BMO Fraud
BMO, Simplii attack: Canadians describe illicit Interac e-transfers out of Simplii accounts
When I first read about this, my thought was that fraudsters were calling into the bank and claiming to have forgotten their passwords
- you mother’s maiden name (see Facebook)
- the street you lived on as a child (see Facebook)
- The name of your first manager (see LinkedIn)
Then simply logged in and transferred money out.
The scale of this theft indicates that I was mistaken. We are talking about tens of thousands in a relatively short time (2-3 days). That would indicate some automated form of attack.
Hmm…. reprogrammed digital assistant?
- Scan social networks
- establish answers to identity confirmation questions
- Have computer phone bank, hold a conversation with help desk, and reset password
- Immediately login (thanking the help desk agent)
- Change interact target
- Send
(rand(bal * 0.5,bal*0.15))
to avoid immediate detection
Comments
Mike Barton - 2018-05-29 08:36:21-0400
I am not very surprised as my neighbor in regards to his phone said it has never happened to me before so it will never happen to him. Thick as a plank.
Plaid Sheep - 2018-05-29 16:26:20-0400
This one worries me because I have no control over the matter by the sounds of it. This (appears) to be an attack directly at the bank, rather than tricking people out of money.