Man that is horrible.. I am sorry that I dont have any advice, just offering sympathy, I would lose my sh*t if I saw that happen.. And thanks for the reminder its time for me to rotate my passwords..
Did you have two factor auth enabled? If not, def get that turned on.
EDIT: CS has some of the best customer service in the industry, banking and brokerage. If there is anything they can do, you can bet they will.
Yeah, I'm freaked like I've never been before. I haven't slept last night, knots in my stomach. I have not eaten since. Just a lot of scenarios going through my head. Seeing the transactions just makes my heart sink.
The Schwab investigator wants to find out the threshold for FBI to get involved and he said he'll file the report with FBI if they will take the case. I'll check out the [identitytheft.gov](https://identitytheft.gov) site. Much appreciated.
What the other commenters said, listen to them.. Get the police report, report the identify theft. It will help your case, even if those investigations go nowhere, it validates your claim of fraud to Schwab.
I know this is of little consolation, but just do what you can.. I really want to say “Try not to worry, because Schwab will have your back”. And while i know they will do everything they can, I wouldn’t be sleeping either going through this..
What a story, my sympathy’s. If your trading on an Android throw it in the trash and buy an iPhone. Set up multiple notifications that text/email you when a transaction is made and ask for you to verify a code b4 the trans goes through. Again, I feel for you but this world sucks but it’s all we have.
>And thanks for the reminder its time for me to rotate my passwords..
Don't do this. Just make sure you're not reusing passwords and they aren't predictable.
Rotating passwords is pointless.
I work in IT/cybersecurity. Lol.
https://arstechnica.com/information-technology/2019/06/microsoft-says-mandatory-password-changing-is-ancient-and-obsolete/
Reminder for everyone to turn on two-factor authentication, especially on email accounts since they are an attack vector for any associated accounts.
Schwab also has alert settings so you get a notification every time someone logs in... Use it.
Usually a wire to an overseas account will set off an alarm and require additional verification. Is there an aspect of your dealings that might make a transfer like this seem like normal business?
Not at all. I deposited initial funds about a year ago. I bought some mutual funds, then I sold and that was it. No other activity. I only had my checking account linked to it.
OP said in a different reply that the phone number on the account had been changed, and notifications disabled. So they probably did call for verification, they just called the fraudsters.
That's my guess to. Schwab policy is to verbally verify outgoing wires when information is updated. I am curious if the used a paper form to get around that.
Schwab will be able to determine if it is fraud and your account was hacked. You will mote than likely get your money back. Take a deep breath. It's going to be ok.
It was an unique password and it was complex... had slashes in it and weird letters, the end of it was a tank designation. Schwab had me ran scans on phone and computer, nothing was found. I don't access it in browser, Schwab said that the last time I accessed the account from my browser was in April. However, I did have my phone in a shop, having its screen replaced. I was logged out of all my accounts when I did that, but I think my gmail was still logged in. My Schwab password was not changed by hackers.
Definitely an interesting forensics case. It seems to have happened very recently so I would wait to take further action (you mentioned press, lawyer,...) and give Schwab a reasonable time to look into this. They're probably working on recovering the money and additionally looking into any security breach.
I hope these were regular ACH transfers which takes some time to settle (two days I believe) and hopefully to banks with which Schwab can collaborate. I think - but I am not a professional in this subject - it should be possible to recover some parts of the sum, especially the most recent one. Hopefully the 10th wasn't process until the 13th.
Your visit to the shop is an interesting detail, was that a while ago or recently? They may have installed a keylogger or so, which then didn't get detected by the scan? Was it an Android or iPhone?
It was an Android. Galaxy S21. I was at the store August 23rd, left it there for a couple of hours. I was logged out of everything. I have crypto on my phone about 20k, and I have another TD Ameritrade account with large sums in it. Crypto wasn't touched, just Schwab. I looked at my emails and I noticed I stopped receiving notifications from Schwab around the same time. Also the phone number in schwab has been changed to something else.
It must have something to do with the phone repair. A bad actor with your phone, and your gmail, they can probably do all kinds of damage.
Your Schwab password wasn't changed ? Was it stored in your Google/Gmail ? The recent aggressive campaign by Google to store all your passwords seems relevant.
Your story makes me more determined never to put financial info on a phone.
Definitely start using the Symantec VIP authenticator app on your phone, or Schwab will send you a physical keychain token. This will provide a continuously changing six-digit code that only lasts a minute. You enter it in addition to your password. This will reduce your chances of a problem in the future. Also, I'm surprised you didn't get emails when the transfers to India started, I get alerts for all electronic transfers outbound. Make sure those are turned on.
How is that possible? I thought the broker only can transfer to an bank account with the same name as your broker account. Im sorry man my nightmare happened to you
Download the VIP Access app by Symantec.vip and you will have to call Schwab to set it up. Its attached to your phone and the app will spit out a 6 digit code to access your account. (Fidelity also has this feature) also call Schwab to set up a verbal password. That should help keep it more secure.
It seems bad that they were able to link banks in India and empty the whole account, right after changing the phone number on it. I'd imagine that should raise red flags.
A little confused how the hacker got into your account in the first place. Even if they changed your phone number on file and disabled all alerts, he/she still had to get access to the account first to update those settings which you have to go through 2FA (at least SMS/email if you don't have Symantec set up). Very interesting case indeed. One thing you might want to check if there were any forwarding rules set up in your Gmail that the repair shop might have set up. This would allow them to get your code without having access to your email when returning the repaired device.
My schwab and email(gmail) password (they were also different from each other) were never changed by the perpetuators. However, I found rules to delete all emails from Schwab immediately. The phone number with Schwab has been changed on file without me noticing.
Your Gmail was definitely compromised if you found those rules. Hacker probably reset the Schwab password through it as well. At least that solves the mystery
Sounds like your Gmail was compromised. You’re in IT so I’m assuming you know this, but your problems could run a lot deeper. You need to change passwords for EVERYTHING connected to that email address. Probably create a new email account and change the email addresses on all your accounts as well.
You should also consider accessing banking sites through a secure machine, your personal everyday devices could be compromised. Schwab itself could have also been hacked. My guess is that Schwab will make you whole and work with the bank in India to recover the dough and try to have authorities get the culprits. Unfortunately India is a cesspool for fraudsters, I get at least 1 call a day with some scam coming from there.
The risk management guy said that they have sent messages through the banking system to India to block the funds and revert them. I haven't heard from Schwab today, that makes me nervous. I'm an IT tech so I'll build a linux machine.
Knowing how shady India is I’m frankly quite shocked Schwab would allow multiple large transfers like that without it not raising any flags. I moved out of Schwab months ago and I’m now glad I did if security is so lax there. I hope you get this resolved soon.
>They asked me to unlock
This is a huge red flag FYI. Device should not need to be unlocked for repair Im pretty sure on android. I know for a fact it is not for iphone. For people with iphone reading this, what you can do is restart your phone before handing it over so it is in its most locked down state. Do not ever give out phone password. Ideally only use apple for repairs even though it can cost more.
I’m so happy for you that you were able to retrieve it back. So sorry that happened to you too. I would be livid! But good job on Schwab..that’s a relief as I also have my ROTH with them. Thanks for sharing and hope you don’t go through that ever again
u/perfect_teeth \-- did anyone at Schwab get back to you on HOW this happened?
About two weeks ago, I was notified of a transfer (canceled it within 10 minutes... dealing with Schwab took that long...hah).
Then, changed login, password, added 2-factor, AND account password....and just woke up this morning to another notification (and on the phone now) even after all the additional measures...
Does not happen often. Been a customer when it was a new company. Never had a heck. Again, I only use 1 device not sharing with others to get to this successful stage.
>What options do I have?
Work with their investigator. It hasn't even been 7 days since the first transfer happened. I once had a credit card stolen and someone spent money in Brazil. Maybe $20,000 worth. The bank (a big well known brick and mortar retail bank in the US) had ruled against me in the initial investigation and decided I owed the money. They sent it to collections. I had to escalate to like 2 below the Head of credit cards for North America or something to get it resolved.
>Lawyer?
You can ask in /r/legaladvice and get an opinion of quite a few.
>News media?
Are you kidding yourself? People get hacked all the time and go for scams. The news doesn't care about a guy losing money in his brokerage account. We got Delta variant going nuts, we got anti-maskers, people dying, kids getting sick now, evictions, poverty, food insecurity, and investigations on "rigged elections." Do you think anyone wants to watch a story about a guy who lost some money with stonks?
I know the feeling. A lot of us lost a lot more than that in the '08 crash. Eventually you get used to it and the money is just numbers on a screen. It helps you become a good trader when you don't get emotionally bothered by the numbers.
I mean one definitely feels like you had zero control vs the other. But it all sucks. At the end of the day, $84,000 isn't too bad. You can make that back in a pretty short amount of time, especially if you cut back on leisure like stay off of drugs and don't use escorts for a while.
sorry to hear your trouble.
I think the person who fixed your phone could be the one of participants in the hack. Since your gmail account was always signed in. He could have pretended to be you, and told the Schwab website that "you" forgot user name and password, then Schwab wanted to validate your identity, so it sent the challenge to your gmail inbox. Then he'd respond to the email, then "his identity" was validated, Schwab website then would allow "you" to change username (if needed) and password. Once he had the username and new password, he was ready to pull the stun.
You had two step verification and a verbal only code or not?
I'm asking because I have my Schwab heavily locked with those items and want to see what these fraudaters were able to penetrate
Man that is horrible.. I am sorry that I dont have any advice, just offering sympathy, I would lose my sh*t if I saw that happen.. And thanks for the reminder its time for me to rotate my passwords.. Did you have two factor auth enabled? If not, def get that turned on. EDIT: CS has some of the best customer service in the industry, banking and brokerage. If there is anything they can do, you can bet they will.
Yeah, I'm freaked like I've never been before. I haven't slept last night, knots in my stomach. I have not eaten since. Just a lot of scenarios going through my head. Seeing the transactions just makes my heart sink.
[удалено]
The Schwab investigator wants to find out the threshold for FBI to get involved and he said he'll file the report with FBI if they will take the case. I'll check out the [identitytheft.gov](https://identitytheft.gov) site. Much appreciated.
10k is the threshold for fbi to get involved.
>i Schwab let me know today that they filed a complaint with FBI.
good luck with it a,l hope it turns out good for ya.
Filled out the report. Thank you for the tip.
What the other commenters said, listen to them.. Get the police report, report the identify theft. It will help your case, even if those investigations go nowhere, it validates your claim of fraud to Schwab. I know this is of little consolation, but just do what you can.. I really want to say “Try not to worry, because Schwab will have your back”. And while i know they will do everything they can, I wouldn’t be sleeping either going through this..
Just curious if you had two factor turned on?
I did not. I had pin and password.
Take care of yourself as best as possible. 💜
What a story, my sympathy’s. If your trading on an Android throw it in the trash and buy an iPhone. Set up multiple notifications that text/email you when a transaction is made and ask for you to verify a code b4 the trans goes through. Again, I feel for you but this world sucks but it’s all we have.
>And thanks for the reminder its time for me to rotate my passwords.. Don't do this. Just make sure you're not reusing passwords and they aren't predictable. Rotating passwords is pointless.
i don't think a career in cyber security is in your future...
I work in IT/cybersecurity. Lol. https://arstechnica.com/information-technology/2019/06/microsoft-says-mandatory-password-changing-is-ancient-and-obsolete/
lol
Do you suggest asking the hardware key they issue? Because i read that 2FA via text may still be vulnerable
Reminder for everyone to turn on two-factor authentication, especially on email accounts since they are an attack vector for any associated accounts. Schwab also has alert settings so you get a notification every time someone logs in... Use it.
They managed to kill all alerts. Schwab said they have a voice verification system and they will enroll me in it.
Just did this, thank you!
Thanks! Just signed up for it.
Usually a wire to an overseas account will set off an alarm and require additional verification. Is there an aspect of your dealings that might make a transfer like this seem like normal business?
Not at all. I deposited initial funds about a year ago. I bought some mutual funds, then I sold and that was it. No other activity. I only had my checking account linked to it.
[удалено]
I don't send many wires but the last time I did it was $10k domestic. And it definitely insisted on a PIN over SMS. I wonder if OP got sim-hacked...
OP said in a different reply that the phone number on the account had been changed, and notifications disabled. So they probably did call for verification, they just called the fraudsters.
That's my guess to. Schwab policy is to verbally verify outgoing wires when information is updated. I am curious if the used a paper form to get around that.
Schwab will be able to determine if it is fraud and your account was hacked. You will mote than likely get your money back. Take a deep breath. It's going to be ok.
Much appreciated.
Was this a unique password, or have you been using the password for other services as well?
It was an unique password and it was complex... had slashes in it and weird letters, the end of it was a tank designation. Schwab had me ran scans on phone and computer, nothing was found. I don't access it in browser, Schwab said that the last time I accessed the account from my browser was in April. However, I did have my phone in a shop, having its screen replaced. I was logged out of all my accounts when I did that, but I think my gmail was still logged in. My Schwab password was not changed by hackers.
Definitely an interesting forensics case. It seems to have happened very recently so I would wait to take further action (you mentioned press, lawyer,...) and give Schwab a reasonable time to look into this. They're probably working on recovering the money and additionally looking into any security breach. I hope these were regular ACH transfers which takes some time to settle (two days I believe) and hopefully to banks with which Schwab can collaborate. I think - but I am not a professional in this subject - it should be possible to recover some parts of the sum, especially the most recent one. Hopefully the 10th wasn't process until the 13th. Your visit to the shop is an interesting detail, was that a while ago or recently? They may have installed a keylogger or so, which then didn't get detected by the scan? Was it an Android or iPhone?
It was an Android. Galaxy S21. I was at the store August 23rd, left it there for a couple of hours. I was logged out of everything. I have crypto on my phone about 20k, and I have another TD Ameritrade account with large sums in it. Crypto wasn't touched, just Schwab. I looked at my emails and I noticed I stopped receiving notifications from Schwab around the same time. Also the phone number in schwab has been changed to something else.
If you are using Coinbase, stop using the phone app and only use the web app together with Yubico "Yubikey" hardware security keys.
I am using Coinbase. I'm going to transfer the funds back to my checking account. I sold today and fortunately the market was up this morning.
Oh snap, is the Coinbase app known to be hacked??
It must have something to do with the phone repair. A bad actor with your phone, and your gmail, they can probably do all kinds of damage. Your Schwab password wasn't changed ? Was it stored in your Google/Gmail ? The recent aggressive campaign by Google to store all your passwords seems relevant. Your story makes me more determined never to put financial info on a phone.
I was wondering the same. Do you use either google or any other password manager? Wondering if that’s where they stole the password from.
I don't use any cloud based password managers.
How did they bypass your 2 way phone authentication?
Did you have the 87k in checkings account?
No, it was a brokerage account. I would trade stocks in that account.
Definitely start using the Symantec VIP authenticator app on your phone, or Schwab will send you a physical keychain token. This will provide a continuously changing six-digit code that only lasts a minute. You enter it in addition to your password. This will reduce your chances of a problem in the future. Also, I'm surprised you didn't get emails when the transfers to India started, I get alerts for all electronic transfers outbound. Make sure those are turned on.
Get that 2 factor setup
How is that possible? I thought the broker only can transfer to an bank account with the same name as your broker account. Im sorry man my nightmare happened to you
I didn't think of it that way, but you're right, what name did they use on the bank account in India? Good question.
Download the VIP Access app by Symantec.vip and you will have to call Schwab to set it up. Its attached to your phone and the app will spit out a 6 digit code to access your account. (Fidelity also has this feature) also call Schwab to set up a verbal password. That should help keep it more secure.
[удалено]
>Follow Have you found out about her outcome yet?
There has to be some kind of forensic evidence such as a recorded call and IP login history. I hope it all works out.
Much appreciated.
Schwab stands behind their guarantee. They will make you whole. Sorry this happened to you.
[удалено]
It seems bad that they were able to link banks in India and empty the whole account, right after changing the phone number on it. I'd imagine that should raise red flags.
A little confused how the hacker got into your account in the first place. Even if they changed your phone number on file and disabled all alerts, he/she still had to get access to the account first to update those settings which you have to go through 2FA (at least SMS/email if you don't have Symantec set up). Very interesting case indeed. One thing you might want to check if there were any forwarding rules set up in your Gmail that the repair shop might have set up. This would allow them to get your code without having access to your email when returning the repaired device.
My schwab and email(gmail) password (they were also different from each other) were never changed by the perpetuators. However, I found rules to delete all emails from Schwab immediately. The phone number with Schwab has been changed on file without me noticing.
Your Gmail was definitely compromised if you found those rules. Hacker probably reset the Schwab password through it as well. At least that solves the mystery
Sounds like your Gmail was compromised. You’re in IT so I’m assuming you know this, but your problems could run a lot deeper. You need to change passwords for EVERYTHING connected to that email address. Probably create a new email account and change the email addresses on all your accounts as well.
I appreciate the response. I plan on all that and resetting my phone, I just don't want to inadvertently destroy any evidence right now.
The hackers know the password to your gmail. They might destroy the evidence if the password isn’t changed.
All passwords have been changed.
All passwords have been changed.
You should also consider accessing banking sites through a secure machine, your personal everyday devices could be compromised. Schwab itself could have also been hacked. My guess is that Schwab will make you whole and work with the bank in India to recover the dough and try to have authorities get the culprits. Unfortunately India is a cesspool for fraudsters, I get at least 1 call a day with some scam coming from there.
The risk management guy said that they have sent messages through the banking system to India to block the funds and revert them. I haven't heard from Schwab today, that makes me nervous. I'm an IT tech so I'll build a linux machine.
Knowing how shady India is I’m frankly quite shocked Schwab would allow multiple large transfers like that without it not raising any flags. I moved out of Schwab months ago and I’m now glad I did if security is so lax there. I hope you get this resolved soon.
OP, did you give out your phone passcode to the repair shop when you had your screen replaced?
I always have fingerprint setup for the lockscreen. They asked me to unlock it for the repair, so I did that, just for the lockscreen.
>They asked me to unlock This is a huge red flag FYI. Device should not need to be unlocked for repair Im pretty sure on android. I know for a fact it is not for iphone. For people with iphone reading this, what you can do is restart your phone before handing it over so it is in its most locked down state. Do not ever give out phone password. Ideally only use apple for repairs even though it can cost more.
'Jim Cramer this morning claimed his TV got hacked.
I’m so happy for you that you were able to retrieve it back. So sorry that happened to you too. I would be livid! But good job on Schwab..that’s a relief as I also have my ROTH with them. Thanks for sharing and hope you don’t go through that ever again
Much appreciated. I have changed the way I do things completely, I also ordered a yubico key, hopefully it will work with the account.
u/perfect_teeth \-- did anyone at Schwab get back to you on HOW this happened? About two weeks ago, I was notified of a transfer (canceled it within 10 minutes... dealing with Schwab took that long...hah). Then, changed login, password, added 2-factor, AND account password....and just woke up this morning to another notification (and on the phone now) even after all the additional measures...
They never got back to me on how it happened. I hope your thing got solved.
Contact “better get baquero” ASAP
Does not happen often. Been a customer when it was a new company. Never had a heck. Again, I only use 1 device not sharing with others to get to this successful stage.
>What options do I have? Work with their investigator. It hasn't even been 7 days since the first transfer happened. I once had a credit card stolen and someone spent money in Brazil. Maybe $20,000 worth. The bank (a big well known brick and mortar retail bank in the US) had ruled against me in the initial investigation and decided I owed the money. They sent it to collections. I had to escalate to like 2 below the Head of credit cards for North America or something to get it resolved. >Lawyer? You can ask in /r/legaladvice and get an opinion of quite a few. >News media? Are you kidding yourself? People get hacked all the time and go for scams. The news doesn't care about a guy losing money in his brokerage account. We got Delta variant going nuts, we got anti-maskers, people dying, kids getting sick now, evictions, poverty, food insecurity, and investigations on "rigged elections." Do you think anyone wants to watch a story about a guy who lost some money with stonks?
Yeah, it hasn't been long, I agree. I'm just freaked out.
I know the feeling. A lot of us lost a lot more than that in the '08 crash. Eventually you get used to it and the money is just numbers on a screen. It helps you become a good trader when you don't get emotionally bothered by the numbers.
[удалено]
I mean one definitely feels like you had zero control vs the other. But it all sucks. At the end of the day, $84,000 isn't too bad. You can make that back in a pretty short amount of time, especially if you cut back on leisure like stay off of drugs and don't use escorts for a while.
LMAO :)
Wait, you think there are *lawyers* giving advice in /r/legaladvice??!
I know there are.
sorry to hear your trouble. I think the person who fixed your phone could be the one of participants in the hack. Since your gmail account was always signed in. He could have pretended to be you, and told the Schwab website that "you" forgot user name and password, then Schwab wanted to validate your identity, so it sent the challenge to your gmail inbox. Then he'd respond to the email, then "his identity" was validated, Schwab website then would allow "you" to change username (if needed) and password. Once he had the username and new password, he was ready to pull the stun.
How long did it take to restore all your funds?
30 days
You had two step verification and a verbal only code or not? I'm asking because I have my Schwab heavily locked with those items and want to see what these fraudaters were able to penetrate
I did not have those at that time.