Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Inferior Third Season
Jan 15, 2005

I don't know where to post this, but I have had a weird identity theft issue that is confusing me.

Basically, I got a bunch of emails from Wells Fargo within about a minute of each other, starting with "We have received your application for a new checking account", and then one with a code to enter into their website for validation, and then a "Your checking account has been successfully set up" email. And then a final email saying that the contact information had been updated (to an email address that is not mine). Two of the emails refer to me by my full name.

This obviously wasn't me.

So I call Wells Fargo (from their website, not from any link in the emails), and tell them this, and they put a block on the account.

First thing I do is change my email account password. Then I check on my credit card balances to make sure that there aren't any weird charges, and while I'm there, I check on my credit history, and it pops up that there are hits on the "dark web" for me from some data breach of some website a while ago, and it shows me my email address and a password that I use (not the password to the email account itself, but a password I use for a bunch of garbage sites I've signed up for over the years that don't have anything sensitive about me in them, which I guess used my email address as username or whatever).

But I'm confused about why they used my actual email address for setting up the account when they must have already found my social security number and other basic info. Why not just use their own email address so that I wouldn't even know about it? And how did they get the confirmation code from Wells Fargo from my email to complete the account setup? If they had actual access to my email account, why not delete the mails so that I would be completely unaware? Is it possible that they are forwarding all of my emails to another email address, and does changing my email account password stop this? It's a gmail account, and I've checked the settings for auto-forwarding, and there is nothing there.

Adbot
ADBOT LOVES YOU

Inferior Third Season
Jan 15, 2005

cinci zoo sniper posted:

for your gmail the minimum breach recovery sequence here imo would be

1) change password on main gmail and recovery emails
2) terminate all signed in sessions via relevant security wizards
3) disable pop3 and imap support on main gmail, and recoveries if possible
4) deauthorise all applications connected to or authenticated via either involved account
5) enable 2fa for main gmail, and recoveries if possible
6) only re-enable disabled or disconnected stuff when you know what is it for

as for how they got your stuff, imo it’s either some funny authenticated application or wells fargo has poo poo protocols and someone just pretty please’d them over the phone, which would explain why they had to use a normal email instead of cumrocket69@pcgamer.com
Thanks. I've signed out everywhere. I changed the recovery email (the one it had before was my university email, which I haven't used in 15 years). I disabled POP and IMAP. I had 2FA enabled already with SMS, but I added the Google Authenticator app. I removed access to all apps except Google Backup and Sync.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply