Topic: Heads-Up: Bank Fraud Alert - page 2. (Read 7853 times)

Yeah I read they just debit your account the interest, then if nothing happens take forever to collect.
Their Dwolla "instant" system in Iowa which allows you instant funding to your dwolla account (no waiting 2-3 days) seems to enable fraudsters in whole new ways as well. Can't trust any online banking it can always be used for evil

I 100% agree

So far the trust system used here and at #bitcoin-otc has almost eliminated all fraud.
The new bitcoin market MPEX is also based on this system. IDs, 2 factor auth, IP tracing is all meaningless in 2012 seems GPG auth is almost invincible as the people that use it typically don't use Windows exploitable OS, don't click on obvious side channel attacks in their email box, know what they are doing and all around a good system so far.

I would be happy if someone will pay me back the cash bills I lost when I got drunk last night.

The identity verification is only invasion in anonymity on legitimate users, this will not stop fraud. Checked on MtGox and Paxum - they both accept photoshoped files. The bank transactions also should be made irreversible. This will protect exchanges and merchants. The losers who are unable to protect their data and computers will lose their money sooner or later anyway.

Ohh ... I didn't even think of that, ya -- that's going to leave a mark.

It could actually go more than a month.   Dwolla doesn't do an ACH just because you didn't pay at the end of the month.  They just assess a fee.  It proably could go a couple months or more before they send collections to look into it.

That's an awful lot of Nigerian Princes and Romanian Hot Chicks answering the Dwolla security verification process with "Yes, this is Peggy..."

Correction, a couple of months ago
http://nakedsecurity.sophos.com/2012/02/14/cryptome-org-hacked-into-serving-up-blackhole-exploit-kit/

They claim 2,863 visitors at risk, probably a lot more. Usually the kit is used for side channel targeted attacks not an open net catching everybody

Dwolla now offers an instant loan service for up to $500. Don't even need to rob people's bank accounts, just make a new account using their stolen information you bought for $10 on a crime forum and apply for credit. Spend $500 to get bitcoins and they won't know for a month anything is wrong.

ok??? 

Interesting
more details?

Cryptome.org was hosting black hole exploit kit for 4 days a couple weeks ago before anybody figured it out. Who knows how many thousands of people were backdoored

I know fraud is always happening but sheesh, just from today:

 - http://www.wivb.com/dpp/money/4_your_wallet/woman-loses-1000-on-walmart-moneycard
 - http://www.democratandchronicle.com/article/20120413/NEWS01/304130024/brockport-hacking
 - http://krebsonsecurity.com/2012/04/thieves-replacing-money-mules-with-prepaid-cards/

I made the same mistake when I first read that.   Written a different way:
"Even a cash deposit to your bank account could be later reversed by the bank if it is determined the depositor was defrauded.  The bank can help prevent this from occurring by making the depositor write 'Not for auctions' on the deposit receipt."

This way if the person tells the cops they got scammed, too bad -- the receipt shows they were warned and should have known better.

I still dont get why writing somewhere not for auctions works ?

Can you elaborate for retards like me ?

Using phished ebay accounts. or stolen through black hole exploit kit or the other dozens of crime bots, (or just buy them by the hundreds for cheap on crime forums) make listings for crazy discount laptops or electronics and convince your mark to go to Bank of America or wherever the bitcoin exchanger has an account and make a deposit. Or make craigslist ads.

Then go make a buy order on the bitcoin site. They get cash, you run off with bitcoins.

People will go do it because the scammer is excellent at convincing them how much safer bank deposit is and how the laptop will be sold otherwise unless they go drop cash right now. When I worked @ ebay years ago every single day some variation of this scam fooled a buyer.  The bank reverses the charges because none of them respect digital currency exchanges and there will be a 60yr old guy screaming in the bank he was scammed with the cops beside him so they just refund and claw the funds back.

If the buyer has to write 'Not for auctions or craigslist' on the receipt they might think twice about what is going on. Either way the scammer will move on to somebody else's exchange not yours. Trustcash basically eliminates this too

This scam started after western union agents started preventing scams when buyers showed up to wire to Romania or somewhere. "Did you buy something on ebay? Yeah you're being scammed". Bank doesn't ask questions just takes the money.

How does that scam work?

Even a cash deposit can be frauded without taking certain measures, like having people write 'Not for auctions' on the deposit receipt and scanning/sending, or using Trust Cash. If you just have a bare account taking anybody's deposits nothing to stop scammers on ebay with stolen accounts convincing people to go there and drop money thinking they are getting a cheap deal. Banks will unbelievably reverse the transaction later if the victim is loud and persistent enough. Happened to many a LR exchanger over the years

Canadian bitcoin company had ridiculous low EMT limits yet still ended up with their account seized from too many fraudulent transactions recently. Never underestimate the motivation of a scammer with access to the black hole exploit kit and a lot of time to set up accounts to do miniature frauds by the hundreds.

I wonder if this will be the last straw for Dwolla and they simply decide it's too risky to deal with bitcoin related accounts any longer (like paxum).

LS,
     Not just Dwolla - One exchange that accepts Chase QuickPay also seems to be affected.

Keyur

So as a heads up....

If you individually deal with someone, most probably a new member of this board, and sell them BTC for Dwolla you could get screwed as well.  While we already knew this, the message again is Dwolla is not cash and can be charged back.

It is unlikely (but possible) that a fraudster buying a physical item with Dwolla would do this because the physical address would be the address of the bank account holder, not the fraudster so the fraudster would get nothing.

So, in talking to the bank investigator, did you get the impression that theft was the operation? I ask because it looks rather like a money laundering set up, and that's been a big feature of bitcoin for some time now, IMO it may possibly be what bitcoin is best used for.

I mostly observe the speculative side, and it seems to me that there has been a lot of ping-pong volume lately with price movement staying in a fairly narrow range. I'm unconvinced that the volume is related to any success bitcoin may be having as an above-ground payment system.
 
Money laundering is costly and lucrative. Back in the 1990s just about every life insurance company in the world was involved in laundering South American drug money via something called single premium life. To the point, customers were willing to surrender 50% or more of their premium spent on an SPL policy to the insurance company for the cleansing benefit they provided. Entities like Cayman Islands banks and such couldn't handle the volume of money involved, hence the involvement of the insurers.

So, this could be pretty significant in impact. Bitcoin stands on a three-legged stool, contraband trade, speculation, and money laundering. Pull out one of those legs and flows could change significantly.

Stephen,

Unfortunately, we get 4-5 compromised accounts every month.

If it happend today, I would not be getting notification from Dwolla until Monday.

I changed my text to plural, not sure why you focused on my grammar rather then my text

It's a constant problem thats not going to end, unless we leave Dwolla, there is nothing we can do