A US Airman assigned to a Colorado Support Squadron recently discovered a new scam that exploited a hole in his bank’s ACH (automated clearinghouse) process. This is the process by which banks move money around to settle all our checks, credit card and debit card transactions, mortgage payments, etc.
In this scam, the thief randomly generates account numbers and attempts to deposit a single penny into the account using the ACH system. When one of these tiny deposits clears, the scammer knows that he/she has found a live account and immediately processes a withdrawal from the account. According to one bank’s representative, this has been a recurring attack. In each case, the scammer makes only a single, fairly small withdrawal from the account – $124.90 in this case. Presumably, that’s small enough that it won’t overdraw most bank accounts immediately and that it might get overlooked if you don’t reconcile your checkbook regularly but it’s large enough to make money for a scammer conducting thousands of these attacks.
The scammers particularly like to make their initial transactions at the start of the month, knowing that their scam will likely go undiscovered until the end of the month when the bank statements are sent out. From the available evidence, this attack was automated and is likely to become more common, at least until banks are able to address the lack of real-time validation in the Federal Reserve’s ACH system. Read more at Air Force Link.mil.
The only defense against this kind of attack is to watch your bank account carefully. Reconcile your statement monthly and consider checking your account online a couple of times during the month to see if there are any unrecognized transactions. If you find one, contact your bank immediately.
Remember that a Bank error in your favor is only a good thing in Monopoly. Any unknown transaction, positive or negative, should be treated with suspicion.
Leave a Reply