Online scammers stole 10k EUR from my father’s bank account, which was all his life savings. I know the chances of any recovery are very low, still wonder if it’s worth hiring someone to investigate (already reported to the police and the bank). Anything else one can/should do? (He lives in Hungary).
[#]scam #theft #cybersecurity
=> More informations about this toot | More toots from mrc@mastodon.berlin
So it was a classic phone call with "we are the cybersecurity authority and we blocked your account for suspicious activity and you need to act now" scam.
He went to the cops and they pretty much laughed at him. Went to the bank which of course was also not able to promise anything but at least those did not humiliate him.
=> More informations about this toot | More toots from mrc@mastodon.berlin
This sucks big time, I'm already literally loosing sleep over the incident. With close to zero hope of money recovery, I keep think of the following:
One of the reasons I am scared of getting old is becoming vulnerable to online scam.
=> More informations about this toot | More toots from mrc@mastodon.berlin
The bitter irony of the incident: the bank charged him 40 EUR for the transfer.
And the police's tone was borderline victim blaming.
=> More informations about this toot | More toots from mrc@mastodon.berlin
Done a bit of private investigation into my father's #scam case. Listened to his detailed personal account, poked around in his desktop computer and smartphone, Gmail, onlikne bank.
Unfortunately, at the peak of the panic realizing what he has done, he destroyed some evidence. Deleted Viber from the phone, "cleaned" the computer including deleting the browser history.
The attack appears to be very low tech. Found now evidence or hint that they gained access to his devices at all.
=> More informations about this toot | More toots from mrc@mastodon.berlin
The only thing they made him install was Viber and only to call him and send him a picture of fake identity card/badge from the "authority". Apparently Viber allows a sender to completely delete messages and all history from the recipient's device. (According to the victim account, these disappeared before he deleted Viber.)
All phone numbers and bank accounts were domestic, and the attackers did not have foreign accent.
=> More informations about this toot | More toots from mrc@mastodon.berlin
@mrc Oh man that sucks, hope something can be done :(
=> More informations about this toot | More toots from yvg@indieweb.social
@mrc Difficult to prevent completely. Couple things can help I imagine:
And then the more techy stuff like using 2FA, passcodes, etc.
Would be interested in what else can help if you find more =)
=> More informations about this toot | More toots from yvg@indieweb.social
I even found the Facebook profile of the owner of the receiver bank account (at least the name they made him put on the transfer), with family pictures, as well as their home address and their house on Google Street View.
Now I really wonder how far the police and bank will get. And I still wonder if there is anything else I can do to (other than supporting my father emotionally and financially).
=> More informations about this toot | More toots from mrc@mastodon.berlin
The question of how they got his identity is still open. My theory is that it was some classic email/web phishing or a leak from a webshop or a package delivery company or a shady delivery person.
=> More informations about this toot | More toots from mrc@mastodon.berlin
Now if I was the police investigating, I would have a domestic bank account and several domestic phone numbers controlled by the attackers at my hand, none of which can be registered without proving one's identity. The bank likely has the attacker's IP address, Viber must have several IP addresses and phone numbers.
Some of these might belong to innocent victims and stolen or controlled by attackers, but these at least would be good first round leads.
=> More informations about this toot | More toots from mrc@mastodon.berlin
There is also cell information from the mobile carriers, potentially giving a more-or-less accurate information about the physical location of the attackers.
Will the police do anything like knock on doors, look at bank transaction logs?
I have doubts.
Still thinking of hiring a private investigator...
=> More informations about this toot | More toots from mrc@mastodon.berlin
@mrc Damn. Horrid story. Not sure what to suggest, but solidarity 💪 from afar!
=> More informations about this toot | More toots from jon@gruene.social
@mrc are you considering putting together a document or all the information you have, what evidence should be out there and where to go to get it, then meeting with someone from the police to go over it?
I have to imagine, any police department has a lot to do and is focused on the biggest impacts that are the most cost effective. Finding a way to get yours to be easier and cheaper could help them do something.
=> More informations about this toot | More toots from CodenameTim@fosstodon.org
@mrc regarding deleted history, maybe call the isp, explain the situation and get it from them?
=> More informations about this toot | More toots from CodenameTim@fosstodon.org
@mrc Pretty sure they won’t do jackshit. It’s just another report in a cabinet that will eventually be aggregated with national reports to create a “cyber thread statistics” to wish some random government official will “outline a plan for cyber security” leading to pretty much nothing, and repeat this cycle endlessly.
=> More informations about this toot | More toots from yvg@indieweb.social
@mrc If you are serious about retrieving the money, get compensation etc, I’d suggest finding a lawyer specialising in online theft, they’ll probably have the means to creature pressure where needed and care for the stupid paperwork this requires
=> More informations about this toot | More toots from yvg@indieweb.social This content has been proxied by September (ba2dc).Proxy Information
text/gemini