Retirement Account Stolen by Identity theft

Non-investing personal finance issues including insurance, credit, real estate, taxes, employment and legal issues such as trusts and wills
brak
Posts: 324
Joined: Thu Apr 24, 2008 6:00 am

Re:UPDATE: Retirement Account Stolen by Identity theft

Post by brak » Thu Oct 05, 2017 3:47 pm

So for those of you who are interested, here is the latest installment of new information. The initial call to the custodian of the IRA (Transamerica), which both changed the email address and requested forms for withdrawal of funds, was made from a telephone located at the place my father worked, in New York, when he was contributing to this IRA. He retired thirty years ago. All we have is the general phone number of the institution, but not the specific phone from which the call was made. Transamerica has acknowledged that the voice on the phone is not my father's. We also know that the application to withdraw funds required a notary, and we have the seal and name of the notary, who is located in Los Angeles. We also have the name of the bank and the account number to which the funds from this IRA were wired = the account is in my father's name with his address. We have already filed a police incident report and we will be updating the police with this most recent information. Other than securing my father's other accounts, is there anything else we should be doing at this time? Any other thoughts? Thanks.

lws6772
Posts: 412
Joined: Mon Oct 06, 2008 5:14 pm
Location: Texas

Re: Retirement Account Stolen by Identity theft

Post by lws6772 » Thu Oct 05, 2017 4:15 pm

I was wondering when they would start stealing retirement accounts. My concern was also getting stuck with a big tax bill and the 10% penalty for those under 59 1/2. My wife froze our credit several years ago and I moved all my IRAs "offline" several years before that.

clutchied
Posts: 372
Joined: Mon Jan 05, 2015 12:11 pm

Re: Retirement Account Stolen by Identity theft

Post by clutchied » Thu Oct 05, 2017 4:21 pm

One of the reasons it's critical to monitor email. they send confirmations of CHANGES to your email address.

It must be rough being computer illiterate in this age.


On another note; is there a way to lock withdrawals for a period of time? Like a voluntary lock...


those medallion signature stamps seem more and more valuable right now.

User avatar
F150HD
Posts: 1081
Joined: Fri Sep 18, 2015 7:49 pm

Re: Retirement Account Stolen by Identity theft

Post by F150HD » Thu Oct 05, 2017 4:24 pm

have you pulled credit reports to see what other accounts have been opened in his name?

if someone stole the funds in this IRA (kinda complicated to pull it off) it stands to reason they did other (simpler) things w/ your fathers ID too. Just a hunch.

User avatar
Leesbro63
Posts: 4798
Joined: Mon Nov 08, 2010 4:36 pm

Re: Retirement Account Stolen by Identity theft

Post by Leesbro63 » Thu Oct 05, 2017 4:29 pm

Please take this question with the respect that I mean: Is it possible that your dad forgot what he did? That, just perhaps, he's beginning to "age" and that this isn't what it seems? Again, just respectfully throwing that out there as a possibility.

vaught
Posts: 28
Joined: Fri Aug 11, 2017 2:00 pm

Re: Retirement Account Stolen by Identity theft

Post by vaught » Thu Oct 05, 2017 4:32 pm

Leesbro63 wrote:
Thu Oct 05, 2017 4:29 pm
Please take this question with the respect that I mean: Is it possible that your dad forgot what he did? That, just perhaps, he's beginning to "age" and that this isn't what it seems? Again, just respectfully throwing that out there as a possibility.
The phone call originated in NY.
Doc was notarized by someone in Los Angeles.
Bank account opened in southeast.

Unlikely his father did all of the above.

Wakefield1
Posts: 596
Joined: Mon Nov 14, 2016 10:10 pm

Re: Retirement Account Stolen by Identity theft

Post by Wakefield1 » Thu Oct 05, 2017 5:19 pm

It sounds like some good Detectives are working on this. Incredible but it is possible that someone who worked in Personnel at your (O.P.'s) father's employer or at the financial provider they used 30 years ago could have had something to do with this crime. As F150HD suggests perhaps other intrusions into his identity exist.

FlyingMoose
Posts: 300
Joined: Wed Mar 04, 2009 10:48 pm

Re: Retirement Account Stolen by Identity theft

Post by FlyingMoose » Thu Oct 05, 2017 5:26 pm

The police should be asking who has access to that employee information at the former employer...

User avatar
pondering
Posts: 799
Joined: Fri Jan 30, 2015 11:04 pm
Location: 412-977-3526, originally 718-273-2422

Re: Retirement Account Stolen by Identity theft

Post by pondering » Thu Oct 05, 2017 5:32 pm

Monitoring communication is tricky, especially after the fact.

In my mom’s case her accountant tried to reach her more than a dozen times.
--Robert Sterbal | 412-977-3526 call/text

Doom&Gloom
Posts: 1387
Joined: Thu May 08, 2014 3:36 pm

Re: Retirement Account Stolen by Identity theft

Post by Doom&Gloom » Thu Oct 05, 2017 5:33 pm

FlyingMoose wrote:
Thu Oct 05, 2017 5:26 pm
The police should be asking who has access to that employee information at the former employer...
+1

It is unlikely that OP's dad is the only victim. Sounds like a bigger operation to me.

User avatar
TimeRunner
Posts: 1128
Joined: Sat Dec 29, 2012 9:23 pm

Re: Retirement Account Stolen by Identity theft

Post by TimeRunner » Thu Oct 05, 2017 5:42 pm

vaught wrote:
Thu Oct 05, 2017 4:32 pm
The phone call originated in NY.
Doc was notarized by someone in Los Angeles.
Bank account opened in southeast.

Unlikely his father did all of the above.
Comments on above - phone call APPEARED to originate in NY, but as you know from call spoofing, it could have originated from almost anywhere. Notarization could be easily forged.
One cannot enlighten the unconscious. | Endurance athletes are the Bogleheads of sports. | "I like people - I just don't want to be around 'em." - Russell Gordy

brak
Posts: 324
Joined: Thu Apr 24, 2008 6:00 am

Re: Retirement Account Stolen by Identity theft

Post by brak » Thu Oct 05, 2017 5:56 pm

Re: the phone call. Keep in mind that the phone number of the caller was not only in NY, but from the institution in which my father worked (a hospital) and the job through which the IRA is connected. Also, does the Electronic Funds Transfer Act apply here given the amount of money involved ($52,000) and the fact that it did not originate with a bank, but rather with the custodian of the IRA? Thanks. And so what do I do now...just turn it over to the police, or is there more I should/could be doing?

ofckrupke
Posts: 275
Joined: Mon Jan 10, 2011 2:26 pm

Re: Retirement Account Stolen by Identity theft

Post by ofckrupke » Thu Oct 05, 2017 6:08 pm

FlyingMoose wrote:
Thu Oct 05, 2017 5:26 pm
The police should be asking who has access to that employee information at the former employer...
Obviously the initiating phone number on that call was spoofed (nobody resourceful enough to use put the other elements of the theft at such distances would be dumb enough to cast suspicion on self through even a large current or ex-employer).
Maybe the OP can explain how an Individual Retirement Account would have been associated with one's employer in the early years post ERISA (showing my age here)...contributions were made by payroll deduction?
May have gotten it from a credit agency record, since for a retiree these could easily have a decades-stale work # from a retiree's last employer; and it may have matched the custodian's account record as well.
That still leaves the question of how the perp knew to call Transamerica though.
Last edited by ofckrupke on Thu Oct 05, 2017 6:22 pm, edited 2 times in total.

limeyx
Posts: 66
Joined: Wed Sep 07, 2016 5:34 pm

Re: Retirement Account Stolen by Identity theft

Post by limeyx » Thu Oct 05, 2017 6:09 pm

investor997 wrote:
Thu Oct 05, 2017 3:08 pm
letsgobobby wrote:
Thu Oct 05, 2017 12:09 pm
I was just going to start a new thread about something similar. Clark Howard has opined that the Equifax breach now opens up the possibility of easy and routine theft of retirement and investment accounts, since essentially all personal information used to verify identity is now in the hands of crooks. His comments really scared me. It's not clear what steps can be taken to prevent this. A credit freeze would seem to have no impact whatsoever.
At this point I think what I'm going to do is log in to all my noteworthy accounts and change the answers to any and all account recovery security questions to bogus data, then store these answers in a secure vault backed up to multiple locations, including air-gapped.

Only the paranoid survive...
I've been doing this too
Sad that we have to go to such ends

User avatar
celia
Posts: 6947
Joined: Sun Mar 09, 2008 6:32 am
Location: SoCal

Re: Retirement Account Stolen by Identity theft

Post by celia » Thu Oct 05, 2017 6:15 pm

OP, How did the custodian realize the funds were stolen? Why did it take them a month to contact him?

brak
Posts: 324
Joined: Thu Apr 24, 2008 6:00 am

Re: Retirement Account Stolen by Identity theft

Post by brak » Thu Oct 05, 2017 6:18 pm

Celia - the custodian did not realize the funds were stolen until we contacted them, which occurred after we received a transaction confirmation in the mail showing that the account had $52,000 withdrawn. We received the confirmation letter approximately twelve days after the withdrawal actually occurred.

bayview
Posts: 1280
Joined: Thu Aug 02, 2012 7:05 pm
Location: WNC

Re: Retirement Account Stolen by Identity theft

Post by bayview » Thu Oct 05, 2017 6:30 pm

You asked above what else you should do, and I might have missed it, but I didn't see it mentioned:

Make sure that your email address is registered on his accounts so that you will be promptly notified if anything odd happens. This is not only because he doesn't use email, but because elderly people can be and do get duped by scumbags, and having you on the alerts can help catch things early.
The continuous execution of a sound strategy gives you the benefit of the strategy. That's what it's all about. --Rick Ferri

ji.isaacs
Posts: 53
Joined: Sat May 24, 2014 3:19 pm

Re: Identity theft

Post by ji.isaacs » Thu Oct 05, 2017 6:41 pm

Yankuba wrote:
Tue Oct 03, 2017 1:15 pm


Bottom line - don't be apathetic and stare at this thread doing NOTHING. Act NOW.
Thank you for this line! That's exactly what I've always done - read suggestions like this, think about them, then forget. :oops:

Tonight I changed security questions and set up alerts- phone if offered, email if not. I was surprised that not all offer SMS alerts, and one did not offer alerts at all.

At some point I wonder if consumers will bear a portion of the responsibility for fraud if they don't set up alerts.

FlyingMoose
Posts: 300
Joined: Wed Mar 04, 2009 10:48 pm

Re: Retirement Account Stolen by Identity theft

Post by FlyingMoose » Thu Oct 05, 2017 6:50 pm

ofckrupke wrote:
Thu Oct 05, 2017 6:08 pm

Obviously the initiating phone number on that call was spoofed (nobody resourceful enough to use put the other elements of the theft at such distances would be dumb enough to cast suspicion on self through even a large current or ex-employer).
Don't underestimate the dumbness of criminals. All leads should be followed. Also if this was a toll-free number, it's impossible to block or spoof caller ID (maybe during the actual call, but not on the bill) because the phone company can't charge you for the incoming call if they don't know where it was from. Also why would they spoof the employer's number if they were claiming to be the account holder?

OP: have you contacted any other organizations besides the local police? The FBI may be interested since it's interstate and a large amount of money, also someone suggested the states attorney or attorney general.

You could also see who administers the electronic funds transfer act and give them a call.

ofckrupke
Posts: 275
Joined: Mon Jan 10, 2011 2:26 pm

Re: Retirement Account Stolen by Identity theft

Post by ofckrupke » Thu Oct 05, 2017 7:08 pm

FlyingMoose wrote:
Thu Oct 05, 2017 6:50 pm
Also why would they spoof the employer's number if they were claiming to be the account holder?
To match an old "work number" on custodian's record for the account, that account holder may never have revised, even if he revised the "home number" in the years since, because he retired rather than moving to a new workplace.

investorpeter
Posts: 30
Joined: Sun Jul 31, 2016 5:46 pm

Re: Retirement Account Stolen by Identity theft

Post by investorpeter » Thu Oct 05, 2017 7:14 pm

Maybe I missed it, but what happened to the cash that was transferred to an account in your father's name at Region's Bank?

brak
Posts: 324
Joined: Thu Apr 24, 2008 6:00 am

Re: Retirement Account Stolen by Identity theft

Post by brak » Thu Oct 05, 2017 7:40 pm

I will find out what happened to the cash that was transferred to Regions Bank tomorrow.

Grt2bOutdoors
Posts: 16986
Joined: Thu Apr 05, 2007 8:20 pm
Location: New York

Re: Re:UPDATE: Retirement Account Stolen by Identity theft

Post by Grt2bOutdoors » Thu Oct 05, 2017 7:49 pm

brak wrote:
Thu Oct 05, 2017 3:47 pm
So for those of you who are interested, here is the latest installment of new information. The initial call to the custodian of the IRA (Transamerica), which both changed the email address and requested forms for withdrawal of funds, was made from a telephone located at the place my father worked, in New York, when he was contributing to this IRA. He retired thirty years ago. All we have is the general phone number of the institution, but not the specific phone from which the call was made. Transamerica has acknowledged that the voice on the phone is not my father's. We also know that the application to withdraw funds required a notary, and we have the seal and name of the notary, who is located in Los Angeles. We also have the name of the bank and the account number to which the funds from this IRA were wired = the account is in my father's name with his address. We have already filed a police incident report and we will be updating the police with this most recent information. Other than securing my father's other accounts, is there anything else we should be doing at this time? Any other thoughts? Thanks.
The biggest red flag here is that given the large dollar amount of the withdrawal, the custodian did not require a signature guarantee. A signature guarantee can not be provided by just any old notary, it is provided by financial institutions which essentially ensure that the signature signed in their presence is that of the account holder. If Transamerica only required a notary then that is an obvious flaw in their procedures.
"One should invest based on their need, ability and willingness to take risk - Larry Swedroe" Asking Portfolio Questions

ResearchMed
Posts: 5161
Joined: Fri Dec 26, 2008 11:25 pm

Re: Re:UPDATE: Retirement Account Stolen by Identity theft

Post by ResearchMed » Thu Oct 05, 2017 8:00 pm

Grt2bOutdoors wrote:
Thu Oct 05, 2017 7:49 pm
brak wrote:
Thu Oct 05, 2017 3:47 pm
So for those of you who are interested, here is the latest installment of new information. The initial call to the custodian of the IRA (Transamerica), which both changed the email address and requested forms for withdrawal of funds, was made from a telephone located at the place my father worked, in New York, when he was contributing to this IRA. He retired thirty years ago. All we have is the general phone number of the institution, but not the specific phone from which the call was made. Transamerica has acknowledged that the voice on the phone is not my father's. We also know that the application to withdraw funds required a notary, and we have the seal and name of the notary, who is located in Los Angeles. We also have the name of the bank and the account number to which the funds from this IRA were wired = the account is in my father's name with his address. We have already filed a police incident report and we will be updating the police with this most recent information. Other than securing my father's other accounts, is there anything else we should be doing at this time? Any other thoughts? Thanks.
The biggest red flag here is that given the large dollar amount of the withdrawal, the custodian did not require a signature guarantee. A signature guarantee can not be provided by just any old notary, it is provided by financial institutions which essentially ensure that the signature signed in their presence is that of the account holder. If Transamerica only required a notary then that is an obvious flaw in their procedures.
Couldn't someone setting up this rather sophisticated scam also fake credentials to get past better vetting?
And what would the signature need to match? Something the perp set up at a *new* account, or would the signature be matched with account opening papers from possibly decades earlier (if they can be found...?)?
And of course, a signature can be faked so that a non-expert would probably not notice, especially if there were no alarm bells ringing.

I'm assuming that money is long gone from the second account, or with the police activity/interest, wouldn't it have been seized or at least frozen in place?

RM
This signature is a placebo. You are in the control group.

Billionaire
Posts: 238
Joined: Sat Jan 04, 2014 3:05 pm

Re: Retirement Account Stolen by Identity theft

Post by Billionaire » Thu Oct 05, 2017 8:08 pm

Very sad situation. Sorry to hear about this. I'd guess somebody in the HR or Payroll department was involved.

stan1
Posts: 4864
Joined: Mon Oct 08, 2007 4:35 pm

Re: Retirement Account Stolen by Identity theft

Post by stan1 » Thu Oct 05, 2017 8:15 pm

I think Transamerica will agree to restore his account if the money can't be pulled back from Regions. It's $52K not millions. Their acknowledgement that the voice is not his is an important step to this outcome. You and your dad will be required to sign non-disclosure agreements so we'll never hear the end result and the thread will probably disappear. I hope that's the outcome he is able to get from them.

User avatar
BolderBoy
Posts: 3302
Joined: Wed Apr 07, 2010 12:16 pm
Location: Colorado

Re: Identity theft

Post by BolderBoy » Thu Oct 05, 2017 8:15 pm

Wakefield1 wrote:
Thu Oct 05, 2017 11:50 am
BolderBoy wrote:
Thu Oct 05, 2017 11:28 am
brak wrote:
Wed Oct 04, 2017 6:52 pm
What makes you say that?
"Inside Job".

Because the law enforcement statistics show that it usually is. And that is where they start looking first. And by "inside job" they mean that someone has intimate knowledge on a rather first-hand basis.
Could "inside job" also have been someone employed by the financial custodian?
Many 98 year olds do have maid services or medical helpers coming into the home
Yes.
“Where you stand, depends on where you sit” - Rufus Miles | "Never underestimate one's capacity to overestimate one's abilities"

letsgobobby
Posts: 10504
Joined: Fri Sep 18, 2009 1:10 am

Re: Re:UPDATE: Retirement Account Stolen by Identity theft

Post by letsgobobby » Thu Oct 05, 2017 8:16 pm

Grt2bOutdoors wrote:
Thu Oct 05, 2017 7:49 pm
brak wrote:
Thu Oct 05, 2017 3:47 pm
So for those of you who are interested, here is the latest installment of new information. The initial call to the custodian of the IRA (Transamerica), which both changed the email address and requested forms for withdrawal of funds, was made from a telephone located at the place my father worked, in New York, when he was contributing to this IRA. He retired thirty years ago. All we have is the general phone number of the institution, but not the specific phone from which the call was made. Transamerica has acknowledged that the voice on the phone is not my father's. We also know that the application to withdraw funds required a notary, and we have the seal and name of the notary, who is located in Los Angeles. We also have the name of the bank and the account number to which the funds from this IRA were wired = the account is in my father's name with his address. We have already filed a police incident report and we will be updating the police with this most recent information. Other than securing my father's other accounts, is there anything else we should be doing at this time? Any other thoughts? Thanks.
The biggest red flag here is that given the large dollar amount of the withdrawal, the custodian did not require a signature guarantee. A signature guarantee can not be provided by just any old notary, it is provided by financial institutions which essentially ensure that the signature signed in their presence is that of the account holder. If Transamerica only required a notary then that is an obvious flaw in their procedures.
I've transferred much larger sums than this without a guarantee.

ericmc
Posts: 15
Joined: Sat Feb 20, 2016 1:24 pm

Re: Retirement Account Stolen by Identity theft

Post by ericmc » Thu Oct 05, 2017 8:22 pm

limeyx wrote:
Thu Oct 05, 2017 6:09 pm
investor997 wrote:
Thu Oct 05, 2017 3:08 pm
letsgobobby wrote:
Thu Oct 05, 2017 12:09 pm
I was just going to start a new thread about something similar. Clark Howard has opined that the Equifax breach now opens up the possibility of easy and routine theft of retirement and investment accounts, since essentially all personal information used to verify identity is now in the hands of crooks. His comments really scared me. It's not clear what steps can be taken to prevent this. A credit freeze would seem to have no impact whatsoever.
At this point I think what I'm going to do is log in to all my noteworthy accounts and change the answers to any and all account recovery security questions to bogus data, then store these answers in a secure vault backed up to multiple locations, including air-gapped.

Only the paranoid survive...
I've been doing this too
Sad that we have to go to such ends
I've been making up bogus info for the security questions for years. A month back my Capital 1 card is fraudulently used. Cap 1 texts an alert to me and I confirm the fraud. When I call Cap 1 they ask me security questions to confirm my identity. All the security questions were real questions / answers, not what I have made up. After completing the security questions I asked the rep why they didn't ask me the questions which I had setup. Her response was that they do this for security and that they use a timing mechanism to rule out a hacker posing as me. So our efforts to make up "secure" answers are only as good as the policy of the institution...

Grt2bOutdoors
Posts: 16986
Joined: Thu Apr 05, 2007 8:20 pm
Location: New York

Re: Re:UPDATE: Retirement Account Stolen by Identity theft

Post by Grt2bOutdoors » Thu Oct 05, 2017 8:24 pm

letsgobobby wrote:
Thu Oct 05, 2017 8:16 pm
Grt2bOutdoors wrote:
Thu Oct 05, 2017 7:49 pm
brak wrote:
Thu Oct 05, 2017 3:47 pm
So for those of you who are interested, here is the latest installment of new information. The initial call to the custodian of the IRA (Transamerica), which both changed the email address and requested forms for withdrawal of funds, was made from a telephone located at the place my father worked, in New York, when he was contributing to this IRA. He retired thirty years ago. All we have is the general phone number of the institution, but not the specific phone from which the call was made. Transamerica has acknowledged that the voice on the phone is not my father's. We also know that the application to withdraw funds required a notary, and we have the seal and name of the notary, who is located in Los Angeles. We also have the name of the bank and the account number to which the funds from this IRA were wired = the account is in my father's name with his address. We have already filed a police incident report and we will be updating the police with this most recent information. Other than securing my father's other accounts, is there anything else we should be doing at this time? Any other thoughts? Thanks.
The biggest red flag here is that given the large dollar amount of the withdrawal, the custodian did not require a signature guarantee. A signature guarantee can not be provided by just any old notary, it is provided by financial institutions which essentially ensure that the signature signed in their presence is that of the account holder. If Transamerica only required a notary then that is an obvious flaw in their procedures.
I've transferred much larger sums than this without a guarantee.
^^That may be true, however I am pointing out an obvious security weakness. Requiring a signature guarantee could reduce the likelihood of these types of transfers occurring.
"One should invest based on their need, ability and willingness to take risk - Larry Swedroe" Asking Portfolio Questions

dcop
Posts: 23
Joined: Fri Sep 08, 2017 6:06 pm

Re: Retirement Account Stolen by Identity theft

Post by dcop » Thu Oct 05, 2017 8:27 pm

I have Vanguard and Wells Fargo accounts. Since 1999 I check them daily online when I get up in the morning while having my coffee. And at night I check them to balance my register (Excel), including credit card accounts. Takes me less than 5 minutes a day.

Will that ever prevent someone from ripping me off? I like to think it would but I'm far from 100% convinced it would.

It's not your fathers fault by any means that he is the age where he missed the entire online evolution. But considering the timeline that it took (12 days) online access seems to have been the best way to catch this.

JohnFiscal
Posts: 437
Joined: Mon Jan 06, 2014 4:28 pm
Location: USA

Re: Retirement Account Stolen by Identity theft

Post by JohnFiscal » Thu Oct 05, 2017 8:45 pm

awful story, thanks for sharing the details.

Since the new account is in father's name, I wonder if he/you can just "steal it back".

learning_head
Posts: 807
Joined: Sat Apr 10, 2010 6:02 pm

Re: Retirement Account Stolen by Identity theft

Post by learning_head » Thu Oct 05, 2017 8:49 pm

Thank you brak for posting the story and keeping us up to date - this is a case many people would be interested in I think.

I like the idea Ashley1748 posted about having fraud alerts in addition to credit freezes so as to have additional warning to institutions (esp his current ones if they decide to pull the credit report).

Note that credit freezes do nothing for places where he already has accounts.

I would suggest contacting all current financial institutions with your dad's accounts and explaining the situation and seeing what they can do to flag his account requiring extra steps for any money withdraws. Make sure to take down employee name and identifying information and let them know you are recording this for your records, in case funds start disappearing from their institution.
dcop wrote:
Thu Oct 05, 2017 8:27 pm
Since 1999 I check them daily online when I get up in the morning ... And at night ...
Does not this expose you to more danger in that some keylogger on your computer is more likely to catch your online credentials before your security software is updated enough to discover the keylogger?

I would think alerts for any changes on your accounts would be more secure.
Last edited by learning_head on Thu Oct 05, 2017 8:51 pm, edited 2 times in total.

FlyingMoose
Posts: 300
Joined: Wed Mar 04, 2009 10:48 pm

Re: Retirement Account Stolen by Identity theft

Post by FlyingMoose » Thu Oct 05, 2017 8:50 pm

JohnFiscal wrote:
Thu Oct 05, 2017 8:45 pm
Since the new account is in father's name, I wonder if he/you can just "steal it back".
I would assume it’s long gone from the new account.

ThriftyPhD
Posts: 125
Joined: Mon Jul 31, 2017 10:43 am

Re: Retirement Account Stolen by Identity theft

Post by ThriftyPhD » Thu Oct 05, 2017 9:02 pm

JohnFiscal wrote:
Thu Oct 05, 2017 8:45 pm
awful story, thanks for sharing the details.

Since the new account is in father's name, I wonder if he/you can just "steal it back".
Probably best to leave this to the Police at this stage. But make sure to keep on them to make sure things are progressing.

OP, thanks for sharing this experience, it's a good reminder to keep up to date on all accounts. I hope everything is swiftly resolved and your father made whole.

dcop
Posts: 23
Joined: Fri Sep 08, 2017 6:06 pm

Re: Retirement Account Stolen by Identity theft

Post by dcop » Thu Oct 05, 2017 9:08 pm

learning_head wrote:
Thu Oct 05, 2017 8:49 pm
dcop wrote:
Thu Oct 05, 2017 8:27 pm
Since 1999 I check them daily online when I get up in the morning ... And at night ...
Does not this expose you to more danger in that some keylogger on your computer is more likely to catch your online credentials before your security software is updated enough to discover the keylogger?

I would think alerts for any changes on your accounts would be more secure.
A keylogger has to be put on your device and then the logged keystrokes have to get to the perp somehow. I'm confident in my vigilance that I can avoid a keylogger. My device getting stolen would concern me a bit more provided they would get past windows login they would get into my browser and see usernames, auto fill and so on. BUT I would react to a stolen device the same as I would a lost or stolen credit card and be on the phone immediately to my custodians. An BTW I have all the alerts set up too.

So everything you can do on your own is one step closer to preventing what what happened to OPs father from happening. Good lessons to be learned from this thread.

DavidRoseMountain
Posts: 45
Joined: Sun Nov 30, 2014 3:27 pm

Re: Retirement Account Stolen by Identity theft

Post by DavidRoseMountain » Thu Oct 05, 2017 9:13 pm

I recommend contacting the state attorney general to get that person involved on your behalf.
I would file a report with the Consumer Financial Protection Bureau, Transamerica is at fault here.
I would contact the US House Congressperson that represents your father, as well as your father's 2 senators, to see how they can get federal FBI intervention on your father's behalf.

brak
Posts: 324
Joined: Thu Apr 24, 2008 6:00 am

Re: Retirement Account Stolen by Identity theft

Post by brak » Thu Oct 05, 2017 9:18 pm

Thank you all so so much for your suggestions and support - both are invaluable. Tomorrow I will be updating the police with the new information I have received, put on fraud alerts (I have already put on credit freezes), and contact the financial institutions with whom my father does business to see what additional security measures can be implemented. Sound like fun?

learning_head
Posts: 807
Joined: Sat Apr 10, 2010 6:02 pm

Re: Retirement Account Stolen by Identity theft

Post by learning_head » Thu Oct 05, 2017 9:18 pm

dcop wrote:
Thu Oct 05, 2017 9:08 pm
learning_head wrote:
Thu Oct 05, 2017 8:49 pm
dcop wrote:
Thu Oct 05, 2017 8:27 pm
Since 1999 I check them daily online when I get up in the morning ... And at night ...
Does not this expose you to more danger in that some keylogger on your computer is more likely to catch your online credentials before your security software is updated enough to discover the keylogger?

I would think alerts for any changes on your accounts would be more secure.
A keylogger has to be put on your device and then the logged keystrokes have to get to the perp somehow. I'm confident in my vigilance that I can avoid a keylogger. My device getting stolen would concern me a bit more provided they would get past windows login they would get into my browser and see usernames, auto fill and so on. BUT I would react to a stolen device the same as I would a lost or stolen credit card and be on the phone immediately to my custodians. An BTW I have all the alerts set up too.

So everything you can do on your own is one step closer to preventing what what happened to OPs father from happening. Good lessons to be learned from this thread.
Keylogger gets to your device just like any other malware - one wrong click somewhere, or unpatched little piece of OS, or some port that's opened for svchost or other process, or a compromised update server that your software checks for updates and downloads malware instead, or compromised ISP, or a compromised website which you normally visit but it got broken into, or a compromised DNS server, or many other ways in which malware can get on. You cannot be 100% sure of avoiding malware, no matter what you do (or if you can, I'd love to know how!).

Problem that I am concerned about is some 0-day attack or something similar where keylogger gets on your PC and it takes a while for your security software (most people don't even have one for keyloggers specifically - I think anti-viruses don't normally look for those) figures out a patch on how to catch it. If you happen to login in the mean time, keylogger will happily send your credentials out to the mothership.

I would not be concerned with your PC being stolen as much, assuming you don't store financial site passwords anywhere on your PC. (And most people that do, store them in secure way.)
Last edited by learning_head on Thu Oct 05, 2017 9:28 pm, edited 3 times in total.

learning_head
Posts: 807
Joined: Sat Apr 10, 2010 6:02 pm

Re: Retirement Account Stolen by Identity theft

Post by learning_head » Thu Oct 05, 2017 9:21 pm

brak wrote:
Thu Oct 05, 2017 9:18 pm
Sound like fun?
No fun, but I think you will be able to teach a lot of us by sharing your experiences. Thanks again!

User avatar
tadamsmar
Posts: 7361
Joined: Mon May 07, 2007 12:33 pm

Re: Retirement Account Stolen by Identity theft

Post by tadamsmar » Thu Oct 05, 2017 9:35 pm

Transamerica wrote:We are not responsible for damages or losses resulting from any breach of security caused by your failure to maintain the confidentiality of your Access Codes or any other security or authentication technique we utilize, unless otherwise required by law.
https://www.transamerica.com/individual ... neservices

They may not be required by law for a retirement account.

delamer
Posts: 2939
Joined: Tue Feb 08, 2011 6:13 pm

Re: Retirement Account Stolen by Identity theft

Post by delamer » Thu Oct 05, 2017 9:49 pm

brak wrote:
Thu Oct 05, 2017 9:18 pm
Thank you all so so much for your suggestions and support - both are invaluable. Tomorrow I will be updating the police with the new information I have received, put on fraud alerts (I have already put on credit freezes), and contact the financial institutions with whom my father does business to see what additional security measures can be implemented. Sound like fun?
From an online chat by Michelle Singletary, a syndicated personal finance columnist; this was in response to a question about chexsystems.com:

"This is the system banks used when people are setting up bank accounts. And you can put a freeze on this so a identity thief can't open a bank account in your name."

I immediately thought of your father's situation when I read this. It sounds like another step worth taking.

investorpeter
Posts: 30
Joined: Sun Jul 31, 2016 5:46 pm

Re: Retirement Account Stolen by Identity theft

Post by investorpeter » Thu Oct 05, 2017 9:55 pm

I would call Regions first thing tomorrow. Though unlikely, you never know, the money may still be there. I would think that transferring a huge amount of cash into a bank under one name and then transferring it out to a different name would raise some red flags at Regions. Obviously the scammers thought Transamerica would find the transaction suspicious so they created the fake account at Regions under your father's name to make it seem more legitimate. The scammers leaving behind cash for "tax purposes" also seems odd, that they would just choose not to take every thing when they could, but I suppose that would also make it seem more like a legitimate transaction to Transamerica. I would follow the money trail as far as you can if for no other purpose than to find the final transaction when it gets moved to some overseas bank or whatever to prove that this was a genuine case of identity theft and not some family-related shenanigans as some have suggested could be the case. This sounds like a terrible situation. I hope your father is made whole in the end.

User avatar
celia
Posts: 6947
Joined: Sun Mar 09, 2008 6:32 am
Location: SoCal

Re: Retirement Account Stolen by Identity theft

Post by celia » Thu Oct 05, 2017 10:06 pm

brak wrote:
Thu Oct 05, 2017 6:18 pm
Celia - the custodian did not realize the funds were stolen until we contacted them, which occurred after we received a transaction confirmation in the mail showing that the account had $52,000 withdrawn. We received the confirmation letter approximately twelve days after the withdrawal actually occurred.
But if they still have his real mailing address on the account, did the canceled check they sent in have the same address, only going to another bank? Something doesn't sound right.
Last edited by celia on Thu Oct 05, 2017 10:15 pm, edited 1 time in total.

learning_head
Posts: 807
Joined: Sat Apr 10, 2010 6:02 pm

Re: Retirement Account Stolen by Identity theft

Post by learning_head » Thu Oct 05, 2017 10:07 pm

delamer wrote:
Thu Oct 05, 2017 9:49 pm
brak wrote:
Thu Oct 05, 2017 9:18 pm
Thank you all so so much for your suggestions and support - both are invaluable. Tomorrow I will be updating the police with the new information I have received, put on fraud alerts (I have already put on credit freezes), and contact the financial institutions with whom my father does business to see what additional security measures can be implemented. Sound like fun?
From an online chat by Michelle Singletary, a syndicated personal finance columnist; this was in response to a question about chexsystems.com:

"This is the system banks used when people are setting up bank accounts. And you can put a freeze on this so a identity thief can't open a bank account in your name."

I immediately thought of your father's situation when I read this. It sounds like another step worth taking.
Definitely. It helps with some institutions. Maybe most of them... but seems like it's not fool proof :-(

investorpeter
Posts: 30
Joined: Sun Jul 31, 2016 5:46 pm

Re: Retirement Account Stolen by Identity theft

Post by investorpeter » Thu Oct 05, 2017 10:21 pm

Also, I think the notary is an important lead here. If the notary is a true person, s/he would have had to look at the person's ID and face before notarizing. The notary could provide key info the physical characteristics of someone involved in the scam and definitively say it was not your father. They notary also may have a copy of the drivers license of the scammer, perhaps with a fake photo. If the notarization is fake or forged, then I would think Transamerica would have to shoulder much of the blame for accepting a fake notarized document.

letsgobobby
Posts: 10504
Joined: Fri Sep 18, 2009 1:10 am

Re: Re:UPDATE: Retirement Account Stolen by Identity theft

Post by letsgobobby » Thu Oct 05, 2017 10:43 pm

Grt2bOutdoors wrote:
Thu Oct 05, 2017 8:24 pm
letsgobobby wrote:
Thu Oct 05, 2017 8:16 pm
Grt2bOutdoors wrote:
Thu Oct 05, 2017 7:49 pm
brak wrote:
Thu Oct 05, 2017 3:47 pm
So for those of you who are interested, here is the latest installment of new information. The initial call to the custodian of the IRA (Transamerica), which both changed the email address and requested forms for withdrawal of funds, was made from a telephone located at the place my father worked, in New York, when he was contributing to this IRA. He retired thirty years ago. All we have is the general phone number of the institution, but not the specific phone from which the call was made. Transamerica has acknowledged that the voice on the phone is not my father's. We also know that the application to withdraw funds required a notary, and we have the seal and name of the notary, who is located in Los Angeles. We also have the name of the bank and the account number to which the funds from this IRA were wired = the account is in my father's name with his address. We have already filed a police incident report and we will be updating the police with this most recent information. Other than securing my father's other accounts, is there anything else we should be doing at this time? Any other thoughts? Thanks.
The biggest red flag here is that given the large dollar amount of the withdrawal, the custodian did not require a signature guarantee. A signature guarantee can not be provided by just any old notary, it is provided by financial institutions which essentially ensure that the signature signed in their presence is that of the account holder. If Transamerica only required a notary then that is an obvious flaw in their procedures.
I've transferred much larger sums than this without a guarantee.
^^That may be true, however I am pointing out an obvious security weakness. Requiring a signature guarantee could reduce the likelihood of these types of transfers occurring.
what dollar amount would you propose require a guarantee? $50,000 is not even an RMD for many folks.

pivoprussia
Posts: 52
Joined: Tue Nov 18, 2014 6:00 pm

Re: Retirement Account Stolen by Identity theft

Post by pivoprussia » Fri Oct 06, 2017 4:43 am

investorpeter wrote:
Thu Oct 05, 2017 10:21 pm
Also, I think the notary is an important lead here. If the notary is a true person, s/he would have had to look at the person's ID and face before notarizing. The notary could provide key info the physical characteristics of someone involved in the scam and definitively say it was not your father. They notary also may have a copy of the drivers license of the scammer, perhaps with a fake photo. If the notarization is fake or forged, then I would think Transamerica would have to shoulder much of the blame for accepting a fake notarized document.
Have a feeling the notary is part of the scheme. HIs father is 98. Hard to fake looking 98 or get some elderly person involved in something nefarious like this.

basspond
Posts: 888
Joined: Wed Nov 27, 2013 4:01 am

Re: Retirement Account Stolen by Identity theft

Post by basspond » Fri Oct 06, 2017 5:19 am

I had a similar situation with a credit card. A person called about midnight to the company to change the email account. According to the company, they didn't answer the security questions correctly so called back within an hour and changed it then. There needs to be more punishment for these identity thiefs to cut out this crap. Good luck. I keep on reminding my mom to be careful what information she gives out. These people are shysters who prey on the elderly.

Grt2bOutdoors
Posts: 16986
Joined: Thu Apr 05, 2007 8:20 pm
Location: New York

Re: Re:UPDATE: Retirement Account Stolen by Identity theft

Post by Grt2bOutdoors » Fri Oct 06, 2017 6:37 am

letsgobobby wrote:
Thu Oct 05, 2017 10:43 pm
Grt2bOutdoors wrote:
Thu Oct 05, 2017 8:24 pm
letsgobobby wrote:
Thu Oct 05, 2017 8:16 pm
Grt2bOutdoors wrote:
Thu Oct 05, 2017 7:49 pm
brak wrote:
Thu Oct 05, 2017 3:47 pm
So for those of you who are interested, here is the latest installment of new information. The initial call to the custodian of the IRA (Transamerica), which both changed the email address and requested forms for withdrawal of funds, was made from a telephone located at the place my father worked, in New York, when he was contributing to this IRA. He retired thirty years ago. All we have is the general phone number of the institution, but not the specific phone from which the call was made. Transamerica has acknowledged that the voice on the phone is not my father's. We also know that the application to withdraw funds required a notary, and we have the seal and name of the notary, who is located in Los Angeles. We also have the name of the bank and the account number to which the funds from this IRA were wired = the account is in my father's name with his address. We have already filed a police incident report and we will be updating the police with this most recent information. Other than securing my father's other accounts, is there anything else we should be doing at this time? Any other thoughts? Thanks.
The biggest red flag here is that given the large dollar amount of the withdrawal, the custodian did not require a signature guarantee. A signature guarantee can not be provided by just any old notary, it is provided by financial institutions which essentially ensure that the signature signed in their presence is that of the account holder. If Transamerica only required a notary then that is an obvious flaw in their procedures.
I've transferred much larger sums than this without a guarantee.
^^That may be true, however I am pointing out an obvious security weakness. Requiring a signature guarantee could reduce the likelihood of these types of transfers occurring.
what dollar amount would you propose require a guarantee? $50,000 is not even an RMD for many folks.
I must be traveling in rarified circles. $50k is not even a Required Minimum Distribution for "many" folks? Hmmm, most of America don't even have $50k saved. Let me phrase it better, when one's hard earned monies are at stake, it is far more prudent to place the burden of proof on those doing the withdrawing and less on those who are holding the assets. I as the asset owner want to make it as difficult as possible for scammers. The system today is filled with flaws that make it too easy.
"One should invest based on their need, ability and willingness to take risk - Larry Swedroe" Asking Portfolio Questions

Post Reply