I fell for scammers posing as my bank and they took everything.

Read the Story

Show Top Comments

OP, in addition to the great advice to file a police report (or FTC identity affidavit) and a CFPB complaint, please make sure you also go through all of the recommended steps in the [identity theft wiki](/r/personalfinance/wiki/identity_theft). For anyone reading: That article is updated regularly and it’s a good idea to go through the preventative steps even if you haven’t been a victim of identity theft.


Happy birthday. Have you filed a police report? — Things to say and do after your bank calls you: 1. Say “I will call you back.” If you are one of those people who can’t stop listening, move your phone away from your ear when you say it. 2. Hang up. 3. Call your bank using the number saved in your address book or found on official app/website.


USAA sent out warning emails last week about this phishing scam.


Something similar happened to a family member. We ultimately ended up filing a complaint with the Consumer Financial Protection Bureau, and the next day USAA was calling me to ask which account I wanted the money deposited into. Go ahead and file a police report. The police did a surprising amount of investigation in our case. Subpoenaed ATM videos and could see the guy, but that wasn’t enough to track him down. Let the USAA fraud department do their thing. If you aren’t satisfied with the result, then file a complaint on line with the CFPB. What happened here is called an account takeover, if that helps. BTW, if they withdrew the money through an ATM, in the course of my research I learned that’s covered even if you gave them your PIN. I’m not so sure about the situation if they transferred directly to other bank accounts, but that should be reversible. Hang in there!! And for anyone reading this, remember your emergency fund should always be at a completely different bank than the rest of your accounts. This is why.


“even sent one time text codes as USAA would’ve” If anyone ever sends you a code, it is never intended to be shared. The only purpose of that code is for you to enter it yourself into the code prompt. Anyone asking you to text it to them or repeat it over the phone is trying to circumvent 2 factor authentication. Writing this out not necessarily for OP but just as a general reminder. Never say that code out loud. Edited to add: many of you seem to have banks that ask you to repeat the code over the phone. Let’s be frank: these banks have bad cybersecurity. You should consider changing banks. My banks will never ask for 2FA over the phone, and my credit union also requires a special spoken passcode for me to do business with them — further ensuring a secure transaction. Honestly, if your bank asks you to say the code out loud, they are an insecure bank, and you should change financial institutions for your own best interests.