Wow, way to fail BoA. Try taking out more than $5grand at most banks and it takes an act of Congress and a priest. Even a couple of transactions out of the ordinary or out of town will lock down most accounts in the name of security.

I bought a book at the O'Hare airport book store and withdrew $100 from an ATM, and they froze my card due to suspected identity theft. Sounds like they've made an adjustment to their algorithm.

BOA has absolutely ZERO "security" for this. I watched a co-worker of mine get bilked again and again by an identity thief for over 2 weeks. Her checkbook and wallet were stolen and every time she closed an account or tried to freeze it, the thief would open another one in her name and BOA let it all happen over and over. I thank all your gods that I don't bank there.

What state did this happen in?

@Squeegoth: Arizona, I believe.

Good luck getting back your money, OP

We have to stop using the phony term "Identity Theft." The thieves didn't steal an idenity, they defrauded Bank of America, who was stupid enough to give away money.

This British radio skit covers it pretty well:

I wish I had a choice, BofA bought the bank I had a credit card with.

...Who leaves $40,0000 in their checking account anyway?

@PsychicPsycho3, I was wondering the same thing.

$40k is $1400 a year in lost interest in a savings account. Crazy.

Wish I could easily get my USD over to Australia, where you can get 8.5%. [www.bankwest.com.au]

Sounds like the thief knew someone at B of A on the inside.

If I walked up to my bank requesting a 26K withdrawal Id be expecting a visit from Deerfield IL's Finest and a healthy chat.

To take out $12,500 again on the same account,especially when the card was cancelled and there was a previous huge witdrawal of $26,000 the same day without any holds or questions asked suggsts insider problems with B of A.

Is this the same BofA that wouldn't let a customer spend $4000 at Best Buy because they were "protecting" him?

@PsychicPsycho3: @vision4bg:
There is such a thing as an interest bearing checking account.

It seems there aren't too many minimum wage people writing into Consumerist these days...

$40K in your checking account?!

I can't believe I'm typing this: Three cheers for BestBuy!

Ugh. I need a bath and a bottle of vodka. Don't ever make me do that again, Carey.

I'm also a victim of what I refer to as Bank of America's spectacular negligence. In my case, Bank of America's tellers, on seven separate occasions, gave a total of $12,000 of my money to thieves with a fake driver's license in my name with the wrong expiration date. No PIN was required. The signature was not verified to me mine. And they handed my money over like it was lettuce. Meanwhile, after nearly 20 years of being a customer, Bank of America is firing me as a customer as of the end of July; apparently, because I complained a bit too much that they failed their fiduciary duty to me by not doing more to verify who they were giving my money to.

Meanwhile, there are at least two women out there with a fake license in my name, leaving me open to being arrested for a crime I didn't commit, and potentially causing me numerous other serious problems. Had BofA done the most minimum due diligence to verify identity of people they gave $1000 or more on seven separate occasions, in places I have never been and probably never will go, it's very likely these women would be in custody and those licenses in my name would be in a police evidence locker now.

I have actually been investigating this ever since, and I will be posting a bombshell on my blog on Monday. And there's even more that I'm not posting.

This kind of general nincompoop-ery is generally responsible for congressional hearings and subsequent regulatory bitchslap that BOA and other banks so richly deserve.

Hate to say this, but love Wells Fargo where they verify who you are by you swiping your ATM card and entering your PIN while at the teller window. Not a bad way to verify things. In this case, no PIN, no cash.

I wonder if BOA is going to chase the OP for the overdraft fees.

BOA pays enough to congressmen and federal regulators, so they won't be slapped. If you pay enough in bribes, you can get away with most anything.

I bet they did not fill out a Supscious Acvtivity Report (SAR) either. So, do a search and read up about SARs so you can report this bank. If they willfully did not fill out this form they can face up to a $250,000 fine and even imprisonment for the teller. Good luck, get your money back and get even.

@PsychicPsycho3: Gasp! Someone with different spending habits than you! They must be insane!!1

Actually, Best Buy is going to cause themselves a world of hurt calling the police while a customer is standing in front of them commiting fraud. With how unstable people are these days, if this guy was a hardened criminal with ZERO intent of going back to jail and possesed a handgun then what? Huh Best Buy smart guys?? The guy starts shooting up the place. Major lawsuit. Major. I thought it was policy to deny the card, let the criminal leave, then get his plate number, personal and vehicle description, THEN call the police. NEVER hold up or confront a criminal, not ever. Heroes die all to often. This story proves to me that BoA are total and complete morons. I bet it takes weeks for this poor guy to get his money back. I'd NEVER bank there, not ever.

@Amy Alkon: Damn. I am truely sorry about what happend to you Amy. That is terrible. I hope those worthless souls that did that to you get caught and rot in prison for decades. Something needs to be done about this kind of theft, and quickly. Congress needs to enact legislation that makes this kind of FRAUD punishable by no less than 20 years in prison. That ought to deter at least the smarter of the vile idiots. Best wishes to you and getting your situation sorted out. I will tell everyone who asks me about BoA your horror story. What an incompitant bank. I'm mortified...

Way to go, Bank of America!

Apparently BestBuy's register system pops up an alert code if there is somebody trying to use a card that has been reported lost or stolen, and they call the cops. Impressive.

I thought if you did a transaction at a bank for more than $10,000 at a time you had to fill out extra paperwork required by the feds. Wouldn't proper id and verification just kinda come naturally with that?

@ScarletsWalk: Someone else mentioned the SAR above. That information should be on file, and the police should be able to get a hold of it easily.

This is a massive, massive error on their part and I wonder if it could be cause for a lawsuit.

@Amy Alkon:
I've been intrigued about this story ever since you mentioned it, and I have happened to check out your blog before. If you're investigating it yourself, that's pretty badass.

@Silversmok3:

You're soooo right Silver. That's exactly what I thought as soon as I started reading this mess. I "bank" with a credit union and they just allow you to withdraw $750.00 per day. And to whithdraw that amount I have to bring I don't know how many id's, my neighbor when I lived overseas and my mother, who by the way died 20 years ago!

"I thought if you did a transaction at a bank for more than $10,000 at a time you had to fill out extra paperwork required by the feds. Wouldn't proper id and verification just kinda come naturally with that?"

Actually the bank fills it out on you..Don't need to notify you or obtain any of your info. They can also fill out the paperwork if they feel you've been structuring transactions to get around the limit.

Although it won't prevent ID theft, use credit cards instead of debit cards. That way if someone gets your debit card Visa/MC/etc. number and buys a bunch of stuff, the money is out of your account instantly. At least with a credit card the money is still in your hands while you dispute the charges.

@btdown: @Shadowfire: @ScarletsWalk:

Just for clarification: a CTR( Curency Transaction Report) is filled out when there is a cash transaction involving $10,000.01 or more. It is kept at the bank as a record and also sent electronically to the gov't for tax/anti money laundering purposes. The bank tellers have to fill this out either in front of you, or get your info down to fill out later..in other words, YOU WILL KNOW IT IS BEING FILLED OUT. If you refuse, then a SIR is filled out w/o your knowledge. A SSN is required to fill out a CTR (second question in the CTR form), and yes you can make one up but minutes later the branch gets a call from the CTR monitoring dept which'll notify the teller that the SSN is incorrect (had this happen when I first became a teller..took em 15 minutes)

SAR/SIR (suspicious ACTIVITY/INCIDENT report) is a report filled out by the bank employee in the case of a suspicious INCIDENT or series of incidents referred to as ACTIVITY. You, the bank's client, are not supposed to know there is one being filed on you. It is given to the federal agencies (FBI, etc). This is only filled out if you refuse to fill out a CTR, or if you're informed of the CTR by the teller and you only take out $10,000 even or less (usually people get scared that it's being reported to the govt and don't want to fill it out..but then a SIR is filled and the govt knows about it anyway).

@Melt:

Yes, double thumbs up for Wells Fargo needing your pin at the teller window. I think I've seen this at WaMu too.

A week ago I withdrew $1200 in cash from BofA at a teller's window, and she did not ask me to put in my PIN as a condition. I was really surprised and almost said somthing to a manager about it.

Apparently the fact that I had my checking account number written out on the slip was good enough for her. But anyone I've written a check to already has that info. Idiots.

Every time I read about Bank of America they are screwing their customers in exactly this way. The thought of doing business with them makes me sick.

@xay: Not that pay out anywhere near as much as a good savings account or money market account -- let alone a CD. And definitely not from Bank of America.

@scoosdad:

I am surprised I work for WaMu, and I know we require ID,PIN, Signature (Signature must be sing in front of teller) to withdrawal more then 1,000 and we verify ID # and exp day with our records, as well as signature. Anything over 5k would require future security question and measures.

I am really surprised such a big bank like BOA has less security features to protect there customers; This is evident with these big corporate Bank they loose there seance of "Customer first".

@Subliminal0182: Hmm, I've done quite a few $10k+ transactions in the past year and was never told one of these were going to be filled out.

* Numerous shuffling of those amounts between ING and checking accounts
* A check for $17k for a new car I paid in cash
* A couple of $20k+ charges on my Amex, which I had to later move money around and then have Amex debit the charge from my checking account.
* Two checks for $10k each deposited into checking

Kinda figured they were being filled out. Didn't care too much. But was never told.

BofA allowed someone in Georgia to empty one of my accounts (over $10,000)-- as I was on the phone with their call center telling them it wasn't me! I happened to be waiting for a check to clear and had been checking my online activity every day and noticed my checking account was at $0. (instant gulp) I called from a landline in California (Where I live) so there would be no question where I was calling from. The initial CSR had the audacity to mention that "maybe I forgot about a big purchase I had made recently." I was about to jump through the phone and strangle her. I finally got it through to her that the actions were taking place as I was watching my account online (I actually saw something pop upas I was moving around my online account) and she told me they couldn't access any record as to what was going on, and where, until after the transaction closed the next business day.

When I called back I got a bit more info, apparently the person had a Visa card and driver's license in my name (and somehow the security code on my account had been totally blown off). They actually allowed the person to withdraw OVER the amount in my account, as "we don't know if perhaps you have a large deposit coming in"-- yep, won the lottery, getting the cash early.

It was a pretty crappy experience all around. They finally got it straightened out but it took letters to the CEO of the bank and my senator (Which was a bluff but it worked-- did a faxed version of an EECB with all the cc's) as they weren't going to give me my money back for 5 days when their investigation completed (due to the "large amount of money involved"). Uhm, hello, *I CALLED YOU TO TELL YOU IT WAS HAPPENING AND YOU TOLD ME YOU COULDN'T DO ANYTHING*. Got my money back the next day and assurances that everyone who I spoke to was totally in the wrong and they would take it seriously and be sure their call center reps were better trained.

So yeah, great fraud alerting. They're probably just so big that it's easier for them to lose a few dozen grand instead of actually wondering why someone was 3000 miles from home, NOT closing out an account, but taking out all the money in cash.

I should add to my story, I've had on and off ID theft issues ever since buying some furniture at Wickes, but I never had lost possession of checks/debit cards/etc. The same week that my bank account was emptied, 2 other people at my work (Who bank at other banks) had their accounts emptied. All of the accounts they hit were the accounts we had our pay direct deposited into, so we suspect some insider at our work (or in the system) is passing info along... probably some sort of long string of insider attacks on systems (people who work at large employers having "friends" who work inside large banks).

@weave: Sorry I must've not clarified, a CTR is only done with $10,000.01 or more in cash, cash being the important thing. Anything electronic (#1,3 you mentioned), transactions involving checks (like #2 and 4 you mentioned) are exempt. A check being cashed for more than $10k, however, there'd be a CTR.

Also, the tellers can't really fill em out w/o you knowing because they need certain information, such as current occupation, SSN, current address, etc. Sure, that sometimes can be taken from your profile, but if it's incorrect, the teller gets in trouble (at the bank I work at, 2 CTR violations are you're terminated-violations can include even misspelling your name or DOB in incorrect order).

Can't wait for the next installment "Who get Screwed" from Mr. Hooley regarding the outstanding service he's going to get from BofA.

@weave: I think those forms are for CASH transactions.

My BOA branch makes me swipe and enter a PIN too. But if the debit card was canceled, the thief probably used this to his advantage by claiming the card was canceled and therefore could not be used as proof. However, you would think that a signature card would have been used for a transaction of this size.

@MRsteve: SAR's and CTR's are filed with the government to report possible money laundering and tax evasion. They are not intended to prevent identity theft, nor are they acted upon instantly. One, an SAR would not have prevented this theft. Two, it's callous of you to suggest fining and imprisoning an entry-level teller for what is clearly an institutional problem with B of A's fraud detection systems.

@Pro-Pain: I suspect the Best Buy clerk doesn't actually make the call to the police right in front of the customer for the very reason you're suggesting. It's probably a code to a manager, who then calls the police from outside of the prospective buyer's vision.

My family went through a similar issue with BofA's LACK of security. Turns out my little bro developed a nasty addiction. No one knew about it-- he was hiding it pretty well.

My mother has a corporate account that is mostly for tax purposes and not much else-- because she is self-employed, she stocks away a percentage of her money in a BofA account so that she's got money to pay the taxman with at the end of the year. Other than semi-regular deposits, that account doesn't see much action-- it definitely doesn't see many withdrawals.

My mom had one of those binder looking checkbooks for the corporate account, with her name and the corporation name on the checks. No one else was authorized to access or use the account, and the checks rarely (if ever) got used.

My little bro knew about the checks and the account. He stole a few sheets of checks out of the back of the checkbook (so, the check numbers were out of order, too) and started to write checks to himself and to his dealer. (Apparently some dealers will take checks... Interesting.)

Over a three month period, my brother was able to siphon $20,000 out of the account by forging checks to himself and his dealer in amounts varying from $25.00 to over $5,000.00. Each of the checks looked like, well, a crackhead filled them out and signed them. He didn't even TRY to forge my mom's signature. Even a trained monkey could have told they were stolen.

Each time, without any question, BofA would let him walk right in and cash the check. No questions asked. And this was on an account that checks were NEVER used on, in a check sequence that was OUT OF ORDER, on OBVIOUSLY forged checks.

How did we find out about the theft, and by proxy, about the addiction? A freakin' MONEY TREE called us. It was a Saturday afternoon and the bank was already closed, but my bro was hard up for some dinero. He wrote himself a $50.00 check and brought it down to the local Money Tree. The cashier suspected fraud and went into the backroom to call my mom to ask her if she had written a check to my brother. Of course, my mom said no. The clerk held the check and refused to cash it. My brother knew his jig was up and went home to confess.

The gatdammed Money Tree was competent enough to protect my mother, and her money, but BofA couldn't seem to do the same for their own client. When my mom went into the BofA to tlak to the branch manager and ssess the damange, they wouldn't even apologize, let alone accept any culpability. Sure, my brother was a junkie and a theif. And sure, my mom should have been monitoring her account for any suspoisious activity. We weren't denying any fault. But for fuck's sake, BofA REALLY messed up. Like, BIG TIME.

They informed us that, while they accepted no responsiblity, they would only give the money back to my mom if they pressed charges against my brother. My parents decided that was not the outcome they wanted, so they ate the $20k loss. Andthrough the whole ordeal, BofA wouldn't so much as apologize, insiting that they had done everything "by the book" and that they had no fault in the matter. They even claimed that is isn't their policyt to verify any checks oveunder $5k, because that would just be too much work. WHAT?! I don't care if a forged check for $.50 or $50,000.00 us being crowritten on my account-- I want my bank to verify that ALL of them are valid.

Whoops- sorry about the typos on the bottom half of that post-- hit "submit" too soon.

Anyways, happy ending: after six months of rehab and a long journey to recovery, my bro's been clean for over a year. And we're no longer BofA customers.

@Fly Girl: (but tell your mom to get a vault for that checkbook just to be on the safe side...)

@Skeptic:We have to stop using the phony term "Identity Theft." The thieves didn't steal an idenity, they defrauded Bank of America, who was stupid enough to give away money.

I agree 100%. It is ridiculous that people can get away with this. It is ridiculous that a bank will give all your money to some random person. It is also ridiculous that the victim is stuck with all the paper work to restore their life.

BofA gave a lady up in SF an account with the same account mumber as mine. So I went to go get gas one day and found my account empty. I asked for copies of the checks and found out the lady and I had the exact account number, and she wrote a few checks at Foot Locker. If I didn't have that CD there I would lose BofA completely. I already emptied my checking account and use ING>

@dweebster: Done and done. Just 'cause he's clean now doesn't mean that any one is going to tempt fate! :)

Ok, I am going to be one of thoese "debit cards are just not worth it" types. If you can handle the real responsibility of a credit card .... then it doesnt make sense to use a debit card. At least credit cards have pretty much ironclad protection policies. Its often up to the bank's policies itself whether they will give you back money that was stolen out of your account via debit card. Note: I believe one of the big two (visa or mastercard) is now offterning decent debit card protection.....I think it is visa).

ANd who keeps $40,000 in a check account1!!!? A rich person?

I figure $5,000 tops in the checking account is ok. I personally keep less than $2,000 in mine. The rest is in savings.

I am not blaming the customer, because after all...he did the right thing by reporting his card stolen as soon as possible. BOA is the one at fault here. Scary that they can let this slip past them.

I have always hated BOA since they took over boatman's bank (my old bank long ago) & then changed my account status without telling me & started charging fees like mad. Dropped them like a cot rock, went to commerce bank (the midwest chain), I have yet to have a single problem with them.

Btw..... Just curious,..is the guy going to get his money back that BOA just gave to the thief?