Jump to content
All visa questions and fresh Immigration updates here ×

Can someone loot my online BOA bank account if they have my SS# and bank acct number?

BananaBandit
 Share

Recommended Posts

  • Popular Post
4MyEgo Diamond Member

4MyEgo

Posted
  • Popular Post
Posted (edited)
7 minutes ago, BananaBandit said:

Say someone has my social security number and my bank account number, but they do NOT have my login password...

 

Could they loot my online Bank of America account?

I would think not, without the password. 

 

If you are concerned, email your bank and ask the question, hopefully they are one of those banks that do have a message service on your online account, I sent a message to mine the other day as I had a question and they came back to me within 24 hours.

 

Edited by 4MyEgo
  • Like 2
  • Thanks 1
Link to comment
Share on other sites
  • Popular Post
mtls2005 Diamond Member

mtls2005

Posted
  • Popular Post
Posted

Define "loot"?

 

Have you registered for online banking with B of A? DO you use the mobile app? Have you set up notifications?

 

Access uses a username and password, along with optional 2FA. An account number and Social Security number wouldn't help, unless they phoned in and tried to fool a CSR into changing access on your account.

 

Enable two-factor authorization for log-in, both via the web and the mobile app.

 

You can use SMS or a voice call, requires a U.S. number. 

 

You can use a FIDO key.

 

https://www.bankofamerica.com/security-center/online-mobile-banking-privacy/usb-security-key/

 

 

 

 

 

 

 

 

  • Thanks 3
Link to comment
Share on other sites
chilly07 Gold Member

chilly07

Posted
Posted
2 hours ago, animalmagic said:

Always assume that they can and then take immediate steps to prevent it.  

Yes such as freezing your card and setting your payment limits to zero. Can be done on line but you have to remember to reset when you want to make a payment

Link to comment
Share on other sites
Tony125 Gold Member

Tony125

Posted
Posted

Should not be possible, plus you should have listed security questions and answers with your accounts like middle name of father, first dogs name,  city you met your wife ,  ect. If you have not done that do it now.

  • Thanks 1
Link to comment
Share on other sites
Ravi98008 Explorer Member

Ravi98008

Posted
Posted

If you are using a new smartphone or computer to login with a password, the bank of America server will not allow it to pass. They ask you to first " remember my device " establish your device. To do this step they might send you an email to your email account on file. Next they may ask you your challenge questions.  If you satisfy these they will log you in and ask you if you want the server to remember the device. If you agree they leave cookies behind in your device so that next time you login you are good to go.  After 3 failed attempts using the wrong password the server permanently locks you out from online banking until you call them on phone to verify your identity.   

  • Thanks 2
Link to comment
Share on other sites
mtls2005 Diamond Member

mtls2005

Posted
Posted (edited)
13 hours ago, Ravi98008 said:

Next they may ask you your challenge questions.

BofA replaced their three security questions (favorite pizza topping) ages ago with out of band OTPs.

 

High value transactions, over $1,000, require one-time authorization codes (voice, SMS, security key - which replaced the older SafePass card).

 

There are at least ten (10) security features which should be enabled with BofA.

 

Still unclear on the OP's specific concern(s)? Is it that someone could get online access to their account and then transfer money out to another account (ACH, SWIFT, Zelle)? ATM card loss? Credit card fraud? Did the OP get some dark-web service/alert?

 

There is one hole, when using WISE you need to allow a third-party service (PLAID) to access your account, but still with multiple points of security. After the transaction you can disable this access.  

 

With proper set-up, and monitoring, you should be as safe as you can be. If any concern I might change the PW and/or username. And use the mobile app. And implement 2FA for log-in. 

 

 

 

 

 

Edited by mtls2005
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.







×
×
  • Create New...