How to recover your money if your bank account is hacked or your card details are stolen
In this blog I will be focusing on the ways to strengthen the possibility of recovering your money in situations where your bank account is hacked or your credit card or debit card details have been stolen and misused. I will not be talking about how to prevent a bank account from getting hacked because we have discussed it at length in various posts. First of all let me tell you that the bitter truth is that most of the victims do not get their money back. But there is prevention and there are ways for a cure. So instead of crying over the spilled milk one needs to find ways to recover or salvage. After going through several case studies I thought of putting these steps together so that a victim knows what should be his/her immediate action when someone steals money from the bank account. In this post I will be referring to only those financial frauds that are done online. I will not be talking about frauds resulting because of physical loss of credit/debit card or ATM cash withdrawals.
If a bank account is hacked and the hacker/cybercriminal starts making online purchases using the stolen card information, bank account user name, password and/or PIN most of the victims expect the banks to repay. The banks however, refuse to help the victim on the grounds that the transaction was done with the actual card and the exact password and PIN was entered. So no matter how hard you try to convince them, it just amounts to a lot of frustration. One should understand the basics here, the bank is right at its place when it is refusing to pay. Since the money is already gone from the account to the merchant as legitimate credentials were given, if the bank agrees to refund it will have to bear the losses. Bank will always try to put the blame for card fraud on you. Usually they will redirect the victim to go to police for further help.
From my opinion police will also not be able to help you much in this case as often such financial frauds happen far away in a different country. It is quite difficult to track down the person or group that has scammed you without the help of law authorities in several different countries that transaction might have routed through. In most of the case studies of such financial fraud that I have seen, the victim often wastes lot of time in going to bank and police back and forth.
When your bank account gets hacked and money gets transferred online one should follow the steps given below to avoid further losses:
- Contact your bank and first block your bank credit/debit card.
- If the bank account is hacked immediately after you have done some online transaction from some PC, then first scan and clean your PC with latest anti-virus scanner. This is to get rid of any rootkit or key logger that may have been installed on the PC and which would have compromised your login details and sent it to the hacker.
- Reset your login password, pin, security questions answers.
- Verify your contact details like address, phone number are not changed by the hacker.
- Report the scam to right authority in the bank.
- Report a fraud to local police station.
What to do to recover lost money from hacked account:
In case of online transactions we have a fair chance of recovering/blocking the transaction if we act within 24 hours from the date and time of the fraudulent transaction. Most of the victims miss out on these important steps and hence are unable to recover any of the money they have lost. When a hacker/cybercriminal hacks the bank account and has access to user’s login name, password and PIN they start making online purchase and money transfers immediately. They try to get the maximum amount out before user blocks the credit/debit card or changes the bank login details. So what one should do along with the above given steps is to observe the fraudulent transaction details carefully. For every transaction the bank provides very limited but important information of the date, time and the merchant id/string on which the transaction was performed. For example in one of the cases that I studied and was able to successfully recover the money for the victim, the fraudulent transaction reported by his bank was as follows:
SC3245244 22/08/2013 VIN/GYMBOREE.CO/2433423432323233/o DR 3894.64
The SC3.. indicates the transaction ID followed by transaction date, then the Merchant ID clubbed with some unique string for transaction. This is followed by type of transaction DR indicating as debit and the amount. The key is to reach out to the fraud handling department/authority of the Merchant in 24 hours giving details of transaction that was fraudulent. No merchant would like to do business with a stolen card. They will readily block the transaction and revert the amount. This will ensure that you get the money back in your account. However, this is possible only if the merchant has not delivered the goods or process the transaction completely. This usually takes more than 24 hours. In the case mentioned above, when I searched the Internet for Gymboree I was able to locate the merchant website. I asked the victim to contact the merchant. When the victim contacted the merchant through their website and gave details of the transaction it was confirmed by them that the transaction had taken place. The victim then convinced them that the transaction was fraudulent. They asked for the card details and when they were convinced they promptly blocked the transaction and reverted the amount which reflected in victim’s bank account in a couple of days.
Every victim may not be lucky as in this case but one can always try to reach out to the merchant through whatever possible way and give them the real picture. The chances of you getting your money back then become stronger. In some cases like money transfer to individual through PayPal or some other benefits it is bit difficult to get back the money. But if the cybercriminal does online purchase of some items/services then there are high changes of blocking the transaction and getting the money back.
To recover money lost in 419 scams
In case of scams like 419, where the victim himself transfers the money to the cybercriminal, the money can be recovered if he/she acts fast. For example if you transfer money to the scammer by say Western Union or MoneyGram and you realize that it was scam in less than 24 hours you have very good chance to get your money back. You just have to reach out to the right person from help desk of the money transferring merchant and in this case Western Union or MoneyGram.
Your feedback
If you ever have faced such situation and have something to share, please do share your experience. This will add to the knowledge of all our readers and make them alert.
(For security news, tips, suggestions, ideas you can follow Sanjay on Twitter @sanjaykatkar)
Thank you sir for this info, really this info is very help full.
Regards
Hrushi Sonar.
Really helpful..thank u sir..:)
thankyou sir for this info, Really this is very helpful;
with Regard
Sumanto
really really helpful . thank you so much.Now am am a bit aware and know how to handle these situation
this information will be read by hacker and he/she will stop shopping online and usually they do not buy online they withdraw the cash from ATM.because they know these things..as they are hacker,they are more intelligent than us.and sorry to say sir but this trick does not work in INDIA,because of corruption.In India,merchant does not help,instead police first ask for their commission.And steps you have noted above,we usually follow all those steps.but banks rule are like they can not block Card within 24 hours.they says it will require 48 hours to block the card.and secondly we can not reach them… Read more »
Dear Ajay, I can understand your reaction. The truth is we were able to recover money in two of such cases. In case of identity theft there are two types of frauds One which the hacker/cyber criminal will try to use the stolen information for cash withdrawal and the other where the hacker just has intercepted your card details while doing online transaction (through compromised website or a infected computer). In the other case the hacker is somewhere else and most probably can be in some other country. They try to use the card for online transactions through some online… Read more »
Dear sir, can I get a chance to recive money who deducted in my sbi acount before one year.
Very usefull
THanks
Thanks sir.
This information will be helpful.
My orkut account have been hacked and disable by Google. Can i recover again.?
You should contact orkut helpdesk to recover your account.
Very Good information. I think this should surely help the victims in future. One of my friend recently had such experience of money hacking from his bank account, but he could not do anything other than informing bank and reporting to police. But the Police officials here were very much adamant to launch and FIR. This is a long story, and till today as it has been 3 months but he has not got his money back.
Anyways, thank you very much for the information.
Thanks a lot for such kind of useful information.Pl keep it on for the sake of God n Goodness of mankind.
once again
with thanks
rsbhagor
Thanks a lot for such kind of useful information.Pl keep it on for the sake of God n Goodness of mankind.
once again
with thanks
rsbhagor
It is very good thing you have published for the people,Personally I will obey your valuable advice.
Warm regards
DLB
Last year I have purchased a cake for my wife (who was in USA that time) from mumbai. I did the online transaction through credit card. The transaction was successful. But during transaction they have not asked for otp or any password. After 2 days, I had received a msg on my mobile regarding transaction of 200 $ through my credit card for a vendor (supplying valves) located in third country. I have contacted the credit card company and asked to immediately block the card. I have explained them about hacking my card. They told me that if the valve… Read more »
Thanks for this valueable information.
I faced a similar incident last year. My credit card was fraudulently used for an online purchase worth 380 Euros (Rs 27000). I reported the matter to the bank immediately and the transaction was blocked. As the used currency was different and also due to full support from my bank i was able to recover the full amount
regards
Aju Chacko
My friend was having two Debit cards and he used only ICICI card when to withdraw money from ATM. He was having SBI card also and un-lucky part was both cards were having same pin.
Within a span of few seconds his SBI saving a/c was debited nine times and he lost Rs.90000/- where SBI is not willing to give CCTV footage and they are showing only some part of footage to him.
Can this be term as fraud? If so how to tackle? Police are not taking complaint SBI telling you took the money.
ATM used was SBI ATM only all the time as it was near to his house.
dear friend,
what u said is a not correct.as per SBI rule a card holder can withdraw money from his account through atm is only up to Rs 40000 per Day(24 hour).No SBI account holder can with draw more than this amount in a day at any cost.
It happned with me during November, 2011. I got calls 2-3 times, asking details and told me, “we are just checking your details”, as they informed my details, available with them. I suspected, while they were asking about some confidentials details, which bank never ask, so I refused, but they threatned me to block my account, I didnt give any details. After 2 days i got an SMS about some failed transaction attempts, I called customer care, they told me it was done by them, just to check my security features, next day again I got failed transaction SMS. But… Read more »
Very nice information………..thanks to quickheal and double thanks to you.
Yes…it happend for me too but in another way, after a long way of not using of my cart(almost 6 month)i discerned the my cart number is invalid & some one with another carte had to empty my account!!!!!!!!!!!!!!I’m not yet understand how the person was able to get my bank a new card with new number…The bank has denied all of these events too!!!!!!!!!?I really do not know what should I do…If every one can help please contact with jalilian515@gmail.com farewell
Sorry to know about your loss. As mentioned in the blog if the fraudulent transaction is taken place online and has taken place recently (less than 24 hours) the transactions can be reverted by contacting the merchant to whom the payment was done. In other cases you will have to take help of local police.
Dear All, It was also happened with one of my friend in Chandigarh. He was in New Delhi for his official meeting. suddenly he received a message from his bank that he has made transaction of Rs. 20000/- on his credit card. after few minutes he received one more message from the bank that again one more transaction has made. He immediately called his bank and blocked the card. Then he came to Chandigarh and visited his bank. He has to do lots of formalities to prove that he has not made these transactions and he cant pay amount of… Read more »
Hello Sushant,
Thank you for sharing your experience, and advice with our readers.
Regards,
Thank you so much Mr. Sushant for this information and you r advice.
Regards,
Hrushi Sonar
Sir,
Your information & suggestion is very useful for general people also me.
1. I hold a cr cd issued by HDFC bank.The bank always send an SMS on transactions being done . There is a debit of apprx 100US$ for an alleged transaction but no SMS was sent to me . Now the bank promised to make an enquiry and after sometime claimed that the transaction has been genuinely done . The bank claims that it has some proof. How to challenge the incorrect debit and how to prove the wrong debit ? 2. On an earlier occasion also – a cash withdrawal by HDFC cr card of Rs.10000 from ATM of… Read more »
To answer your queries one need to have a look at the transaction details as shown in your bank statement. For your query on how to prove is that this has to be banks duty to prove that the transaction is done by you when you are rejecting it. You need to file police complaint against bank claiming that you have not done the transaction. But for all this time factor is very important.
Date Merchant Name Transaction Amt (In INR) Transaction Amt Status 7/30/2013 4:43:19 AM MBI-Probiller.com/HD 123.51 2.00 (In USD) APPROVED 7/30/2013 4:44:18 AM PAYPAL *57SUPERETTE 23517.14 23517.14 APPROVED 7/30/2013 4:45:15 AM MBI-Probiller.com/HD 369.91 5.99 (In USD) APPROVED 7/30/2013 4:54:25 AM SPRINT USAGE 871.97 14.12 (In USD) APPROVED 7/30/2013 4:55:29 AM LA TOURAINE 120.42 1.95 (In USD) APPROVED 7/30/2013 4:57:43 AM PAYZA.COM 93.87 1.52 (In USD) APPROVED 7/30/2013 5:00:04 AM Eastbrook Apartments 33.35 0.54 (In USD) APPROVED All these transactions were made online. On enquiry I found that they were made outside India and without password authentication, which I was informed is… Read more »
To answer your query of how do these fraudulent transactions happen is already given in the blog. In your case it seems that your card details had been stolen online (may be when you had been doing some on-line transactions). This can happen through various means like phishing (visiting fake website) or if your system is infected by malware that captures your card details while you do the transaction online. Your above bank statement shows that all these fraudulent transactions were taken place in the month of July. Had you contacted the respective merchants at that time you would have… Read more »
Thank you very much for this valuable information sir.
Thank you for this important information, pls keep it up!
quick heal sandbox saves browser data…. what does that mean??
Hi Nitish,
When Quick Heal Sandbox Protection is ON, it takes your Internet Browser into an isolated virtual environment. Whatever data a website downloads, is saved in that virtual environment. In this way, even if the data contains malicious elements, they won’t be able to harm your computer.
Regards,
Hello Sir thank you for such a valuable information.
Sir I paid for Aliexpress via debit card and amount got debited from my account but I cancelled the order in the website before payment verification which is to be done by them. As they say the payment verification takes place within 24 hrs. They say now they won’t ask my bank (SBI) for the money and the bank will hold the money. What should I do? How will the balance will return into my account. Thanks in advance
really nice blog it gives good advantages to save the money thanks buddy.
Thanx…… for such a nice and important topic. This was needed for me.
Thanku sir It is really helpful nowadays when millions of accounts are being hacked everyday.
Thank you for the useful information.
However, I am sure that most people will not follow these steps in spite of reading. They are too damn stubborn and lazy to go beyond blocking the credit card or bank account.
Hi friends, I would like to share a incident happened with my brother’s Standard Charted Debit Card, this happened in Mid 2011, he had done a online purchase 1 year back when he was in USA, that was the only online purchase he ever did, all of a sudden one day he started getting a message one after the other of Rs3000, then Rs4000 is deducted, in total around Rs15,000 was deducted, we immediately contacted our bank on phone banking and blocked the card and the account. The transaction took place in some other country which we never heard of!… Read more »
Hello Saurabh,
Thank you for sharing your experience with us. Such information helps educate our readers and make them more cautious against such incidents.
Regards,
This is very useful piece of information, no doubt. However, I request you to give us a instances of hacking in general.
Hello Mr/Ms Kulkarni,
Thank you.
Talking about a general instance of hacking, we can take the following hacking incident that recently occurred:
Reportedly, Vodafone Germany has been compromised by hackers, exposing sensitive and personal information of about two million customers. This information includes names, addresses, date of births, and even bank account numbers. The authrorities concerned have said that, more critical information such as credit care detials, phone numbers, and passwords are safe. It is suspected that an internal server on Vodafone’s network was compromised for this hacking attempt.
Regards,
Thanks for sharing very improtant info.
Thanks Sir helped me a lot.
It is very difficult to get through the current law system to recover our hard earned money. What I could see in Mr Sant Ram’s case is that bank also didnt do much to protect or stop the transactions from taking place which is not right. Also I would like to point out that we should not leave our account dormant or stop using it for any time gap. At times such accounts also get cleaned up and we come to know only when we once upon a time like situation decide to go and check the account status. Also… Read more »
Thnaks sir!
Really this information is helpful for every man. 🙂
think you sir
Resp Sanjay Katkar Sir,
I have one idea for to stop the frauds trasactions,
From above reply almost all trasactions from hacked cards/details done in third country(from other country ).
so Bank need to one provision whenver the transtions doing for other country required strong confermation like one time password or Email_password before completion.
From this idea we can stop the some %of fraud trasactions which are doing from hacker.
Sir ji kripya kar ke Hindi me samjhaiye na hum samajh nahi parahe hai…hame ye jarurat hat
Hi Rajesh,
Kindly follow this link – https://www.quickheal.com/in/en/contact/
From this page, you can get the contact details of our regional offices, and get your issue resolved.
Regards,
what is the product key???
Hello Yatharth,
Product key is basically the License to run Quick Heal products on your computer. For more details, please visit https://www.quickheal.com/in/en/home-users
Regards,
verry good service
Sir, My computer is Infected by a Trojan.nymaim. So what I do…
Hi Shrish,
Kindly contact our support team at 0-927-22-33-000.
You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to resolve the issue you are facing.
Regards,
Hello sir what if the hacker uses my online account to buy things and then leave a track only to me what then? Is that possible?
Hi Andrew,
If you inform your bank or lodge a complaint with the police the moment you realize that your account has been hacked, then you may not be blamed for the situation.
Regards,
Rajib
thank you sir.. for your sharing innovative research on online frauds and also for giving a good prophylaxis{which means preventitve treatment in medical language).and also learnt from you that online transactions are not completetly secured and also mobile banking is also so dangerous because its a latest feature that all banks provide,but mobile banking service is also enough for hackers to gain completete acess. because most gsm phones are strictly vulnertable to hacking if these phones are not strengthen with antiviruses and their respective updates also sms from banks also provides enough confidential informations about the its customer..so one best… Read more »
I do agree that Bank will pass the responsibility on the VICTIM to pay the amount, which is NOT AT ALL FAIR, as HOW COME THE HACKER CAN ACCESS the BANK DOMAINS for CVV passwords, PIN, 3D Secured Passwords, which are directly related to the final security levels of the Bank Domains. Also these passwords were also not visible while feeding the characters as they are quickly converted into “*****” (STARS). That means the Bank Domains are not secured enough, despite these the Banks Claims best Security systems they have, thus BE-FOOLING the Customers. Refer to the cases of recently… Read more »
really very good information. thanks a lot.
You are doing a very good job.
Hi
Pls give me suggestion on through online around 20000 amount is deducted while i logg complaint to Bank he says this transection done by online so we will not help this have been shared by your 3d pin to anybody.
can you suggest on it.
Hello Pramod, We would advise you to follow these steps: 1. If the bank account is hacked immediately after you have done some online transaction from some PC, then first scan and clean your PC with latest anti-virus scanner. This is to get rid of any rootkit or key logger that may have been installed on the PC and which would have compromised your login details and sent it to the hacker. 2. Reset your login password, pin, and security questions & answers. 3. Verify if your contact details such as address and phone number have not been changed by… Read more »
Thanks sir for your reply. I have report to police as well as bank manager but police station told me this is bank work they have to investigate police will not interfere on this matter then i mate with bank manager he told me that CVV and 3D pin not to be scanned either you have shared with some one or u r hacked by your pc.They have given last of reason but they are not ready to take action for further investigation also told me go and complaint to RBI for further issue. pls suggest what necessary steps can… Read more »
Sanjay, Very useful tips. I just lost more than 98000 INR from my bank account. I got multiple SMSes in my mobile within fraction of a second and the money was gone. I immediately called the bank up. But they just blocked my debit card and told my dad to lodge a police complaint. This is so frustrating. The bugger has done 13 transactions to syphone the money and the trend is quite predictable as he has tried out with $1 transactions inbetween. I read in different sites in internet, Federal Govt has streamlined the process so beautifully making Banks… Read more »
Thank you for reaching out to us. I am sorry to learn about your loss. Let me come back to you on this..
I have replied your query and sent you the reply on your email.
What if the hacker cant be tracked making sure that my account is the only possible tracking?
THANX A TON…….CARD HOLDER’s WOULD NOW WON’T HESITATE TO DO ANY TRANSACTION
THANX AGAIN FOR THE SAFETY MEASURES
hi
Sanjay can u pls tell me abut query.
Thank you for vary useful information. What I do not understand is whay RBI is not making it mandatory for all card issuing authorities to issue all credit and debit card with the photograph of the card holder. Further, I have also observed that no merchant outlet varifies the signature on the back side of the card with the signature which a person puts on the invoices and other papers. At present any person can use any one’s credit/debit card very easily. If photo ID cards are issued and if the responsibility of varifying the signature is put on mechant… Read more »