Monthly Archives: December 2007

Identity Theft!

Just before Christmas I became yet another victim of identity theft. Somehow, someone who remains unknown to me cloned my debit card, somehow figured out my PIN, and made two rather large ATM withdrawals, emptying my checking account.

I have never loaned my debit card to anyone, and until this happened, I was the only person on the entire planet Earth who knew my PIN.

I don’t mind telling you that my bank is Washington Mutual and that they have been an absolute nightmare to deal with. I’ve been shuffled from department to department and am currently forced to deal only with a department mysteriously named “Fraud Prevention” who is only open 7am-4pm Monday-Friday and whose minimum hold time for actually getting through to speak with a person is upwards of 30 minutes. I have waited as much as 90 minutes to talk to someone. When I finally do get through to someone, most of the time they are not properly trained, and are unwilling or unable to explain the dispute process or assist me with my questions. So far, I have spoken to exactly one representative, named Diane, who was polite and took the time to explain things and answer all my questions. It was through Diane that I discovered the process of investigation can take 4-6 months.

From filing my police report, I learned two common methods crooks use to clone debit cards. If they’ve only cloned your debit card and are using it like a credit card to make purchases, then it’s likely that it happened at a restaurant. The waiter brings that greasy black folder, you put your debit card inside, he comes back and disappears for several minutes out of site with your credit card — and often, it seems, clones the card and uses it to go shopping after his shift has ended. The lesson — *never* pay with a debit card at a restaurant. Use cash if possible, or a regular credit card. Regular credit cards are much easier to deal with when you report fraudulent charges. Banks are suspicious and reluctant to help you out when it’s your debit card that’s used for fraud.

If a criminal has cloned your card and has your PIN, then it’s likely that the information was stolen at a gas station. The criminal parks a big truck in front of the pump, hiding it from the clerk inside and the security cameras, then in a matter of minutes, disassembles the payment mechanism, installs a card reader and a bit of electronics to capture your PIN, and puts in all back together. It’s impossible to tell that this has been done to the machine. You conveniently pay at the pump for your gas, your debit card number and PIN are stored for the criminal to come back and retrieve later. The lesson — *never* pay at the pump. Forgo the convenience and go inside the gas station to pay for your gas.

As if the ATM withdrawals weren’t enough, I mysteriously received an email from Washington Mutual, telling me that the name on my accounts had been changed through their web site. It said if I had not made the change, to call them at their customer service number (800) 788-7000. This is the correct customer service number for Washington Mutual. The email appears to have come from an address at wamu.com, and all the links in the email, though I never clicked on them, seem to be legitimate links to WaMu’s web site — they simply go to wamu.com. I’ve seen phishing emails, I know how they work, and how easy it can be to be fooled. But this one really does not seem like a phishing email. I called WaMu customer service, they claimed to have no knowledge of the email, and referred me to “Fraud Prevention.” Ugh. Thirty-five minutes later, the person on the other end of the line offered no help, insisted I had been sent to the wrong department and suggested I call my local branch. The woman at my local branch asked me to forward the email to their email fraud specialists, and I’m waiting to hear back from them about whether or not this email is a fraudulent phishing email or not. I’m concerned that somehow someone has access to my accounts online and changed my name. I don’t know. I don’t know if this is related to the fraudulent withdrawals or not.

I do not feel like my money is safe at Washington Mutual. I don’t feel confident that if another incident of fraud occurs on my account that Washington Mutual will respond to my crisis with empathy, efficiency or concern. I’ve been simply cashing my paychecks and purchasing money orders to pay my bills. I’m afraid to deposit money into any of my accounts at Washington Mutual. I’m also extremely frustrated and upset at the horrendous customer service I’ve received.

I chose Washington Mutual to begin with because they offered me free checking without direct deposit. My employer does not offer direct deposit, so most banks are not willing to give me a free checking account. I’m going to start asking for an exception because I need to get away from Washington Mutual.

My First Attempt at Correcting the Easy Stuff

As mentioned in my Action Steps posted called “Step 3: Correct the Easy Stuff“, I sent off letters to all three credit agencies requesting that they correct my address and name information. Enclosed with each letter was a photocopy of my driver’s license and a photocopy of the Personal Information section of my report from that agency showing the incorrect names and addresses.

Within two weeks, I had responses from all three agencies.

Equifax and Experian both claimed they were unable to locate my credit file and have requested I send more information to help them identify me. Both say that in addition to a copy of my driver’s license, they need a copy of my social security card, a copy of a paystub or a copy of a W2. This is accompanied by large-size bold text about how the FBI has named identity theft the fastest growing crime in America. I guess I’m supposed to feel grateful that they’re protecting me.

TransUnion was a little more helpful. They were able to locate my credit file and correct my address, but simply listed my current name under “Other Names” with an incorrect name still listed as the main name on my record.

Final results from first round of letters:
Correct addresses: 1 out of 3
Correct names: 0 out of 3

Preparing and sending out a second round with all required information.

Patience. Persistence.