Greetings all,
I am writing this post to let everyone know about a situation that happened to me and at the same time ask for advice for someone with legal knowledge on this matter or that has gone through the same as me.
Lets try to make a long story short.
About 2 and a half months ago I received in my address a bill from the Piraeus Bank (Cyprus) with description "SWIFT/ BIC" Confirmation. I did not know what it was so I checked my account online to see what that was all about. To my surprise and shock, almost all the funds had been transferred by means of two transfers. I immediately called the bank as asked who authorized those transfers and why did the bank hadn't contacted me. They told me they had been changing emails with me and accepted transfer orders by fax with my signature.
Conclusion. Someone hacked into my email and gathered enough information (including my account number and my signature) and started emailing the bank and sending transfer orders by fax using my email and signature. The strange thing is that I have my email notifications ON and never received any notification from those emails he was exchanging with the bank.
Where did the bank fail? The bank never contacted by calling my registered phone they have on their file (as their own security procedures oblige) and accepted confirmation calls from a different phone number provided by the fraudster. By not calling me the bank made it easy for the fraudster to access funds. I even know the fraudster emailed the bank asking for account statements to know how much money was available. I have online banking, why would I pay 26€ for an email with a .pdf of my account statement when I have online banking? If that was not enough, I always use online banking to transfer money and always transfer approximately the same amount always to the same account number. These transfers were executed through a different channel (fax), to a different country and the amount transferred was approximately 4x the amount I usually transfer. Didn't the bank notice something strange was going on? Why didn't they call my cell phone number which they have?
From the beginning of this process the bank did not accept any responsibility or tried to find the fraudster and it has come to the point that they are neglecting me and not replying my emails asking how can they claim to have followed all rules when they never called my phone number which is in their system?
Again, this email serves to alert everyone about this bank and how they are performing and at the same time to ask for advice on how to proceed.
So far I have:
- Placed a complaint in the country to where the transfers were made providing all data that I have which identifies the receiving account completely and the name of the account owner.
- Exposed this situation to Central Bank of Cyprus showing how the bank failed to put in practice their own security procedures.
- Same as above to the European Central Bank.
Anything else I can do?
I appreciated any advice. Thanks!
I am writing this post to let everyone know about a situation that happened to me and at the same time ask for advice for someone with legal knowledge on this matter or that has gone through the same as me.
Lets try to make a long story short.
About 2 and a half months ago I received in my address a bill from the Piraeus Bank (Cyprus) with description "SWIFT/ BIC" Confirmation. I did not know what it was so I checked my account online to see what that was all about. To my surprise and shock, almost all the funds had been transferred by means of two transfers. I immediately called the bank as asked who authorized those transfers and why did the bank hadn't contacted me. They told me they had been changing emails with me and accepted transfer orders by fax with my signature.
Conclusion. Someone hacked into my email and gathered enough information (including my account number and my signature) and started emailing the bank and sending transfer orders by fax using my email and signature. The strange thing is that I have my email notifications ON and never received any notification from those emails he was exchanging with the bank.
Where did the bank fail? The bank never contacted by calling my registered phone they have on their file (as their own security procedures oblige) and accepted confirmation calls from a different phone number provided by the fraudster. By not calling me the bank made it easy for the fraudster to access funds. I even know the fraudster emailed the bank asking for account statements to know how much money was available. I have online banking, why would I pay 26€ for an email with a .pdf of my account statement when I have online banking? If that was not enough, I always use online banking to transfer money and always transfer approximately the same amount always to the same account number. These transfers were executed through a different channel (fax), to a different country and the amount transferred was approximately 4x the amount I usually transfer. Didn't the bank notice something strange was going on? Why didn't they call my cell phone number which they have?
From the beginning of this process the bank did not accept any responsibility or tried to find the fraudster and it has come to the point that they are neglecting me and not replying my emails asking how can they claim to have followed all rules when they never called my phone number which is in their system?
Again, this email serves to alert everyone about this bank and how they are performing and at the same time to ask for advice on how to proceed.
So far I have:
- Placed a complaint in the country to where the transfers were made providing all data that I have which identifies the receiving account completely and the name of the account owner.
- Exposed this situation to Central Bank of Cyprus showing how the bank failed to put in practice their own security procedures.
- Same as above to the European Central Bank.
Anything else I can do?
I appreciated any advice. Thanks!
