How to recover your money if your bank account is hacked or your card details are stolen

  • 11
    Shares

In this blog I will be focusing on the ways to strengthen the possibility of recovering your money in situations where your bank account is hacked or your credit card or debit card details have been stolen and misused. I will not be talking about how to prevent a bank account from getting hacked because we have discussed it at length in various posts. First of all let me tell you that the bitter truth is that most of the victims do not get their money back. But there is prevention and there are ways for a cure. So instead of crying over the spilled milk one needs to find ways to recover or salvage. After going through several case studies I thought of putting these steps together so that a victim knows what should be his/her immediate action when someone steals money from the bank account. In this post I will be referring to only those financial frauds that are done online. I will not be talking about frauds resulting because of physical loss of credit/debit card or ATM cash withdrawals.

If a bank account is hacked and the hacker/cybercriminal starts making online purchases using the stolen card information, bank account user name, password and/or PIN most of the victims expect the banks to repay. The banks however, refuse to help the victim on the grounds that the transaction was done with the actual card and the exact password and PIN was entered. So no matter how hard you try to convince them, it just amounts to a lot of frustration. One should understand the basics here, the bank is right at its place when it is refusing to pay. Since the money is already gone from the account to the merchant as legitimate credentials were given, if the bank agrees to refund it will have to bear the losses. Bank will always try to put the blame for card fraud on you. Usually they will redirect the victim to go to police for further help.

From my opinion police will also not be able to help you much in this case as often such financial frauds happen far away in a different country. It is quite difficult to track down the person or group that has scammed you without the help of law authorities in several different countries that transaction might have routed through. In most of the case studies of such financial fraud that I have seen, the victim often wastes lot of time in going to bank and police back and forth.

When your bank account gets hacked and money gets transferred online one should follow the steps given below to avoid further losses:

  1. Contact your bank and first block your bank credit/debit card.
  2. If the bank account is hacked immediately after you have done some online transaction from some PC, then first scan and clean your PC with latest anti-virus scanner. This is to get rid of any rootkit or key logger that may have been installed on the PC and which would have compromised your login details and sent it to the hacker.
  3. Reset your login password, pin, security questions answers.
  4. Verify your contact details like address, phone number are not changed by the hacker.
  5. Report the scam to right authority in the bank.
  6. Report a fraud to local police station.

What to do to recover lost money from hacked account:
In case of online transactions we have a fair chance of recovering/blocking the transaction if we act within 24 hours from the date and time of the fraudulent transaction. Most of the victims miss out on these important steps and hence are unable to recover any of the money they have lost. When a hacker/cybercriminal hacks the bank account and has access to user’s login name, password and PIN they start making online purchase and money transfers immediately. They try to get the maximum amount out before user blocks the credit/debit card or changes the bank login details. So what one should do along with the above given steps is to observe the fraudulent transaction details carefully. For every transaction the bank provides very limited but important information of the date, time and the merchant id/string on which the transaction was performed. For example in one of the cases that I studied and was able to successfully recover the money for the victim, the fraudulent transaction reported by his bank was as follows:

SC3245244     22/08/2013      VIN/GYMBOREE.CO/2433423432323233/o      DR      3894.64

The SC3.. indicates the transaction ID followed by transaction date, then the Merchant ID clubbed with some unique string for transaction. This is followed by type of transaction DR indicating as debit and the amount. The key is to reach out to the fraud handling department/authority of the Merchant in 24 hours giving details of transaction that was fraudulent. No merchant would like to do business with a stolen card. They will readily block the transaction and revert the amount. This will ensure that you get the money back in your account. However, this is possible only if the merchant has not delivered the goods or process the transaction completely. This usually takes more than 24 hours. In the case mentioned above, when I searched the Internet for Gymboree I was able to locate the merchant website. I asked the victim to contact the merchant. When the victim contacted the merchant through their website and gave details of the transaction it was confirmed by them that the transaction had taken place. The victim then convinced them that the transaction was fraudulent. They asked for the card details and when they were convinced they promptly blocked the transaction and reverted the amount which reflected in victim’s bank account in a couple of days.

Every victim may not be lucky as in this case but one can always try to reach out to the merchant through whatever possible way and give them the real picture. The chances of you getting your money back then become stronger. In some cases like money transfer to individual through PayPal or some other benefits it is bit difficult to get back the money. But if the cybercriminal does online purchase of some items/services then there are high changes of blocking the transaction and getting the money back.

To recover money lost in 419 scams
In case of scams like 419, where the victim himself transfers the money to the cybercriminal, the money can be recovered if he/she acts fast. For example if you transfer money to the scammer by say Western Union or MoneyGram and you realize that it was scam in less than 24 hours you have very good chance to get your money back. You just have to reach out to the right person from help desk of the money transferring merchant and in this case Western Union or MoneyGram.

Your feedback
If you ever have faced such situation and have something to share, please do share your experience. This will add to the knowledge of all our readers and make them alert.

(For security news, tips, suggestions, ideas you can follow Sanjay on Twitter @sanjaykatkar)


Subscribe
Notify of
guest
541 Comments
Inline Feedbacks
View all comments
Hrushi Sonar
Hrushi Sonar
7 years ago

Thank you sir for this info, really this info is very help full.

Regards
Hrushi Sonar.

MEHUL M JIKAR
MEHUL M JIKAR
7 years ago
Reply to  Hrushi Sonar

Really helpful..thank u sir..:)

sumanto
sumanto
7 years ago

thankyou sir for this info, Really this is very helpful;

with Regard
Sumanto

Aditya
Aditya
7 years ago

really really helpful . thank you so much.Now am am a bit aware and know how to handle these situation

ajay
ajay
7 years ago

this information will be read by hacker and he/she will stop shopping online and usually they do not buy online they withdraw the cash from ATM.because they know these things..as they are hacker,they are more intelligent than us.and sorry to say sir but this trick does not work in INDIA,because of corruption.In India,merchant does not help,instead police first ask for their commission.And steps you have noted above,we usually follow all those steps.but banks rule are like they can not block Card within 24 hours.they says it will require 48 hours to block the card.and secondly we can not reach them… Read more »

abhishek singh
abhishek singh
4 years ago
Reply to  Sanjay Katkar

Dear sir, can I get a chance to recive money who deducted in my sbi acount before one year.

Naman Jain
Naman Jain
7 years ago

Very usefull
THanks

Manash Saikia
Manash Saikia
7 years ago

Thanks sir.

This information will be helpful.

My orkut account have been hacked and disable by Google. Can i recover again.?

Nilay Vajani
Nilay Vajani
7 years ago

Very Good information. I think this should surely help the victims in future. One of my friend recently had such experience of money hacking from his bank account, but he could not do anything other than informing bank and reporting to police. But the Police officials here were very much adamant to launch and FIR. This is a long story, and till today as it has been 3 months but he has not got his money back.
Anyways, thank you very much for the information.

Rajendra Singh
Rajendra Singh
7 years ago

Thanks a lot for such kind of useful information.Pl keep it on for the sake of God n Goodness of mankind.

once again
with thanks
rsbhagor

Rajendra Singh
Rajendra Singh
7 years ago

Thanks a lot for such kind of useful information.Pl keep it on for the sake of God n Goodness of mankind.
once again
with thanks
rsbhagor

Dake Liyakatali
Dake Liyakatali
7 years ago

It is very good thing you have published for the people,Personally I will obey your valuable advice.

Warm regards

DLB

MMG
MMG
7 years ago

Last year I have purchased a cake for my wife (who was in USA that time) from mumbai. I did the online transaction through credit card. The transaction was successful. But during transaction they have not asked for otp or any password. After 2 days, I had received a msg on my mobile regarding transaction of 200 $ through my credit card for a vendor (supplying valves) located in third country. I have contacted the credit card company and asked to immediately block the card. I have explained them about hacking my card. They told me that if the valve… Read more »

Malhar
Malhar
7 years ago

Thanks for this valueable information.

Aju Chacko
Aju Chacko
7 years ago

I faced a similar incident last year. My credit card was fraudulently used for an online purchase worth 380 Euros (Rs 27000). I reported the matter to the bank immediately and the transaction was blocked. As the used currency was different and also due to full support from my bank i was able to recover the full amount

regards
Aju Chacko

Sharad Phadke
Sharad Phadke
7 years ago

My friend was having two Debit cards and he used only ICICI card when to withdraw money from ATM. He was having SBI card also and un-lucky part was both cards were having same pin.

Within a span of few seconds his SBI saving a/c was debited nine times and he lost Rs.90000/- where SBI is not willing to give CCTV footage and they are showing only some part of footage to him.

Can this be term as fraud? If so how to tackle? Police are not taking complaint SBI telling you took the money.

Sharad Phadke
Sharad Phadke
7 years ago
Reply to  Sharad Phadke

ATM used was SBI ATM only all the time as it was near to his house.

raj
raj
7 years ago
Reply to  Sharad Phadke

dear friend,
what u said is a not correct.as per SBI rule a card holder can withdraw money from his account through atm is only up to Rs 40000 per Day(24 hour).No SBI account holder can with draw more than this amount in a day at any cost.

SANT RAM
SANT RAM
7 years ago

It happned with me during November, 2011. I got calls 2-3 times, asking details and told me, “we are just checking your details”, as they informed my details, available with them. I suspected, while they were asking about some confidentials details, which bank never ask, so I refused, but they threatned me to block my account, I didnt give any details. After 2 days i got an SMS about some failed transaction attempts, I called customer care, they told me it was done by them, just to check my security features, next day again I got failed transaction SMS. But… Read more »

vikas
vikas
7 years ago

Very nice information………..thanks to quickheal and double thanks to you.

mohammad jalilian
mohammad jalilian
7 years ago

Yes…it happend for me too but in another way, after a long way of not using of my cart(almost 6 month)i discerned the my cart number is invalid & some one with another carte had to empty my account!!!!!!!!!!!!!!I’m not yet understand how the person was able to get my bank a new card with new number…The bank has denied all of these events too!!!!!!!!!?I really do not know what should I do…If every one can help please contact with jalilian515@gmail.com farewell

Sushant Pawar
Sushant Pawar
7 years ago

Dear All, It was also happened with one of my friend in Chandigarh. He was in New Delhi for his official meeting. suddenly he received a message from his bank that he has made transaction of Rs. 20000/- on his credit card. after few minutes he received one more message from the bank that again one more transaction has made. He immediately called his bank and blocked the card. Then he came to Chandigarh and visited his bank. He has to do lots of formalities to prove that he has not made these transactions and he cant pay amount of… Read more »

Rajiv Singha
7 years ago
Reply to  Sushant Pawar

Hello Sushant,

Thank you for sharing your experience, and advice with our readers.

Regards,

Hrushi Sonar
Hrushi Sonar
7 years ago
Reply to  Sushant Pawar

Thank you so much Mr. Sushant for this information and you r advice.

Regards,
Hrushi Sonar

Subhransu
Subhransu
7 years ago

Sir,
Your information & suggestion is very useful for general people also me.

b c jain
b c jain
7 years ago

1. I hold a cr cd issued by HDFC bank.The bank always send an SMS on transactions being done . There is a debit of apprx 100US$ for an alleged transaction but no SMS was sent to me . Now the bank promised to make an enquiry and after sometime claimed that the transaction has been genuinely done . The bank claims that it has some proof. How to challenge the incorrect debit and how to prove the wrong debit ? 2. On an earlier occasion also – a cash withdrawal by HDFC cr card of Rs.10000 from ATM of… Read more »

Sampa Pal
Sampa Pal
7 years ago

Date Merchant Name Transaction Amt (In INR) Transaction Amt Status 7/30/2013 4:43:19 AM MBI-Probiller.com/HD 123.51 2.00 (In USD) APPROVED 7/30/2013 4:44:18 AM PAYPAL *57SUPERETTE 23517.14 23517.14 APPROVED 7/30/2013 4:45:15 AM MBI-Probiller.com/HD 369.91 5.99 (In USD) APPROVED 7/30/2013 4:54:25 AM SPRINT USAGE 871.97 14.12 (In USD) APPROVED 7/30/2013 4:55:29 AM LA TOURAINE 120.42 1.95 (In USD) APPROVED 7/30/2013 4:57:43 AM PAYZA.COM 93.87 1.52 (In USD) APPROVED 7/30/2013 5:00:04 AM Eastbrook Apartments 33.35 0.54 (In USD) APPROVED All these transactions were made online. On enquiry I found that they were made outside India and without password authentication, which I was informed is… Read more »

D Anand Kumar
D Anand Kumar
7 years ago

Thank you very much for this valuable information sir.

shashikant sonar
shashikant sonar
7 years ago

Thank you for this important information, pls keep it up!

nithish thomas
nithish thomas
7 years ago

quick heal sandbox saves browser data…. what does that mean??

Rajiv Singha
7 years ago
Reply to  nithish thomas

Hi Nitish,

When Quick Heal Sandbox Protection is ON, it takes your Internet Browser into an isolated virtual environment. Whatever data a website downloads, is saved in that virtual environment. In this way, even if the data contains malicious elements, they won’t be able to harm your computer.

Regards,

Mohammed Yusuf
Mohammed Yusuf
3 years ago
Reply to  Rajib Singha

Hello Sir thank you for such a valuable information.
Sir I paid for Aliexpress via debit card and amount got debited from my account but I cancelled the order in the website before payment verification which is to be done by them. As they say the payment verification takes place within 24 hrs. They say now they won’t ask my bank (SBI) for the money and the bank will hold the money. What should I do? How will the balance will return into my account. Thanks in advance

vickrant
vickrant
7 years ago

really nice blog it gives good advantages to save the money thanks buddy.

Suvojit Sinha
Suvojit Sinha
7 years ago

Thanx…… for such a nice and important topic. This was needed for me.

Rohit Singh
Rohit Singh
7 years ago

Thanku sir It is really helpful nowadays when millions of accounts are being hacked everyday.

Siddhesh Mude
Siddhesh Mude
7 years ago

Thank you for the useful information.

However, I am sure that most people will not follow these steps in spite of reading. They are too damn stubborn and lazy to go beyond blocking the credit card or bank account.

Saurabh Pandey
Saurabh Pandey
7 years ago

Hi friends, I would like to share a incident happened with my brother’s Standard Charted Debit Card, this happened in Mid 2011, he had done a online purchase 1 year back when he was in USA, that was the only online purchase he ever did, all of a sudden one day he started getting a message one after the other of Rs3000, then Rs4000 is deducted, in total around Rs15,000 was deducted, we immediately contacted our bank on phone banking and blocked the card and the account. The transaction took place in some other country which we never heard of!… Read more »

Rajiv Singha
7 years ago
Reply to  Saurabh Pandey

Hello Saurabh,

Thank you for sharing your experience with us. Such information helps educate our readers and make them more cautious against such incidents.

Regards,

K. H. Kulkarni
K. H. Kulkarni
7 years ago

This is very useful piece of information, no doubt. However, I request you to give us a instances of hacking in general.

Rajiv Singha
7 years ago
Reply to  K. H. Kulkarni

Hello Mr/Ms Kulkarni,

Thank you.
Talking about a general instance of hacking, we can take the following hacking incident that recently occurred:

Reportedly, Vodafone Germany has been compromised by hackers, exposing sensitive and personal information of about two million customers. This information includes names, addresses, date of births, and even bank account numbers. The authrorities concerned have said that, more critical information such as credit care detials, phone numbers, and passwords are safe. It is suspected that an internal server on Vodafone’s network was compromised for this hacking attempt.

Regards,

Navin Jha
Navin Jha
7 years ago

Thanks for sharing very improtant info.

Subhasish Mazumder
Subhasish Mazumder
7 years ago

Thanks Sir helped me a lot.

Kashyap
Kashyap
7 years ago

It is very difficult to get through the current law system to recover our hard earned money. What I could see in Mr Sant Ram’s case is that bank also didnt do much to protect or stop the transactions from taking place which is not right. Also I would like to point out that we should not leave our account dormant or stop using it for any time gap. At times such accounts also get cleaned up and we come to know only when we once upon a time like situation decide to go and check the account status. Also… Read more »

sandeep kumar
sandeep kumar
7 years ago

Thnaks sir!

Subhasis Dey
Subhasis Dey
7 years ago

Really this information is helpful for every man. 🙂

amit
amit
7 years ago

think you sir

SachinB
SachinB
7 years ago

Resp Sanjay Katkar Sir,

I have one idea for to stop the frauds trasactions,
From above reply almost all trasactions from hacked cards/details done in third country(from other country ).
so Bank need to one provision whenver the transtions doing for other country required strong confermation like one time password or Email_password before completion.
From this idea we can stop the some %of fraud trasactions which are doing from hacker.

Rajesh yadav
Rajesh yadav
7 years ago

Sir ji kripya kar ke Hindi me samjhaiye na hum samajh nahi parahe hai…hame ye jarurat hat

Rajiv Singha
7 years ago
Reply to  Rajesh yadav

Hi Rajesh,

Kindly follow this link – https://www.quickheal.com/in/en/contact/

From this page, you can get the contact details of our regional offices, and get your issue resolved.

Regards,

yatharth grover
yatharth grover
7 years ago

what is the product key???

Rajiv Singha
7 years ago

Hello Yatharth,

Product key is basically the License to run Quick Heal products on your computer. For more details, please visit https://www.quickheal.com/in/en/home-users

Regards,

amit singh
amit singh
7 years ago

verry good service

Shrish Shrivastava
Shrish Shrivastava
7 years ago

Sir, My computer is Infected by a Trojan.nymaim. So what I do…

Rajiv Singha
7 years ago

Hi Shrish,

Kindly contact our support team at 0-927-22-33-000.
You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to resolve the issue you are facing.

Regards,

andrew
andrew
6 years ago

Hello sir what if the hacker uses my online account to buy things and then leave a track only to me what then? Is that possible?

Rajiv Singha
6 years ago
Reply to  andrew

Hi Andrew,

If you inform your bank or lodge a complaint with the police the moment you realize that your account has been hacked, then you may not be blamed for the situation.

Regards,
Rajib

kushal gulabrao waghmare
kushal gulabrao waghmare
7 years ago

thank you sir.. for your sharing innovative research on online frauds and also for giving a good prophylaxis{which means preventitve treatment in medical language).and also learnt from you that online transactions are not completetly secured and also mobile banking is also so dangerous because its a latest feature that all banks provide,but mobile banking service is also enough for hackers to gain completete acess. because most gsm phones are strictly vulnertable to hacking if these phones are not strengthen with antiviruses and their respective updates also sms from banks also provides enough confidential informations about the its customer..so one best… Read more »

PRADIP
PRADIP
7 years ago

I do agree that Bank will pass the responsibility on the VICTIM to pay the amount, which is NOT AT ALL FAIR, as HOW COME THE HACKER CAN ACCESS the BANK DOMAINS for CVV passwords, PIN, 3D Secured Passwords, which are directly related to the final security levels of the Bank Domains. Also these passwords were also not visible while feeding the characters as they are quickly converted into “*****” (STARS). That means the Bank Domains are not secured enough, despite these the Banks Claims best Security systems they have, thus BE-FOOLING the Customers. Refer to the cases of recently… Read more »

Davda Nitesh
Davda Nitesh
6 years ago

really very good information. thanks a lot.
You are doing a very good job.

pramod
pramod
6 years ago

Hi

Pls give me suggestion on through online around 20000 amount is deducted while i logg complaint to Bank he says this transection done by online so we will not help this have been shared by your 3d pin to anybody.
can you suggest on it.

Rajiv Singha
6 years ago
Reply to  pramod

Hello Pramod, We would advise you to follow these steps: 1. If the bank account is hacked immediately after you have done some online transaction from some PC, then first scan and clean your PC with latest anti-virus scanner. This is to get rid of any rootkit or key logger that may have been installed on the PC and which would have compromised your login details and sent it to the hacker. 2. Reset your login password, pin, and security questions & answers. 3. Verify if your contact details such as address and phone number have not been changed by… Read more »

pramod
pramod
6 years ago

Thanks sir for your reply. I have report to police as well as bank manager but police station told me this is bank work they have to investigate police will not interfere on this matter then i mate with bank manager he told me that CVV and 3D pin not to be scanned either you have shared with some one or u r hacked by your pc.They have given last of reason but they are not ready to take action for further investigation also told me go and complaint to RBI for further issue. pls suggest what necessary steps can… Read more »

Nil
Nil
6 years ago

Sanjay, Very useful tips. I just lost more than 98000 INR from my bank account. I got multiple SMSes in my mobile within fraction of a second and the money was gone. I immediately called the bank up. But they just blocked my debit card and told my dad to lodge a police complaint. This is so frustrating. The bugger has done 13 transactions to syphone the money and the trend is quite predictable as he has tried out with $1 transactions inbetween. I read in different sites in internet, Federal Govt has streamlined the process so beautifully making Banks… Read more »

andrew
andrew
6 years ago
Reply to  Sanjay Katkar

What if the hacker cant be tracked making sure that my account is the only possible tracking?

VINIT SINGH
VINIT SINGH
6 years ago

THANX A TON…….CARD HOLDER’s WOULD NOW WON’T HESITATE TO DO ANY TRANSACTION
THANX AGAIN FOR THE SAFETY MEASURES

pramod
pramod
6 years ago

hi

Sanjay can u pls tell me abut query.

Rajesh Shah
Rajesh Shah
6 years ago

Thank you for vary useful information. What I do not understand is whay RBI is not making it mandatory for all card issuing authorities to issue all credit and debit card with the photograph of the card holder. Further, I have also observed that no merchant outlet varifies the signature on the back side of the card with the signature which a person puts on the invoices and other papers. At present any person can use any one’s credit/debit card very easily. If photo ID cards are issued and if the responsibility of varifying the signature is put on mechant… Read more »

541
0
Would love your thoughts, please comment.x
()
x