questions. He unlocked the account and I logged in.
Out of curiosity I tried the very next day and again was locked out. This time the CSR suggested I change my username, because somebody was "obviously confused" about their own. She enabled it, and I did it.
Again out of curiosity, a few days later, I tried my old user name. It existed and with different security questions.
That's why I've concluded somebody really wanted my user name. Fortunately, I don't care, so they can have it. But I'd not thought before about even the possibility of that sort of a denial-of-service attack.
PJW
Re: Attempted Hack on my Vanguard Accounts
Yes, I have Firefox set up to clear cache when I exit the browser. We are asked a security question each time we log into the Vanguard site.AAA wrote:I routinely clear the cache and history from my browser, especially after entering personal information on a web site. Does that make it an "unrecognized computer" or is some other feature of the computer used for recognition?JamesSFO wrote:Under Account Maintenance > Security > Computer access restrictionsJamesSFO wrote:I believe you can configure your account to only allow signon from a particular computer.
Then pick "Restrict unrecognized computers from accessing my accounts." and save.