Is Wells Fargo going to cover your loss?
Just a reminder to everyone: please use strong passwords and please please please use two-factor authentication for log-in purposes, especially for email, banks and PayPal. Not just a password, but a 6 digit code that changes every minute or so, using an RSA token, google Authenticator or some other secure 2 factor system. It is by no means 100% bulletproof, but it makes it almost impossible for someone to hack your log-in, since your password is not enough to get in.
And never ever talk to the “bank” or anyone else that calls you. Always always always call back, using the phone number your trust.
The callers needed the verification code, so they pretended to be the fraud dept so he’d read them the code.
Not entirely sure at this point. I filed the claim - they closed that account and opened a new one. The initiated a reverse wire to the destination bank. The woman I talked to was not privy to the actual details of when (or if) I would get my funds back. I am expected to receive a return phone call from the claims investigation team in 24 hours. Thank goodness it was just my Wells Fargo account and not the high yield savings account as I do not check that account frequently enough. I've done some research online and it isn't 100% clear - but it looks like on a personal account I *might* be protected. Fingers crossed.What's the process like for getting your funds back??
@WedgeRock , you can use face recognition or fingerprint with Duo ?
e lastpass or other password management tools to create and store the passwords for you.
I do use unique and random 32 character passwords for every site. So how the access into my account happened in the first place is the unknown.Use a unique, complex password on all sites. Never reuse a password.
So I’m this instance, it’s very possible a completely separate site had a data breach of account emails and passwords. Then the scammers take those emails and passwords, then run against bank sites until they find some that work.
Every account should use a distinct password.
And run your passwords against the hacked known password lists too. If they’re known, don’t use them.
Use lastpass or other password management tools to create and store the passwords for you.
Technically correct but practically impossible and horrible user experience.Use a unique, complex password on all sites. Never reuse a password.
Technically correct but practically impossible and horrible user experience.
I strongly believe that "passwords are dead"
Do you imagine senior citizens trying to write down a 16 character long that looks like T*73Hr"p5.g5;>&j ?
If they do not lock their account at the 3rd error they will have a session expired at 2nd attempt
some examples and list not exhaustiveSo how the access into my account happened in the first place is the unknown.
That’s why you have password management do it for you.
Way to counter this: use a VPN tunnel to a trusted endpoint whenever using public Wifi.- I can have your passwords if you use an open Wifi (ie: Airport, Starbucks, etc)
Complexity of a password isn’t as important as a lengthy but arbitrary password. If they’re going to brute force their way into your account it won’t matter how many symbols or capitalized letters you use so many experts now just say if you’re not using a PW management system, pick a phrase that you’ll remember instead of a complex string of randomness you won’t remember.
Yeah pretty sure BOA doesn’t even allow most characters. Like wtf! How difficult is it to ensure your system can handle “!” In a password field.
https://xkcd.com/936/
I have however noticed that banks often arbitrarily limit the length of passwords you can set.
some examples and list not exhaustive
- I can have your passwords if you use an open Wifi (ie: Airport, Starbucks, etc)