Possible Etrade Fraud
- Thread starter tradingbug
- Start date
The ripoff report was written by the originator of the ET thread.
Here's an article about the guy which said he got his money back.
http://www.schneier.com/blog/archives/2005/11/fraudulent_stoc.html
Also if you google Etrade and fraud, you will find many cases like this.
I think this is an appropriate time to provide my "Etrade Experience":
My first trading account was with Etrade. I a small amount of money into a trading account ($13,000). I tried to use the frontend that Etrade provided, but found that it was often difficult to access the website, and after a period of time, delays, connection failures, and long waits from placing order to fill caused to TRY to contact Etrade to complain.
I say TRY because I almost never got to speak to a customer service rep. The average wait time was often between 15 and 30 minutes. About half the time, due to my own time constraints I had to hang up without talking to a rep. I tried to email them and the result was that they repeately failed to acknowledge any problem. Ultimately the message was "you must be doing something wrong". I struggled with this for months before deciding to remove funds and go to another broker. By the way, all during this time, Etrade advertised in numerous venues that they had been voted "Best On-Line Broker" and "Best Internet Broker" etc. I even tried to contact the firms that were indicated in the advertisements to offer a contrary opinion. Incredibly they refused to consider my comments. In other words, the "voting" was fake.
Trying to close my account took nearly three weeks, of repeatedly contacting Etrade to ask where my money was.
Although it has been some years ago, I would never put money in Etrade's business, nor would I advise anyone else to do so. In my opinion, Etrade is one step above an internet scam site.
Good luck,
Steve
My first trading account was with Etrade. I a small amount of money into a trading account ($13,000). I tried to use the frontend that Etrade provided, but found that it was often difficult to access the website, and after a period of time, delays, connection failures, and long waits from placing order to fill caused to TRY to contact Etrade to complain.
I say TRY because I almost never got to speak to a customer service rep. The average wait time was often between 15 and 30 minutes. About half the time, due to my own time constraints I had to hang up without talking to a rep. I tried to email them and the result was that they repeately failed to acknowledge any problem. Ultimately the message was "you must be doing something wrong". I struggled with this for months before deciding to remove funds and go to another broker. By the way, all during this time, Etrade advertised in numerous venues that they had been voted "Best On-Line Broker" and "Best Internet Broker" etc. I even tried to contact the firms that were indicated in the advertisements to offer a contrary opinion. Incredibly they refused to consider my comments. In other words, the "voting" was fake.
Trying to close my account took nearly three weeks, of repeatedly contacting Etrade to ask where my money was.
Although it has been some years ago, I would never put money in Etrade's business, nor would I advise anyone else to do so. In my opinion, Etrade is one step above an internet scam site.
Good luck,
Steve
Apparently etradevictim, at least, got some satisfaction from etrade: http://www.businessweek.com/technology/content/nov2005/tc20051103_565150.htmQuote from etradevictim:
During our absence from this country in July, some hackers were able to wire out funds many times to a total more than $150,000. to a Wells Fargo account that was not registered in our name. All these funds were wired out on margin and finally they also sold some of our holdings that we had for a long time. Still there is a negative cash (margin) balance that is accumulating interest everyday although e-Trade said they froze the account after they realized the fraud following many transactions each one strangely slightly below $30K. Strangely, we have never wiredout a penny from this account during its life - this did not flag them or alert them to check !!!
e-Trade is not taking any responsibility at all and blaming us for not securing our computer properly. After all these transactions, they finally realized the fraud and tried to contact us but we were not here and they apparently froze the account then - too late !
Whe we ask how they could wire funds to a 3rd party account, they say that the hackers included our name as the account holder - without checking whether it was indeed in our name - it turns out that it is not and we never gave them written permission to transfer funds to a Wells Fargo Bank account.
We did contact an attorney but apparently we cannot sue them ! We can only arbitrate and that too in CA where e-Trade security folks are.
Dont they have any insurance against such fraud?
So far, e-Trade did not send us any document confirming the fraud that happened although they did mention it in our conversations. In addition to all these, we have to worry about tax issue.
They did not care to answer any of our letters written to many including CEO and President/COO.
We are trying to contact various TV folks to see if anyone can help us. Any help with this will be highly appreciated.
NOVEMBER 3, 2005 ⢠Editions: N. America | Europe | Asia | Edition Preference
Invasion of the Stock Hackers
An alarmed SEC says that teams of thieves are lifting passwords from home PCs -- and emptying online brokerage accounts
Arriving home from a five-week trip to Belgium and India on Aug. 14, a jet-lagged Korukonda L. Murty picked up his mail -- and got the shock of his life. Two monthly statements from online brokerage E*Trade Financial (ET) showed that securities worth $174,000 -- the bulk of his and his wife's savings -- had vanished. Advertisement
During July 13-26, stocks and mutual funds had been sold, and the proceeds wired out of his account in six transactions of nearly $30,000 apiece. Murty, a 64-year-old nuclear engineering professor at North Carolina State University, could only think it was a mistake. He hadn't sold any stock in months.
"I'M SHOCKED". Murty dialed E*Trade the moment its call center opened at 7 a.m. A customer service rep urged him to change his password immediately. Too late. E*Trade says the computer in Murty's Cary (N.C.) home lacked antivirus software and had been infected with code that enabled hackers to grab his user name and password.
The cybercriminals, pretending to be Murty, directed E*Trade to liquidate his holdings. Then they had the brokerage wire the proceeds to a phony account in his name at Wells Fargo Bank. The New York-based online broker says the wire instructions appeared to be legit because they contained the security code the company e-mailed to Murty to execute the transaction. But the cyberthieves had gained control of Murty's e-mail, too.
E*Trade recovered some of the money from the Wells Fargo account and returned it to Murty. In October, the Indian-born professor reached what he calls a satisfactory settlement with the firm, which says it did nothing wrong. Still, Murty suffered many sleepless nights. "I'm shocked. We didn't know people could play these kinds of tricks."
I'd like to chime in on this discussion. I work full-time as an IS Director for a beer distributor and have to deal with security issues on a daily basis.
A lot of "phishing" crimes originate from the eastern European area. There are a lot of computer savvy individuals with little money that are desperate to wring out as much money via fraud as possible. Since they are in another country, it is next to impossible to try and recoup losses by going after them. Your best protection is prevention (ounce of prevention worth a pound ... blah blah ).
There are several major ways that hackers / phishers will gather information about you. These range from easy to extremely difficult. There are also "localized" methods and "global" methods. I'll touch on a few and answer any questions anyone might have.
The easiest way to gather information is through "phishing." Phishing is the process of sending an illegitimate e-mail that appears to come from a trusted source asking for account information or clarification. It can get technical, but the end result might be an e-mail in your inbox from "E*Trade" warning of suspicious activity.
You read the e-mail and naturally are concerned, so you click the link and go to a page that looks official enough -- it looks and feels just like you are at their site. Next, they inform you that you should reset your password -- but first log in with your current username and password. **** HOLD UP ***** What just occurred here? You just gave them exactly what they need to hijack your account.
Phishing is by far the most prevalent way that they (the hackers) obtain sensitive information.
Phishing is a high-treat "global" threat. It is global in the sense that anyone from anywhere in the world can initiate this.
Trojans and viruses are also problematic. I would place these as a medium-high threat. It would be incredibly easy for me to program a simple key-logger that records everything you type on your keyboard and transmit that information via E-mail or an IRC channel where a "bot" could collect the information. Trojans and viruses don't just slip into your computer -- you generally have to make an active choice to disregard security to find one on your computer. Internet Explorer can also be a large security risk. ***** YOU MUST APPLY SECURITY PATCHES ASAP *****
1. Go to http://windowsupdate.microsoft.com and install all the security updates for your OS and Internet Browser (assuming you are running Windows). Reboot. Do it again. Keep doing this until the site tells you there are no more updates available.
2. Download ADAWARE and scan your system for any adware or spyware trojans. Last I checked, this program was owned by Lavasoft so make sure you download the legit version.
3. Run a free online virus-scan at this site: http://housecall.trendmicro.com/
I can go into many other security related matters if anyone has questions.
My personal feelings toward WiFi hotspots is this -- try not to conduct sensitive transactions on an unsecured Wifi connection. 128 bit WEP encryption is crackable, but it requires time and a statistically usable amount of packets sniffed before the security is breached. I seriously doubt that anyone is cracking WEP connections at their local Starbucks.
If anyone has questions, ask away -- I operate an e-mail server for three distribution points and see around 100-200 incoming illegitimate phishing scams every day. Every time a new one comes out, they get a tad bit sneakier as well.
Scary stuff.
A lot of "phishing" crimes originate from the eastern European area. There are a lot of computer savvy individuals with little money that are desperate to wring out as much money via fraud as possible. Since they are in another country, it is next to impossible to try and recoup losses by going after them. Your best protection is prevention (ounce of prevention worth a pound ... blah blah ).
There are several major ways that hackers / phishers will gather information about you. These range from easy to extremely difficult. There are also "localized" methods and "global" methods. I'll touch on a few and answer any questions anyone might have.
The easiest way to gather information is through "phishing." Phishing is the process of sending an illegitimate e-mail that appears to come from a trusted source asking for account information or clarification. It can get technical, but the end result might be an e-mail in your inbox from "E*Trade" warning of suspicious activity.
You read the e-mail and naturally are concerned, so you click the link and go to a page that looks official enough -- it looks and feels just like you are at their site. Next, they inform you that you should reset your password -- but first log in with your current username and password. **** HOLD UP ***** What just occurred here? You just gave them exactly what they need to hijack your account.
Phishing is by far the most prevalent way that they (the hackers) obtain sensitive information.
Phishing is a high-treat "global" threat. It is global in the sense that anyone from anywhere in the world can initiate this.
Trojans and viruses are also problematic. I would place these as a medium-high threat. It would be incredibly easy for me to program a simple key-logger that records everything you type on your keyboard and transmit that information via E-mail or an IRC channel where a "bot" could collect the information. Trojans and viruses don't just slip into your computer -- you generally have to make an active choice to disregard security to find one on your computer. Internet Explorer can also be a large security risk. ***** YOU MUST APPLY SECURITY PATCHES ASAP *****
1. Go to http://windowsupdate.microsoft.com and install all the security updates for your OS and Internet Browser (assuming you are running Windows). Reboot. Do it again. Keep doing this until the site tells you there are no more updates available.
2. Download ADAWARE and scan your system for any adware or spyware trojans. Last I checked, this program was owned by Lavasoft so make sure you download the legit version.
3. Run a free online virus-scan at this site: http://housecall.trendmicro.com/
I can go into many other security related matters if anyone has questions.
My personal feelings toward WiFi hotspots is this -- try not to conduct sensitive transactions on an unsecured Wifi connection. 128 bit WEP encryption is crackable, but it requires time and a statistically usable amount of packets sniffed before the security is breached. I seriously doubt that anyone is cracking WEP connections at their local Starbucks.
If anyone has questions, ask away -- I operate an e-mail server for three distribution points and see around 100-200 incoming illegitimate phishing scams every day. Every time a new one comes out, they get a tad bit sneakier as well.
Scary stuff.
Aphexcoil,
Thanks for the suggestions. I notice when running spybot or ad-aware, that numerous data miners are removed as well as an occasional registry change.
My question is how to prevent any possible key logger from ever getting on your system at the time it tries to get on, rather than removing it after it gets on after the damage possibly is already done. Are there any programs out there to do that, keeping off key loggers in the first place?
For security, I have a hardware router and a good firewall, Outpost Pro by Agnitum. Outpost Pro will not allow any executable program with the extension .exe to operate on the computer and establish an internet connection unless you give it explicit permission to run. However, I'm not sure that this firewall would prevent a key logger from operating on the system in the background without your knowledge, as many key loggers are advertised to operate undetected by the user.
Also have Norton Systems Works Pro with up todate AV, but it never finds any infected files.
Thanks again.
Mike
Thanks for the suggestions. I notice when running spybot or ad-aware, that numerous data miners are removed as well as an occasional registry change.
My question is how to prevent any possible key logger from ever getting on your system at the time it tries to get on, rather than removing it after it gets on after the damage possibly is already done. Are there any programs out there to do that, keeping off key loggers in the first place?
For security, I have a hardware router and a good firewall, Outpost Pro by Agnitum. Outpost Pro will not allow any executable program with the extension .exe to operate on the computer and establish an internet connection unless you give it explicit permission to run. However, I'm not sure that this firewall would prevent a key logger from operating on the system in the background without your knowledge, as many key loggers are advertised to operate undetected by the user.
Also have Norton Systems Works Pro with up todate AV, but it never finds any infected files.
Thanks again.
Mike