Personal Finance

Online banking fraud victim - help needed!

  • Last Updated:
  • Nov 17th, 2017 2:07 pm
Sr. Member
Oct 22, 2015
575 posts
138 upvotes
Hamilton, ON
mkl38s wrote:
Nov 9th, 2017 9:11 am
I remember someone mentioned a while back why BMO only allows 6 digits as the password. I don't remember password reset requirement, probably some security questions/answers which sometime, they can guess them from your social media accounts. I have or had accounts with all of them except scotia and this is what I found
- TD, RBC, NBC, EQB, ZAG - they all allow password with even special characters
- CM, Simplii/PCF - allow letters, but limit to 12 characters max and no special characters
- BMO/Tangerine - digits only and limit to 6

I closed my BMO a while back and setup security questions with my Tangerine account. I also only have savings and linked with my other banks. So if they get into my Tangerine, they must setup new link (remove old one) which I will be notified. Else they will just be moving my money for me to other banks which I will also be notified
BMO actually allows 6 alphanumeric characters.
Deal Addict
User avatar
Jan 11, 2004
4677 posts
327 upvotes
Victoria
Dave98 wrote:
Nov 9th, 2017 9:21 am
Agreed. Security questions are one of the worst things they have come up with. I'm sure it has actually made things even less secure.
Which is why it's a good idea to not use them. I just use random gibberish for mine. It means to reset a password I need to phone in or visit a branch but I don't care. For example what is your favourite color? fasduhfn23ty74qhweufjksdahfjasdhjk hsdaf dsfsdafhjasdkh fdsja . Have fun hakzorzs
Sr. Member
User avatar
Jul 25, 2008
599 posts
22 upvotes
Ottawa
I read somewhere Banks are writing off something like 40 millions a month due to fraud. Just one bank . But they save in having branches.

I locked out my accounts from pcomputer access.,. Only cheaques, bank tellers and branch atm...ebanking only by phone and cheaques with added security password. Not your birthday, address type of stupid verifications.

E interac with email is a prime tool for loosing your savings. In my opinion. Yet banks are promoting this feature.
Deal Expert
User avatar
Jan 27, 2004
36683 posts
2543 upvotes
Toronto
Self serve online banking reset requires the following.

Its the "forgot my password" function.

It requires the email you have on file with bmo.
It also requires that you know the 3 security questions.
People always choose security questions they can easily remember. "Whats your City was your mother born?""


I imagine that someone hacked your email. Then they combed through emails you had to figure out your personal info. Maybe stalked your facebook and social media.

Anyone ever try the forgot my password function onn knline banking?

Its tough enough to keep people out. But if someone did enough stalking and email hacking they could get in.
Penalty Box
User avatar
Mar 23, 2016
753 posts
202 upvotes
cmchiu wrote:
Nov 9th, 2017 1:44 am
You did hear that all the negative news regarding Kaspersky software lately, no?

Reuters Summit: Kaspersky acknowledges taking inactive files in pursuit of hackers
Thanks for the notification - **** that's bad!
"Obama is the quintessence of all that is wrong with America today.. people looking at the superficial which is skin color and ignoring idiotic behavior." - the poster AndySixx 😲 :facepalm:
Penalty Box
User avatar
Mar 23, 2016
753 posts
202 upvotes
miyoshidoll wrote:
Nov 9th, 2017 6:28 am
Holly crap ! Mine is BMO too !

You know what's funny ? BMO used to have a security question which you had to answer before you entered your PIN to access the account . Now they got rid of that, so its easier to hack.

Now on www.bmo.com , you just enter your 16 digit Debit card number ( not hard to get from somewhere ) and then your 6 digit numeric PIN ( Its not even an alphanumeric PIN, they don't allow that ) , so only a 6 digit numbers PIN, that's it and your are in !

First after you entered the 16 digit debit card number, they would ask the answer to a security question and then the 6 digit PIN. But they got rid of the security question for some reason !

You could have any 3 security questions you wanted like - Who is your favourite athelete ? What was your first pets name ? Where did you meet your spouse ? etc etc.

I don't know why banks don't allow alphanumeric passwords and PINS like email does say something like *@1AY!

Just a numeric PIN is silly like 597436 or something like that.

16 digit debit number ( easy to get of the debit card ) and 6 digit numeric PIN and anyone is into your BMO account online ! No security questions, no alphanumeric PIN, no 2 STEP authentication , nothing ! No wonder someone hacked your BMO account.
BMO sounds completely incompetent -all banks are moving to enhanced security and they are reducing it? I've never actually heard of any financial institution doing that, wow who runs that shop lol
"Obama is the quintessence of all that is wrong with America today.. people looking at the superficial which is skin color and ignoring idiotic behavior." - the poster AndySixx 😲 :facepalm:
Penalty Box
User avatar
Mar 23, 2016
753 posts
202 upvotes
dealguy2 wrote:
Nov 9th, 2017 11:22 am
Which is why it's a good idea to not use them. I just use random gibberish for mine. It means to reset a password I need to phone in or visit a branch but I don't care. For example what is your favourite color? fasduhfn23ty74qhweufjksdahfjasdhjk hsdaf dsfsdafhjasdkh fdsja . Have fun hakzorzs
lol
"Obama is the quintessence of all that is wrong with America today.. people looking at the superficial which is skin color and ignoring idiotic behavior." - the poster AndySixx 😲 :facepalm:
Deal Addict
Oct 1, 2004
4162 posts
269 upvotes
Toronto
edkate wrote:
Nov 8th, 2017 11:14 pm
BMO
My password was never written. Not easily guessable...im lost tooooooo
Someone once complained to me BMO is probably the only bank that doesn’t accept special characters or numbers in their passwords... if that is true unbelievable.
Deal Addict
Aug 24, 2016
2205 posts
1116 upvotes
cgtlky wrote:
Nov 9th, 2017 6:42 am
I also notice the change, however if (correct me if I am wrong) you used the same pc or mobile device on a different IP address that question will still pop-up.
Absolutely correct!
If using a device to login that was never used before, it prompts for an answer to a secret question.
Member
Mar 14, 2010
233 posts
92 upvotes
Toronto
If you can, use only your home computer -- attached to your modem by an ethernet cable, not by wifi -- for banking. The article below describes a recent method of kracking of wifi (discovered in July but now made public) which strips your privacy and allows access to the contents of your deviceto manipulate and steal data from your device -- passwords, email info, etc.). https://www.forbes.com/sites/thomasbrew ... ca6e972ba9

Android devices , especially with marshmallow or nougat installed are the most vulnerable and a fix is weeks away. Older Iphones are also vulnerable. Windows has already sent out a fix.
Penalty Box
User avatar
Mar 23, 2016
753 posts
202 upvotes
coolintheshade wrote:
Nov 9th, 2017 3:26 pm
Absolutely correct!
If using a device to login that was never used before, it prompts for an answer to a secret question.
Most banks will actually ASK - do you want to not use security questions on this computer/IP.

BMO is clearly stuck in the 1920s
"Obama is the quintessence of all that is wrong with America today.. people looking at the superficial which is skin color and ignoring idiotic behavior." - the poster AndySixx 😲 :facepalm:
Penalty Box
User avatar
Mar 23, 2016
753 posts
202 upvotes
pickles02 wrote:
Nov 9th, 2017 4:52 pm
If you can, use only your home computer -- attached to your modem by an ethernet cable, not by wifi -- for banking. The article below describes a recent method of kracking of wifi (discovered in July but now made public) which strips your privacy and allows access to the contents of your deviceto manipulate and steal data from your device -- passwords, email info, etc.). https://www.forbes.com/sites/thomasbrew ... ca6e972ba9

Android devices , especially with marshmallow or nougat installed are the most vulnerable and a fix is weeks away. Older Iphones are also vulnerable. Windows has already sent out a fix.
Weird times. Thanks for the heads up
"Obama is the quintessence of all that is wrong with America today.. people looking at the superficial which is skin color and ignoring idiotic behavior." - the poster AndySixx 😲 :facepalm:
[OP]
Deal Addict
User avatar
Feb 16, 2004
1463 posts
44 upvotes
York Region
Dave98 wrote:
Nov 9th, 2017 9:21 am
Agreed. Security questions are one of the worst things they have come up with. I'm sure it has actually made things even less secure.
All was changed right away! Even bank accounts are new.
Sr. Member
Mar 10, 2010
892 posts
100 upvotes
Not saying that Kaspersky is good or bad but the actual truth about those files was a bit more nuanced see here. The function that "took" the files was the same function that you find in McAfee, Norton, etc. where suspicious files are sent back for further analysis. And since the files in question were actually exploit files it's no wonder they triggered Kaspersky...
springdays wrote:
Nov 9th, 2017 2:07 pm
Thanks for the notification - **** that's bad!

Top