Hello:
I have a Galaxy Note 10+ on Android 12. I recently woke up to find an extra checking account added to my name at Navy Federal Credit Union. Money was transferred into then back out of that account, amongst other things that they did. Long story short, NFCU denied my fraud claim. Their security team told me the reason for the denial was that a "device of historical record was used" to open the account and process the transactions. Which is impossible, as my husband of twenty years was in the ICU when this was happening and I was with him, and phones are prohibited in an ICU. Also, the month before, I had started getting notifications on my phone that Amazon was charging my Capital One cards for purchases I did not make. I contacted Amazon, they had me change my password, got refunded, and the intrusions stopped. Interestingly, there were two names and addresses added to my Amazon account, I am guessing those were the names and addresses from the fraudulent purchases. Anyway, i am working now on an appeal to NFCU to get my money back after they debited my checking account for their loss after I called to report the fraudulent account. Is there any way possible that someone would be able to use a different device that appears via the network to be my device? I was told that they could tell because of "unique identifying codes" so i am assuming either the IMEI or MAC address.
I did have three things happen, any of which could have potentially granted access. One, I tried to root my phone using an app purporting to be Kingoroot, but the root was unsuccessful. Two, I did one time download and try to install an app via APK Downloader app store. It didn't work and I uninstalled it and have not tried again, nor wlll I ever try again. Both of those things happened in the summer of 2022. The last was actually from my Windows laptop - an Asus ZenBook - also in the late summer of 2022. I have been getting fake emails from Navy Federal for a long time, and usually you can tell right away it is fake because there will be something that doesn't look quite right or something misspelled, etc. I received an email one day however that looked perfect and legitimate, saying I had a message from NFCU, and I was actually at the time expecting a message in reply from NFCU so I didn't think and clicked on the link and attempted to log in. Right after I hit submit, I noticed the URL was resolving to nfcu.org (or maybe nfcu.com) and not to navyfederal.org like it should be, so I immediately closed the tab before it did whatever it was going to do.
NFCU argues that because of 2FA and the transactions being from a device of historical record that it was me that did the transactions, even though I am wholly innocent and had no idea this was happening until after the fact. They at first said that I must have been the victim of my email being hacked, so I changed that password, but not before I suddenly started getting literally hundreds of spam emails to that account, all from vendors thanking me for signing up to their marketing email distribution list. I am assuming the device NFCU is talking about was my Note 10+, but they will not tell me "without a subpoena" which device was used. I had also traded in a smartphone to Samsung in the past year, had sold a smartphone to a guy overseas via eBay, and had sent in the laptop I had for an insurance claim, which they kept and issued me a check instead, with which I oourchased the ZenBook I now have refurbished off eBay. So there are other possibilities, but even with those, it would have required somehow being able to resurrect my identity on those devices as they were wiped before sale/sending them off. My current laptop got a clean install of Windows immediately when I got it so I doubt that is the source. I also do nt install pirated software on it or use torrents, etc. If anyone has any information on what could be possible in this case, I would greatly appreciate anything you can tell me. My husband passed away in the middle of all this, so having funeral expenses on top of loss of income has been very, very difficult financially, and losing one's spouse of twenty years is devastating mentally, so I really truly need to recover these funds and put this issue to rest. To do that I must figure out how someone could do transactions on a device that appears to be my device but it isn't mine. How is this possible?
Thank you for your time and assistance, I am very grateful for any information you may have that could help me with my appeal.
I have a Galaxy Note 10+ on Android 12. I recently woke up to find an extra checking account added to my name at Navy Federal Credit Union. Money was transferred into then back out of that account, amongst other things that they did. Long story short, NFCU denied my fraud claim. Their security team told me the reason for the denial was that a "device of historical record was used" to open the account and process the transactions. Which is impossible, as my husband of twenty years was in the ICU when this was happening and I was with him, and phones are prohibited in an ICU. Also, the month before, I had started getting notifications on my phone that Amazon was charging my Capital One cards for purchases I did not make. I contacted Amazon, they had me change my password, got refunded, and the intrusions stopped. Interestingly, there were two names and addresses added to my Amazon account, I am guessing those were the names and addresses from the fraudulent purchases. Anyway, i am working now on an appeal to NFCU to get my money back after they debited my checking account for their loss after I called to report the fraudulent account. Is there any way possible that someone would be able to use a different device that appears via the network to be my device? I was told that they could tell because of "unique identifying codes" so i am assuming either the IMEI or MAC address.
I did have three things happen, any of which could have potentially granted access. One, I tried to root my phone using an app purporting to be Kingoroot, but the root was unsuccessful. Two, I did one time download and try to install an app via APK Downloader app store. It didn't work and I uninstalled it and have not tried again, nor wlll I ever try again. Both of those things happened in the summer of 2022. The last was actually from my Windows laptop - an Asus ZenBook - also in the late summer of 2022. I have been getting fake emails from Navy Federal for a long time, and usually you can tell right away it is fake because there will be something that doesn't look quite right or something misspelled, etc. I received an email one day however that looked perfect and legitimate, saying I had a message from NFCU, and I was actually at the time expecting a message in reply from NFCU so I didn't think and clicked on the link and attempted to log in. Right after I hit submit, I noticed the URL was resolving to nfcu.org (or maybe nfcu.com) and not to navyfederal.org like it should be, so I immediately closed the tab before it did whatever it was going to do.
NFCU argues that because of 2FA and the transactions being from a device of historical record that it was me that did the transactions, even though I am wholly innocent and had no idea this was happening until after the fact. They at first said that I must have been the victim of my email being hacked, so I changed that password, but not before I suddenly started getting literally hundreds of spam emails to that account, all from vendors thanking me for signing up to their marketing email distribution list. I am assuming the device NFCU is talking about was my Note 10+, but they will not tell me "without a subpoena" which device was used. I had also traded in a smartphone to Samsung in the past year, had sold a smartphone to a guy overseas via eBay, and had sent in the laptop I had for an insurance claim, which they kept and issued me a check instead, with which I oourchased the ZenBook I now have refurbished off eBay. So there are other possibilities, but even with those, it would have required somehow being able to resurrect my identity on those devices as they were wiped before sale/sending them off. My current laptop got a clean install of Windows immediately when I got it so I doubt that is the source. I also do nt install pirated software on it or use torrents, etc. If anyone has any information on what could be possible in this case, I would greatly appreciate anything you can tell me. My husband passed away in the middle of all this, so having funeral expenses on top of loss of income has been very, very difficult financially, and losing one's spouse of twenty years is devastating mentally, so I really truly need to recover these funds and put this issue to rest. To do that I must figure out how someone could do transactions on a device that appears to be my device but it isn't mine. How is this possible?
Thank you for your time and assistance, I am very grateful for any information you may have that could help me with my appeal.
