Case Study: How One Woman Fought Back After Losing $500,000

Identity thieves use electronic transfers to plunder bank accounts. Here’s how CyberScout helped one customer get her money back.

Thursday, July 14, 2011
Betty Riley* had been building her savings account for years in anticipation of her retirement. So she was surprised to get a letter confirming that she had authorized a wire transfer of half a million dollars to an international bank.

Riley, a native of Branson, Missouri, had never been overseas let alone opened an account with a foreign bank. Bank officials believed the transfer was legitimate and, initially, refused to replace the funds.

“It was a difficult time,” said the 59-year-old, who had plans to retire the following year. “I had many sleepless nights.”

Riley fell victim to a growing trend in fraud: wire transfer theft. It’s difficult for victims to get their money back because businesses question the legitimacy of their claims.

In Riley’s case, bank employees believed she had authorized the transfer. What really happened? The thieves hijacked her phone and email communications. So when customer approval was sought for the transaction, the caller reached the criminals, who authorized the transfer.

Riley received CyberScout services through her insurance carrier. Mark Fullbright, a senior fraud investigator, took her case.

“The bank missed all the red flags,” he said. “The transfer was extremely unusual: It was a large dollar amount and the customer had never sent money overseas before.”

Smaller financial institutions usually have smaller fraud departments, making them more susceptible to wire fraud, he said. But banks of any size are still responsible for where the money goes. Under the USA Patriot Act, international wire transfers are subject to intense scrutiny, and banks are required to follow a series of steps to verify a customer’s identification.

“Banks don’t have options when it comes to these regulations,” Fullbright said. “If they don’t adhere to the rules, they can be sanctioned and fined.”

Fullbright immediately helped Riley file a police report and placed an extended fraud alert on Riley’s credit report. An alert lets potential creditors know that you may be, or are at risk of being, an identity theft victim. An extended alert lasts for seven years.

Fullbright also helped Riley with a lot of red tape. He wrote and sent letters to a number of institutions, including the FBI, Secret Service, Federal Deposit Insurance Corporation and Better Business Bureau. He also coordinated communication with law enforcement and the bank involved.

Though consumers can’t prevent wire transfer fraud, they can protect their accounts by following these steps:

  1. Keep multiple current phone numbers and email addresses on your account so the financial institution can reach you in the event of a suspicious transaction or problem.
  2. Use strong passwords that contain numbers, symbols and characters on accounts at financial institutions. Don’t use obvious passwords, such as your date of birth, child’s or pet’s name, or mother’s maiden name. Change passwords often, and don’t use the same one for online banking that you use for shopping or social networking sites.
  3. Ask your bank to forbid any wire transfers on your accounts.

But most of all, consumers must remain vigilant and be proactive if something seems odd—as well as persistent when it comes to remediation.

Three months after initially refusing to reimburse her, the bank gave Riley every penny back. But the perpetrators are still at large.

“I’m incredibly grateful for Mark’s help,” Riley said. “He made a big difference.”

* Identifying details have been changed to protect the victim’s privacy.

© CyberScout, LLC. All Rights Reserved.
If you need identity theft assistance, call your provider organization to be put in touch with the CyberScout Resolution Center. More information for individual consumers.