Virgin games/hacking

[interlog]

I had my id stolen a few years ago. Action Fraud was as useful as a chocolat teapot.

Registering with cifas is a must.

 

[Playford7]

I had my id stolen a few years ago. Action Fraud was as useful as a chocolat teapot.

Registering with cifas is a must.

That doesn't fill me with hope!.
And yeah in the process of registering with them now mate.
How did you manage to resolve the issue?. As I seem to be at a loss knowing what to do...

 

[colinsunderland]

Have you got a copy of your credit file yet?
Sign up to clearscore and noddle, completely free, will show any linked addresses, active accounts and credit checks that have been done on you recently.
From there you can contact companies any fraudulent accounts have been opened with.

 

[Playford7]

Have you got a copy of your credit file yet?
Sign up to clearscore and noddle, completely free, will show any linked addresses, active accounts and credit checks that have been done on you recently.
From there you can contact companies any fraudulent accounts have been opened with.

I have mate yes. And on the face of things there's no evidence of anything a miss :-/

 

[colinsunderland]

I have mate yes. And on the face of things there's no evidence of anything a miss :-/

When I get in I'm going to re-read the thread in case I've missed something, but if they have got bank account/cards in your name there MUST be a record on your credit file. There are other explanations though. If you haven't already done it, see if virgin will give you a copy of the KYC documents for each card, which I presume they have if there was a withdrawal requested.

 

[interlog]

That doesn't fill me with hope!.
And yeah in the process of registering with them now mate.
How did you manage to resolve the issue?. As I seem to be at a loss knowing what to do...

My ID got stolen by somebody knicking my post. Only found out when I recieved post from banks I did not have accounts with. They managed somehow to take 5k out if my ISA over the counter at a branch.

Recieved the money back from the bank plus a decent amount of compensation because of their lack of diligence cause they never should have allowed that cash withdrawal.

I filmed the Nigerian wanker knicking some more post and tried to hand it over to the police. They were not interested believe it or not.

I subscibed to Experian and check it regularly. Since I caught that wanker knicking the post nothing since. This was about 3 years ago.

 

[vinylweatherman]

Appreciate the reply. Thanks.
I'll get onto CIFAS shortly.
The police basically said the investigation is in action frauds hands, as its police run I can accept that.
And my account will remain closed.
Everything I've said regarding virgin and the tactics they used is 100% correct, as I've said if I hadn't contacted them personally when I found the fraud how long would this of lasted for?.
They won't take one bit of ownership for the attack on my account, they insist it's because my password was weak.
They say it wasn't strange for multiple deposit attempts from different unregistered cards, even the 4 cards they accepted deposits from and even a neteller attempted withdrawal when I've never owned a ewallet in my life.
As for the funds being allowed to be just gambled away, I just played down to zero as I was instructed to do so, I was told they where not at a financial loss and neither was I at virgin, and they can't be withdrawn as they need to go back to original deposit method which was impossible because the deposits never came from a card or cards I've ever known.
I'll await the action fraud response.
Thanks again for your input.

Not yet, but that money was stolen from somewhere, and if not from you, from someone else or a bank. Eventually, the rightful owner or the bank will want it back, and may take it back via "chargeback".

Of course it's possible for Virgin to return the money to it's source regardless of who owns this source.

The whole thing comes under "money laundering", and it seems Virgin are rather laid back about this whole affair even though this is what made it so relatively easy for some laundering to take place, even if the rest was blocked.

Part of the problem of "lack of action" is that this is driven largely by the banks, who are the ultimate victims of this kind of fraud. Banks tend to downplay the extent of such fraud as it would be bad PR if customers realised just how widespread and easy it is, and so tend to refund victims and not bother the police too much with investigating.

Action Fraud often use reports for "intelligence gathering" about the problem, not necessarily intending to investigate each case.

It seems the hack had nothing to do with "weak passwords", but was a vulnerability in another Virgin business, one which supplies a very large number of UK broadband connections. The supplied routers have a security flaw that allows them to be hacked, and once hacked it's possible to get into email accounts, and here no amount of password security is going to help because the weakness is the "reset password" facility that assumes that the account holder's email inbox is secure.

The security approach as a whole is fundamentally flawed as no human has the capability of remembering dozens of different and very secure passwords, hence people default to passwords that they find they can remember. The fact that so much use is made of the "reset password" feature is a demonstration of this flawed approach based on the ability of human memory.

If anything, having the passwords written down on a piece of paper kept at home is probably more secure that all these online password stores or local password memory software, which can all be hacked.

As for routers, the best approach is to ditch wireless and lay Ethernet about the house. It would then be necessary to drill the wall and plug a cable in to access the network, rather than sit outside trying to connect over the wifi.

 

[Playford7]

My ID got stolen by somebody knicking my post. Only found out when I recieved post from banks I did not have accounts with. They managed somehow to take 5k out if my ISA over the counter at a branch.

Recieved the money back from the bank plus a decent amount of compensation because of their lack of diligence cause they never should have allowed that cash withdrawal.

I filmed the Nigerian wanker knicking some more post and tried to hand it over to the police. They were not interested believe it or not.

I subscibed to Experian and check it regularly. Since I caught that wanker knicking the post nothing since. This was about 3 years ago.

That's aweful. And shameful the police wouldn't deal with this. I feel I'll get no help, in all honesty the folks on here have been more of a help than virgin, the police And action fraud by a mile.
So thanks all, that's appreciated massively.
I've been checking my credit on clearscore regularly as suggested, and virgin have been back in contact to say they will investigate it now, maybe because action fraud and the police have been in contact?..
Thanks for the response.

 

[Playford7]

Not yet, but that money was stolen from somewhere, and if not from you, from someone else or a bank. Eventually, the rightful owner or the bank will want it back, and may take it back via "chargeback".

Of course it's possible for Virgin to return the money to it's source regardless of who owns this source.

The whole thing comes under "money laundering", and it seems Virgin are rather laid back about this whole affair even though this is what made it so relatively easy for some laundering to take place, even if the rest was blocked.

Part of the problem of "lack of action" is that this is driven largely by the banks, who are the ultimate victims of this kind of fraud. Banks tend to downplay the extent of such fraud as it would be bad PR if customers realised just how widespread and easy it is, and so tend to refund victims and not bother the police too much with investigating.

Action Fraud often use reports for "intelligence gathering" about the problem, not necessarily intending to investigate each case.

It seems the hack had nothing to do with "weak passwords", but was a vulnerability in another Virgin business, one which supplies a very large number of UK broadband connections. The supplied routers have a security flaw that allows them to be hacked, and once hacked it's possible to get into email accounts, and here no amount of password security is going to help because the weakness is the "reset password" facility that assumes that the account holder's email inbox is secure.

The security approach as a whole is fundamentally flawed as no human has the capability of remembering dozens of different and very secure passwords, hence people default to passwords that they find they can remember. The fact that so much use is made of the "reset password" feature is a demonstration of this flawed approach based on the ability of human memory.

If anything, having the passwords written down on a piece of paper kept at home is probably more secure that all these online password stores or local password memory software, which can all be hacked.

As for routers, the best approach is to ditch wireless and lay Ethernet about the house. It would then be necessary to drill the wall and plug a cable in to access the network, rather than sit outside trying to connect over the wifi.

Thanks for taking the time to reply. I always value your thoughts and opinions.
I can assure you I have stolen nothing, I contacted the casino and the police and action fraud myself.
My actions on here are a timescale of this.
My router, and provider have zero to do with virgin, the only link I have to them is that casino account.
There password excuse is weak at best, and the help I got was sadly non excistent.
As said to interlog they have been back in touch stating they are now investigating thankfully and the account is remained closed until its concluded.
Which contradicts the personal call I got saying they will re open the account.
The whole thing is laughable.
Sad bit is some poor person lost money somewhere, hopefully either virgin or the police/action fraud will be able to help.
I must say I can't see it from what I have experienced.