I need advice about bank fraud

JudyH · Monday at 9:53 AM

I’m not naming the well known bank that is responsible for this because I’m trying not to put too much information on the web.
My husband and I had two hundred thousand rewards points stolen from our CCs.
In October my credit monitoring company notified me that there was a new address on my information and that address was sent to the bank. We called the bank to report this and request it be removed.
DH said he regularly checked the charges for anything unusual but not the points.
Last week we went to use the points and saw the balance on both our accounts was a few hundred. We never received emails or texts they did the transfers.
We got in touch with the bank and their fraud department and they started an investigation.
This morning they said they saw no fraud. They said the points were used to buy e-gift cards that were mailed to my email address.
I told them to escalate the investigation because I did not request this and I want more information.
I want copies of whatever emails they claim were sent to me.
I don’t know what to do next and I am looking for advice. Thanks.

Hindsite · Monday at 11:01 AM

Check the email address that they have for you, if that was where the gift cards were sent to, and if/when it was changed and whether there was any form of verification by them for the change. If you don't already have additional security for changes like email and contact numbers, get that set up as soon as you can so you get alerts when changes ae made.

The e-gift card scams are so prevalent, that they really should have additional verification when those transactions are undertaken.

All the best with it

TolmiePeak · Monday at 11:06 AM

If you don't get satisfaction make sure you close your accounts and tell them why. 20 years ago I walked into a US Bank branch to deal with an issue on my account. Instead of helping me they just directed me to a desk and told me to call to resolve the issue. I closed my account a week later and moved everything to Fidelity. Why use a brick and mortar bank if they aren't going to give me personal service.

I had the same issue with Fidelity. It was resolved to my satisfaction with one phone call.

Tia · Monday at 11:24 AM

Did you keep the name of the person at your bank you spoke to when you called their fraud department?? Sorry this happened, scary

dioxide45 · Monday at 12:27 PM

Was your email account also somehow compromised? It is possible that the people committing the fraud had access to your email, logged in to obtain the gift card details and transfer those funds from the cards to another card or online account. I had something similar years ago, not with credit card points, but with MyPoints, They had compromised credentials from my email that also matched the credentials for MyPoints. They emptied the MyPoints into Amazon e-gift cards and instantly transferred those funds to an Amazon account.

Check your emails deleted folder. The scammer that sole my MyPoints simply deleted those e-giftcard emails and I found them in deleted items.

Are you using the same passwords for your email and points accounts? If you are, then change all these passwords and use unique passwords for each.

am1 · Monday at 12:45 PM

Me e-mail was hacked and these issues have been a nightmare. Even after I told the airlines but before they processed their special form more miles were used.

They asked me to verify phone number and e-mail and of course mine was not the "correct" one. I am look back and see that mine was the correct one.

I will be going after interest and inflation (devaluation of the points).

Must be a big business.

TheTimeTraveler · Monday at 12:55 PM

JudyH said:
I’m not naming the well known bank that is responsible for this because I’m trying not to put too much information on the web.
My husband and I had two hundred thousand rewards points stolen from our CCs.
In October my credit monitoring company notified me that there was a new address on my information and that address was sent to the bank. We called the bank to report this and request it be removed.
DH said he regularly checked the charges for anything unusual but not the points.
Last week we went to use the points and saw the balance on both our accounts was a few hundred. We never received emails or texts they did the transfers.
We got in touch with the bank and their fraud department and they started an investigation.
This morning they said they saw no fraud. They said the points were used to buy e-gift cards that were mailed to my email address.
I told them to escalate the investigation because I did not request this and I want more information.
I want copies of whatever emails they claim were sent to me.
I don’t know what to do next and I am looking for advice. Thanks.

I would advise you to go to your local Police Department and report this so they can open their own investigation. Many times they can open doors that the financial institutions can not.

Their bite is much stronger.....

Best of luck!

.

JudyH · Monday at 1:35 PM

TheTimeTraveler said:
I would advise you to go to your local Police Department and report this so they can open their own investigation. Many times they can open doors that the financial institutions can not.

Their bite is much stronger.....

Best of luck!

.

Others have suggested this

Brett · Monday at 2:59 PM

JudyH said:
I’m not naming the well known bank that is responsible for this because I’m trying not to put too much information on the web.
My husband and I had two hundred thousand rewards points stolen from our CCs.
In October my credit monitoring company notified me that there was a new address on my information and that address was sent to the bank. We called the bank to report this and request it be removed.
DH said he regularly checked the charges for anything unusual but not the points.
Last week we went to use the points and saw the balance on both our accounts was a few hundred. We never received emails or texts they did the transfers.
We got in touch with the bank and their fraud department and they started an investigation.
This morning they said they saw no fraud. They said the points were used to buy e-gift cards that were mailed to my email address.
I told them to escalate the investigation because I did not request this and I want more information.
I want copies of whatever emails they claim were sent to me.
I don’t know what to do next and I am looking for advice. Thanks.

Yes, you need proof that the points were used for fraudulent gift cards sent to your current email address. If you don't get that information go to the police

JudyH · Monday at 5:57 PM

Thanks.

pedro47 · Monday at 7:12 PM

Suggestion only file a police report and file a report with your bank fraud unit.
Both written reports will give you written documentation that a fraud has happened and that you have reported the crime to the proper authorities.

Years ago, you could call your local FBI office and they would give you some government agencies names and information how you could file a fraud report, if the amount was over a thousand dollars and an out of state fraud crime.

Good luck, hopefully your local bank will reimburse you for your loss.

davidvel · Monday at 7:37 PM

JudyH said:
I’m not naming the well known bank that is responsible for this because I’m trying not to put too much information on the web.
My husband and I had two hundred thousand rewards points stolen from our CCs.
In October my credit monitoring company notified me that there was a new address on my information and that address was sent to the bank. We called the bank to report this and request it be removed.
DH said he regularly checked the charges for anything unusual but not the points.
Last week we went to use the points and saw the balance on both our accounts was a few hundred. We never received emails or texts they did the transfers.
We got in touch with the bank and their fraud department and they started an investigation.
This morning they said they saw no fraud. They said the points were used to buy e-gift cards that were mailed to my email address.
I told them to escalate the investigation because I did not request this and I want more information.
I want copies of whatever emails they claim were sent to me.
I don’t know what to do next and I am looking for advice. Thanks.

Sounds like you clicked some link and gave your credit card credentials away or you used the same password that was leaked from another site for your email. Though it is strange as most CC companies require 2FA or verification for new devices signing in.

Not enough info to figure out what really happened here as OP does not want to share.

JudyH · Monday at 8:23 PM

No to some link giving CC credentials away. I use 2 factor whenever I can. Emails all got changed early summer but they were old. The bank just gave us a verbal passcode to use for ID. They should have done this years ago.

Brett · Monday at 9:02 PM

JudyH said:
No to some link giving CC credentials away. I use 2 factor whenever I can. Emails all got changed early summer but they were old. The bank just gave us a verbal passcode to use for ID. They should have done this years ago.

But what email address did the bank use to send the gift card information

JudyH · Monday at 11:00 PM

Brett said:
But what email address did the bank use to send the gift card information

That is what we are insisting they find out or I will escalate this to police, social media and the Consumer Finance Protection Bureau.

dioxide45 · Monday at 11:09 PM

JudyH said:
That is what we are insisting they find out or I will escalate this to police, social media and the Consumer Finance Protection Bureau.

It isn't a situation about escalating to the police. There was a fraud where someone stole from you. That is the purpose of the police report. You may get more action from the financial institution if you have a police report than if you don't. I don't know if CFPB is that effective anymore. They've been gutted.

JudyH · Monday at 11:16 PM

dioxide45 said:
It isn't a situation about escalating to the police. There was a fraud where someone stole from you. That is the purpose of the police report. You may get more action from the financial institution if you have a police report than if you don't. I don't know if CFPB is that effective anymore. They've been gutted.

Yes I agree. A police report will be done.

davidvel · Monday at 11:54 PM

JudyH said:
No to some link giving CC credentials away. I use 2 factor whenever I can. Emails all got changed early summer but they were old. The bank just gave us a verbal passcode to use for ID. They should have done this years ago.

Apologies, but with your cryptic info, refusing to ID the bank/CC company, and lack of details there is nothing more to do here really other than say sorry you got ripped off.

A few things do not add up based on what you have disclosed. Was this a credit card with attached points, like a Capital One card? Or were the points transferred to a separate travel account like an airline card?

What do you mean emails got changed early summer but were old?

No police, FBI, or other outside entity will spend a minute investigating some points lost. That is simply reality. You should be focusing on how this actually happened, what was done wrong to allow it, and correct that going forward. Trying to chase down the culprits is a fool's errand.

You claim the bank did something wrong but you do not say what. Most likely someone comprised your account either through your email or the account login. This is the primary accept point.

dioxide45 · 2025-12-02T00:08:28-0500

davidvel said:
Most likely someone comprised your account either through your email or the account login. This is the primary accept point.

Another likely possibility is that the same credentials are used across multiple websites and one of those sites has a data breach. The scammers then buy those credentials on the dark web and try them across multiple accounts. They may not even know what banks you bank with or what point accounts you have. They just try a bunch of different websites and hope for a hit. If your email credentials are compromised, then it is almost game over. Many sites use email for verification codes and 2FA. If they can access email, they can then get those codes and log in.

davidvel · 2025-12-02T01:26:15-0500

dioxide45 said:
Another likely possibility is that the same credentials are used across multiple websites and one of those sites has a data breach. The scammers then buy those credentials on the dark web and try them across multiple accounts. They may not even know what banks you bank with or what point accounts you have. They just try a bunch of different websites and hope for a hit. If your email credentials are compromised, then it is almost game over. Many sites use email for verification codes and 2FA. If they can access email, they can then get those codes and log in.

Yes, I mentioned that above. Email is the best access for scammers, with text next. Any site that access to any financial assets in excess of a few thousand dollars should require a true authenticator app. Until then billions will flow to the scammers.

pedro47 · 2025-12-02T05:34:37-0500

Normally a bank fraud unit will asked you, have you file a police report. This is what Naval Federal Credit Union fraud unit asked us to do.

Talent312 · 2025-12-02T14:02:57-0500

Last year, someone attempted to hack our credit union account.
They said, "We don't investigate attempts, it'd be way too much."
But he did have us change our log-in name and password.

Shiba · 2025-12-02T15:20:24-0500

This happened to me. All my points were stolen, but after the bank investigated they returned my points. My email was never hacked I was informed someone called in and was able to change my phone number with a customer service agent. When 2FA occurred they were sending it to the thieves. My bank informed me it was and automated type voice that was used and sounded nothing like me.

Funny thing I got an alert that a new device logged in. When I called my bank (customer service) they said nothing had been changed and everything was peachy. When my points were stolen fraud department said that I was misinformed. Seems that the agent dropped the ball.

I now have a password that is needed to change any of my contact information and have updated my security settings.

davidvel · 2025-12-02T16:25:47-0500

Shiba said:
This happened to me. All my points were stolen, but after the bank investigated they returned my points. My email was never hacked I was informed someone called in and was able to change my phone number with a customer service agent. When 2FA occurred they were sending it to the thieves. My bank informed me it was and automated type voice that was used and sounded nothing like me.

Funny thing I got an alert that a new device logged in. When I called my bank (customer service) they said nothing had been changed and everything was peachy. When my points were stolen fraud department said that I was misinformed. Seems that the agent dropped the ball.

I now have a password that is needed to change any of my contact information and have updated my security settings.

I would run from that bank faster and further than Forrest Gump. How can a bank allow someone to just call in change a phone number on the account without verifying details known only to the customer?

Shiba · 2025-12-02T16:41:53-0500

I suspect like most of us my personal information has been compromised with many company data breaches.

I need advice about bank fraud

JudyH

TUG Review Crew: Veteran

Hindsite

TolmiePeak

Tia

dioxide45

TUG Review Crew: Expert

am1

TheTimeTraveler

JudyH

TUG Review Crew: Veteran

Brett

JudyH

TUG Review Crew: Veteran

pedro47

TUG Review Crew: Expert

davidvel

JudyH

TUG Review Crew: Veteran

Brett

JudyH

TUG Review Crew: Veteran

dioxide45

TUG Review Crew: Expert

JudyH

TUG Review Crew: Veteran

davidvel

dioxide45

TUG Review Crew: Expert

davidvel

pedro47

TUG Review Crew: Expert

Talent312

TUG Review Crew: Veteran

Shiba

davidvel

Shiba