"Warning"..re. on-line banking

[Hoose]

**Addition**

 

Many banks are currently looking at token based, or two tier authentication.

 

this is where you recieve a small "fob" which has a constantly changing code.

 

this code relates to a server code and without these two numbers matching, no matter if the details are correct, people are not getting in.

 

HSBC currently do this on business accounts, and I believe all banks will be looking at the costs involved on rolling this out to Personal Banking customers.

[mick094m]

was replying to "yourbank" not you , my password was as you suggested as I have a bit of knowledge of IT as well think this thread should be closed now as it is going nowhere far as I am concerned,am well aware of the full number not being printed that was what I was referring to and see no reason why it should not be the same on statements,I have already e-mailed the DWP asking for an explanation and am following it up with a phone call tomorrow plus in writing.I won't be reading anymore on here logging off

[yourbank]

.................................

Edited July 29, 2008 by yourbank
cannot help

[Hoose]

yourbank, sorry, was the whole of your post aimed at me or just the first line

 

i am assuming just the first line

[PriorityOne]

I think YB was talking to Mick... not you Hoose.

[Hoose]

well thats alright then, otherwise, i was gonna have to send him a "Your Account Details need confirming" email

[mick094m]

Update

to all the helpfull advise that has been given re who is responsible etc etc. for inputting the national insurance number ,I have just been speaking to the Department of Works and Pensions and have been informed that there is no way the DWP disclosed this information to the Halifax and that it is the Halifax who are responsible for it .It was pointed out that a lot of banks just put DWP or DLA .with no mention of National Insurance Numbers so a big thank you to the person ,persons who stated that "all banks" put the Nat Ins Number ,in fact we Checked my wife's who is with the Yorkshire and there is no comments whether it is state pension or what ever at all,(DWP OR STATE PENSION) on her's apart from we assume is the ID of the person employed by the Yorkshire who is inputting the amount to her account.So it would appear that working in a bank does not mean that the innformation imparted on here is correct.

I am off now to make more phone calls spent all weekend e-mailing all and sundry ,Financial Mail ,Data Protection etc etc.

[yourbank]

..........................

Edited July 29, 2008 by yourbank
cannot help

[Hoose]

mick,

 

credits / debits are not processed manually.

 

with the amount of people holding bank accounts, and the amount of credits being sent out by DWP et al every day / week, can you imagine the manpower that would be needed to cover that!!!

 

here is how the systems work:

 

The DWP computer systems generate, for want of a better phrase, a spreadsheet. this "spreadsheet" contains at least the following information:

 

Name

sort code

ac number

amount

reference

 

there are prob more fields, but I am keeping this at an overview level.

 

so, the file would look like:

 

Mr J Bloggs, 10-00-00,12345678,112.58,Payment Refernce

 

and so on and so forth.

 

now, the DWP computer system has to assign a reference to the payment, so that THEY can link the payments, and so that you know who it is from.

 

In employment, your reference will be your payroll number.

 

for example, my main job, my salary is credited with the reference consisting of my company name and my payroll number.

 

I also recieve a credit from HMG / MOD. this reference appears as HMG XXXXXX (the 'x's are my ID number)

 

the ONLY identifiable number that the DWP work from the the NI number, and so, THEIR systems use this as the reference against all payments. when my ex partner got her benefits into her bank account, that also came up with her NI number. you say your wifes account doesnt. is that a passbook account?? if so, that will prob just say Credit / Standing Order / BACS. the reason for this is, payments into a building society have to be cleared through a mainstram bank account, so the DWP have to use her passbook account number as a reference, otherwise the payment would not reach her.

 

At work I deal with BACS systems, when we send payment, we send it with our customers Account number as the reference. this makes it easy for us to trace payments etc.

[mick094m]

Hoose and your bank ........you are missing the point I never put this on here for advice........read my first thread it clearly states "warning" and refers to another similar case with the Halifax.....as you say this is beginning to get way off "MY POINT" as a warning.....you may have your opinions, on who is right and who is wrong, personally I don't give a hoot. Because in my opinion it is made clear in the media about what to disclose and what not to disclose and if the Halifax don't know, then as I have stated "in my opinion" it is they are who in the wrong using a system that displays and printouts a persons National Insurance Number, regardless of what information was forwarded by the DWP,as "personal information" is so sensitive especially what I am refering to then the system is "faulty" and Halifax should have realised this before installing it, especially as it would appear that there are massive holes in their on-line system, not as secure as they state,hence after mine was hacked into, and money emptied from it .I was annoyed at that but ,also annoyed at all the comments made "don't worry you will get it all back plus any charges incurred".........yes but "WHEN". Then to top it all I find that this personal information could be, and I am assuming it "has already" been made available to whoever hacked into my account........that was my MAIN REASON for "WARNING " other users of the Halifax,anyway off now to write a letter of complaint to the Financial Ombudsman, priorityone seems to be the only one who has read and understood my post.

[mick094m]

I have just had a reply from Lisa Buckingham the Editor of the Finacial mail On Sunday...." Gosh that seems a bit remiss of them I will get someone to look into it"

[Hoose]

Mick, I may well be missing your point, but at the same time, i think you are missing mine.

 

Halifax or any other bank DO NOT specify the credit details that are entered on BACS payments, these are transmitted by the SENDER. they CANNOT alter any information that is received, as this could constitute fraud.

 

for someone to hack into your account, they would need at a minimum of 3 pieces of information,

 

your user name

your password

your security question answer

 

somehow, and the how may never be known, they have obtained this information and gained access to your account.

 

no matter what security is applied to it, the fact remains, the internet is not always a secure area, there is always a risk, no matter what site you visit.

 

the advent of token based authentication and biometric based are improving the general security of sites that require it, but unfortunatley, banks have been slow to implement this on the consumer side, primarily due to the sheer cost scale involved (maybe they will end up making a charge of £5 or something in future) but until that point, they, and we are faced with a system that will always have one crucial weak link.

 

The weak link is ALWAYS the user, (and this is not meant as having a dig at you mick, i am talking generally).

 

For more information (if you are so inclined) you should google the term "Social Engineering".

 

In general, people always use passwords that are memorable to them, things like spouse names, childrens names etc etc etc. therefore, through a simple conversation on the street, someone bumps into you, and thinks they know you, your natural reaction when faced with someone purporting to know you and asking questions is to answer for example:

 

Me: Oh, hiya, how you doing. not seen you for ages, hows your wife?? erm, Margaret, Maud...

 

You: Madge you mean

 

Me: Oh yeah, thats right, Madge, is she OK? how about the kids, your eldest must be what now, 15 / 16 Jamie was it?

 

You: John, yeah he is actually 17.

 

and so on.

 

From just a simple conversation like that, the fraudster has already got more information than you would normally give out.

 

it gets even easier when they purport to be carrying out a market research survey.

 

 

Automated fraud systems do monitor accounts, and in your case mick you were lucky that they used it to pay their credit card bill, as that means they will be found and brought to justice.

 

I am not advocating banks, and I am not condoning the rip off tactics i use, but where they are being slated for showing information thay they have no control over, I will stand up and say so.

 

Like you said Mick, you started this thread as a warning to others, so in that respect it should stand, but to perhaps prevent any further misunderstanding, maybe a mod should lock it.

[mick094m]

who mentioned credit card.......not me it was a standing order that was set up...as a result of the finacial mail being involved I am sure something will come to light and it being sorted out and lay the blame at whoever is responsible.................no more please I am off to the doctors for some anti-depressants........I only updated for the attention of priorityone who I did say I would keep informed,if there was a way outside of the forum of updating him I would do so

[PriorityOne]

Hiya Mick... I am a SHE, by they way...

 

The guys are only trying to help you Mick... I also have my NI number on bank statements. If it's a Standing Order fraud, then 'm not sure that the NI number is the real issue anyway, since it wouldn't be needed to set one up.

 

Halifax should have details of how/when it was set up though. If it was manually, then there'll be a paper trail. If it was by 'phone, then there should be recordings.

 

Not sure if that helps, but whatever one it is, Halifax/the Information Commissioner need to be informed as part of your complaint, IMO.

[yourbank]

I have recently found myself in a similar situation with another member having my on-line banking "hacked " into, and some startling facts have come to light.To start with it started happening last month with "suspicious e-mails" requesting personal details uodating,as evryone should be aware,this is incorrect as they( any banks) NEVER request anything like this so as requested I forwarded them to the online security,I think it was a total of five e-mails, never got any replies which seemed a bit odd to me.Banks do not reply to reports of SPAM emails as they try and go to the source to shut them down. Then last weekend I was away in Wales on both Saturday and Sunday at motorcycle event in Mid Wales,on my return on Saturday,there was a letter from the Halifax thanking me for informing them of my "change of address" as I had never done so as soon as I was able I contacted them to inform them that this was not the case and that I was still at my present address.Then to my horror whem I went onto my on-line account I found that my account had been cleaned out plus £445 of my overdraft facicilty gone( this overdraft had never been used for a long time it was only there for "emergency" use).I found out that it was part of a standing order that had been setup with a Barcleys account from an address in Wolverhampton this took £445 from the overdraft facility and would have taken out £100 per month if I had not deleted the standing order from my account.after reporting it to the Branch in Liverpool I was told that there was nothing to worry about as I would get it all back along with any charges,nothing to worry about !!!!!!!!!!????Bank will refund all money and interest taken as a result of fraud. They were trying to reassure you when it is a distressful experience. on my return home I then went in to my account changed the pass word and found some startling facts about on-line banking that has made me mad.it is no wonder it is so easy for identity fraud, in the past I may have noticed this but paid little attention to it at the time,on my account statements along with the input of my "state pension" there is my "NATIONAL INSURANCE NUMBER",so therefor Halifax are giving personal information on a plate to anyone that hacks into any account,this has left me fuming, and would like to know if this is legal for them to do this ,surely this is against the Data Protection guidelines.(I have explained this on now deleted content posts here). Though if the online banking was as secure as they state there would be nothing to worry about.(unfortunately anything you do on the internet could be compromised)But then comes how easy it is made for any "hacker" to gain access ,all they need to do is download the change of address form submit it and away they go,given a head start by the only means of this being confirmed is when a letter drops through your letter box asking if this change of address is correct if it is not they have already given the "hackers" a head start and freedom to empty ypur account.(Don't know Halifax but would they have a signature for a change of address or is it done online? That is odd. The fact they have your online details would be enough to clear the account so these criminals aren't that smart if they have given their own address to the Bank as to where they live).

Surely as an e-mail address and phone number of all online account holders are held by the Bank surely it would be a lot quicker and surely more common sense to do this or phone the person instead of relying on a letter via a mail system that resembles the pony express. Or in some cases the person the letter is sent to is away on a months holiday.(Not everyone gives the bank their telephone number. As the debt forum on here can attest, why would you talk to someone who SAYS they are from the bank?)

The most annoying part of my experience is the fact that I alerted Halifax Security Online by forwarding them the "suspicious e-mails and nothing was done regarding them ,I would have surely expected them to have flagged up my account to be watched for any suspicious activity,and as I have not needed to use the overdraft facility,this would have aroused suspicions and they should have contacted me and therefore prevented any access to my account.(I receive loads of emails which state they are from my bank, I know they are "phishing" emails. It does not suggest even under the circumstances that my account is about to be compromised).

I am now worried sick as to what is being done with my National Insurance Number,I will be contacting the DWP on Monday informing them of what happens.I will also be lodging a VERY STRONG COMPLAINT with the Halifax and informing them to expect Legal Action to follow............I hope that this has been of some help to other members of the group that have accounts with the Halifax ..........CHECK YOUR ACCOUNTS EITHER PAPER OR ON_LINE ,If you are on any form of benefit CHECK TO SEE IF THEY ARE DISCLOSING YOUR NATIONAL INSURANCE NUMBER.Then complain about it to THEM

I have told you about DWP payments and narratives and I won't waste further time on this and have confirmed with another site that other banks do the same including Yorkshire Bank(yes it annoyed me that much that I was not being clear in what I said[/quote]

 

Mick, I have edited out all of my comments made on your thread previous to this one. The above quote and my comments are from post 1.

If you need to update priorityone, you can use Private Message facility. I will not be back to comment on here but if other users comment on the National Insurance thingy on their thread I will explain it as I did yesterday because I am certain that the information on that aspect of your thread is 100% correct.

I am very intrigued as to the change of address and potentially one of the most stupidest of criminals giving the bank their address after taking your money.That is the weirdest thing about the first post. Most people who get peoples details take the money ONLY and do not change the address at the same time.

[mick094m]

You have given up slagging me off on my thread, but continue bringing my name up on someone elses .Incidently if I was talking a load of rubbish (untruths) why is an Editor of a Finacial section of a National Newspaer getting someone to look into it,why is an MP wasting his time looking into it,I mean surely they are on the same level of intelligence as yourself and could but me right by telling me the truth right away (not having to look into it)and incidently you keep going on a about phishing e-mails not being dangerous,if that is the case explain( no don't bother as I am hoping that someone closes this thread,) to me why Banks request if you get one(suspicious e-mail ) to forward it to them....why not just delete it in the first place and not bother forwarding it,if I do as someone requests me to do, I assume it is for a good reason to do it, and I expect it to be looked into, seeing they requested it in the first place.

Incidentally as you are a bank worker I hope it is not with the Alliance and Leicester,as my Sister is Senior Management there being and Audited Accountant and if she was not away on holiday I would have all the advice I needed from a suitably qualified person,My cousin who is away with her on a backpacking holiday is also qualified in Welfare Rights but as they are away for a few more months, this will all be sorted by bthe time thay get back,but I am sure they will find it amusing reading all of your qoutes.I came on here to warn people but you seem to think it is ok for personal details to be published wonder what would happen if some of your personal details appeared IN PRINT, remember the wording PUBLISHED IN PRINT.

[yourbank]

You have given up slagging me off on my thread,I gave you factual information until I was blue in the face but you have yet to understand what I am trying to tell you(that could my fault and not yours). but continue bringing my name up on someone elses you brought up the National Insurance issue as though the Bank tampered with your details prior to them appearing on your statement which I know is incorrect.Incidently if I was talking a load of rubbish (untruths) why is an Editor of a Finacial section of a National Newspaer getting someone to look into it,why is an MP wasting his time looking into it,I mean surely they are on the same level of intelligence as yourself and could but me right by telling me the truth right away because I think there are two issues. (1) Your address was changed without any signature whatsoever-I have only mentioned that on the last post because I think it is VERY significant and unusual on "phishing attacks". (2) Identity theft as you said is something that the government are taking a hit for. The Government do not disclose NI numbers on Pension Credit, working tax credits, family tax credits and perhaps they could do more on other benefit payments such as Income support(NI number +initials IS), to prevent identity theft.(not having to look into it)and incidently you keep going on a about phishing e-mails not being dangerous,if that is the case explain( no don't bother as I am hoping that someone closes this thread,)(PM site team to do so or use the warning triangle to the side of the post to close the thread) to me why Banks request if you get one(suspicious e-mail ) to forward it to them....why not just delete it in the first place and not bother forwarding it,if I do as someone requests me to do it is to close the site that has originated the email. I have not said that they are not dangerous because they are if you respond to it, I have said that to RECEIVE one is not an indication that fraud WILL be committed on your account, I assume it is for a good reason to do it, and I expect it to be looked into, seeing they requested it in the first place. How do you know that the bank is not looking into it albeit, they could acknowledge the receipt of it yet they could defeat the whole object of it, if they email you. Would a written response be better in your opinion?

Incidentally as you are a bank worker I hope it is not with the Alliance and Leicester,as my Sister is Senior Management there being and Audited Accountant and if she was not away on holiday I would have all the advice I needed from a suitably qualified person,my true identity is NatWestStaffMember/Nattie which if you google the first name, you will see that I post across charges forums and other forums. My cousin who is away with her on a backpacking holiday is also qualified in Welfare Rights but as they are away for a few more months, this will all be sorted by bthe time thay get back,but I am sure they will find it amusing reading all of your qoutes.Cannot wait for her to tell you what I have told you with regards to benefits. I can PM you a list of benefits where the government include NI numbers or you can look on Stephen Hone's Penalty Charges site where I put the whole list. Search under the name Natty which again is my username there. I came on here to warn people but you seem to think it is ok for personal details to be published wonder what would happen if some of your personal details appeared IN PRINT, remember the wording PUBLISHED IN PRINT.

I will try and see your argument, ok?

Did you give the bank your National Insurance number prior to this incident? If you did then maybe I should see how you can think that the bank have done this. I do not understand.

This is how I read your post. Halifax have tampered with a pension payment(Direct Payment) and inserted your National Insurance number before it credited your account and was sent to you in print to the address the bank hold for you.

I still think you need to ask them to look into that address change. My advice, if you want it, is to ask HBoS WHY they changed your address and for a copy of the written authority that they took to do so. Please Private Message me the article that appears in the paper or post it in the media section. I apologise if you feel I am slagging you off. I will re read the other thread and comment if appropriate.

[Mr lex]

Interesting read,

 

on my return on Saturday,there was a letter from the Halifax thanking me for informing them of my "change of address" as I had never done so as soon as I was able I contacted them to inform them that this was not the case and that I was still at my present address.

 

So they wrote to your old (not) address, thanking you for informing them of you new one ??

 

I hope you did not use the contact info on that letter to report it.

 

IMHO if such things as NI numbers are appearing on your paper statements, along with your name, address, account numbers and no doubt your branch's address, this may be not against data protection, but is grossly incompetent. No wonder I.D theft is on the increase.

 

I don't know how Halifax/HBOS resolve their security reports, but I get my share of 'Phishing' emails which I always report and never get a reply to. That, as Yourbank points out, maybe their policy, however a short 'We are looking into it' message would at least show they were taking an interest. That would encourage their costumers to help both themselves and the Bank protect ALL sides.

 

I would suggest that any breech in your security took place some time before your 'change of address' letter. How are Halifax/HBOS handling now? I would ask you to please keep your thread updated as the outcome will be of interest to many users.

 

I can not comment on the deleted posts on this thread, however I feel the poster would not deliberately curse offense. Their comments over the last two years and a couple of thousand posts have been honest, accurate in their field and forthright.

 

Lex

Edited August 3, 2008 by Mr lex

[mick094m]

Hi

Interesting to see someone showing a bit of interest in "My Warning" .To try to make this as simple to follow as possible I will try to repeat the events.

To start with I started getting these e-mails that Iknew were not from the Halifax for the obvious reasons, So as requested by the Halifax I forwarded them on to them.I was not expecting any reply,but I was expecting them to act in some way about them,it was obvious to me that none of this took place,if it had I would not have been put in the situation of having my on-line account hacked into.The date of the first e-mail was as far back as 9th.June 2008 then the folowing e-mails were forwarded to them on these dates 18th. june 2008 (2) 19th.june 2008 (1) 3rd.july 2008 (2) 10th. july2008 (1) 20th.july 2008(1) 25th.july200891) 27th. july2008(1) 29th.july 2008(1).

Anyone with half a brain could see a pettern emerging,but no nothing was done about these e-mails,then on Saturday 19th.July 2008 on return from Wales I had a letter Dated 17th.july 2008 thanking me for informing them of my change of address,as I was having problems with my broadband I had no idea what was going on at the time as I had been off-line for quite a few days so on the Monday I Phoned up the number on the letter to tell them that I had never requested a change of address,I then had access to my broadband the following day and to my surprise on checking my online account I found that a standing order had been set up and money taken from my account plus £445 of an overdraft facility of £500 (which I had never used )this annoyed me and went stright down to the Local Branch of the Halifax to report it face to face.I was told that the SO had been setup from a Wolverhampton address and the recipiant was a branch of Barclays in London.and not to worry as I would getit all back plus any charges incurred.

On my return home iI went in again to delte the SO after I had printed off a copy for myself,then changed my password,then looked in a bit more detail at my account ,it was then that I noticed that my National Insurance Number was plain to see along side the crediting of my State Pension by the DWP and also My DLa payment as well.You don't really notice these things until something like this happens ,as they (Halifax ) state that it is "secure" online banking, but then I checked my "printed" statements and they were Identical so not only do you run the risk of having your personal details exposed on the web you also have it exposed by going missing in the post as well.This really annoyed meand it set off a chain of events one of which was to post a "Warning" on here for the benefit of others.I did not start it with the intention of getting advice as I had already set up what I had decided to via e-mails phone calls etc. But to have some one reply with all sorts of comments ,more or less making "me" out to be an idiot and the culprit really annoyed me,especially the remarks that it was not the Halifax that was at fault it was who ever gave them the information.eh! excuse me has the Halifax not been made aware of the main door opener of Identity Fraud (Personal details punblished) and you cannot get any more personls that National Insurance Numbers.I tried to point out on numerous accasions that it was the person or persons who actually PUBLISH THESE DETAILS that are responsible in my book and hopefully in the eyes of the Law,but got nowhere it was even pointed out that the DWP credit my account via the BACS system therefor if they (Halifax ) altered in anyway those figures they would be guilty of "fraud".I tried to point out I was nit bothered who was found responsible all I wanted was for someone in Authority to look into what I thought was serious intrusion into my personal details and to do some thing about it as I was sure that it is not just me that is effected by this but anyone who is in receipt of any form of benefit from the Government(DWP).I still thing it is wrong and won't rest until someone admits liability.Have e-mailed various media,have been informed by the person replying to this post that it will be just a laughing matter...........we shall see who has the last laugh as I intend getting to the bottom of it. As I say anyone else in the same position check your statements and do something about it if it is the same as mine.

Update..........after the hacking and getting back on line I was having difficulty actually doing so ,then I found out that my anti-virus software had been messed with and proof of this is due to the fact that I could not uninsttall to re- install would notlet me do anything ,even with the softwares recommended down load removal tool..You will find if they have hacked into your internet they must obviously have to tinker with any software firewalls ,so since this I purchased a brand new anti-virus system and am able to get online no problem (at the moment) until the next hack,then it will be bye bye internet will do without you.Sorry its a bit long winded hope it makes it a bit clearer.

[yourbank]

Mick, my reading of your posts was wrong, and I do think you have brought up an issue that is worth pursuing. The issue of the National Insurance is one that is worth looking into.

Here is a list of other benefit recipients that would have the Insurance Number disclosed:

List of benefits - Penalty Charges Forum

Post 2 under my normal username.

 

Other benefits do not have the National Insurance number disclosed such as, Working Tax Credit, Family Tax Credit, Child Tax Credit.

Why can the DWP simply send the money with a full narrative, ie "State Pension", Disability Living Allowance?

In these days of identity theft and even mail being stolen, then the state is already giving fraudsters an NI number.

 

Going backwards to what Mr Lex has said. When you received the letter from the bank, did they ask you for security details? Has the letter been confirmed as legitimate?

Have Halifax told you when the Standing Order was set up? Was it before or after the letter and phone call was made?

I don't want to be confrontational towards you but I do think there are multiple things within the post that are interesting things to follow up. My point on receiving emails which links you to a "phishing" site was that if you respond then it explains the fraud on the account but you didn't, because you sent them to the bank. Receiving a phishing email may not necessarily suggest that fraudulent activity is taking place, it might help the bank to detect the source of them to shut them down. The bank should be able to trace the source of the person who hacked into your account.

[mick094m]

I don't think I have a point worth pursueing I KNOW I HAVE,as stated I was not interested in them replying to my e-mail that is why I don't use the phishing route,you never ever know if it is acted upon,and it is obvious that it is notas they keep turning up over and over agiain so I just dellete them unless from the Halifax then I do as they request and forward them to them but obviosly if you look at the dates of the forwarded e-mails I may have just deleted them.

Regards the letter of change of address that came on the Saturday 19th July2008 dated 17th.July 2008 and the Standing Order was etup on the 22nd.July 2008 the day I reported it to the Halifax Branch.

details of SO :

Identification Number 02

Recipient @ Barclays Bank

Reference: SPW***********

Receivibg Sort Code: **/**/**

Receiving Account Number: *********

First payment amount:

Regular payment amount:£100

Frequency monthly:

Next payment 22/08/2008

Actual Payment Date: 22/08/2008

Last Payment date: 22/09/2008.

 

 

This was setup on 22/07/2008

Yet I phoned up on 21st.July 2008 to the number as requested on the letter(if I had not requested this changeof address call us on 0845 124 1421 between the hours of 8am and 8pm.

So yes I know I have a strong case against the Halifax on the "hacking" alone not to mention the other B**** up.

Also I recived a very speedy reply to the hacking and fraud report I made out ,I was told it usually takes weeks to investigate ,yet I have been informed that the investiagation has been concluded and the money returned to my account,cannot confirm this as I never ever going to use on-line banking again,it makes you wonder whether the comment made very earlier on has some truth in it i.e. that it was an inside job.

We shall see as I will not give up until a satisfactory conclusion is made to MY SATISFACTION.

Edited August 3, 2008 by Mr lex
Details removed, just in case

[mollington]

Ok i work for hbos. and have read most of this thread , (although not that last post mick, one work PARAGRAPHS it hurts my eyes)

 

issue one , NI number on your statement, as has been said before this refference is put there by the DWP and changing it would eb considered fraud , if your that sure the halifax is in the wrong seek legal advice and see how far you get.

 

issue two. the halifax does normally send a thankyou for your email . email after sombody has fowarded a susspecting phising email, I know this from personal experiance as i get them myself all the time . so you must of used the wrong address.

 

issue three. Adress change , its actully quite normal for the halifax to send a confirmation letter to the old address, this is considered additinal secuity and a heads up to the account holder if its fraud. and although you can change your address using the online form if the new address cant be verified electronically you will be asked to go into a branch with ID.

 

and clearly there is an issue of some sort with the address change and this should be being investigated by the halfiax. as should teh fraud , but please bear in mind that ulimatly the halifax fits teh bill for any fraud on your account as its in there intrest to make things as secure as possible and get whoever was responsable

 

so please just calm down, stop ranting over things the halifax is not responsible for and let them investgate the real promblem properly

 

another word of advice if you want the halifax's help in getting this sorted as quick as possible for you. be as nice as you can becuase people who are being yelled at are less likly to go the extra mile for the person doing the yelling.

[PriorityOne]

Hiya Mick...

 

Just approaching this from a different angle for a moment, you said in a recent post that your anti-virus wasn't working around the time the fraud went on. It's therefore possible that your system was hacked into and your password keys logged. Some years ago, I had a virus that disabled my anti-virus software, but fortunately, the anti-spyware that was also running at the time managed to pick it up.

 

I don't know what you're recently purchased, but anti-virus/anti-spyware can be downloaded for nothing. I've always used AVG and Spybot, along with a good firewall and have had no problems in the last 4 years.

 

[mick094m]

This reply is for the attention of Mollington ,who sent me a private message calling me a "twit" etc ,as he works for HBOS I am beginning to wonder if we are safe putting our finances in these peoples hands.

I have received this reply from the DWP it should show who is and who is not the "twit".

I will condence it in case it hurts his eyes ,this is the important part I consider relevent .

 

We provide the banks with a payment reference of up to 18 characters incorporating the Nat. Ins. Number. We are also aware that banks use the information in the exact format provided to them by the Department but "ultimately" how much of it appears on the customers statement is "THE RESPONSIBILITY of THE BANK" ..."WE DO NOT REQUEST OR INSTRUCT BANKS TO SHOW THE NATIONAL INSURANCE NUMBERS" on their customers bank statements. So who is the twit now, incidentally see I am not the only one who has had personal information disclosed , see the CEO from the bank in question is in the same boat. Something radically wrong with this and few other banks with all of this,incidently "mollington" I have put an official complaint in to the complaints dept. on 6th.August 2008 ,to date not even had any form of reply from them,despite also requesting they send me an upto date statement so I can check if anything else is amiss and to find out what state my account is in.

question: Do I also qualify for compensation the same as all these prisoners will be claiming for their personal information being disclosed.? better finish now in case someone's eyes are hurting.

[Exec]

Why do you believe the DWP and not eveyone else?