Column: If this is the best banks can do to prevent fraud, we’re in a lot of trouble

A Chase bank location.
Despite multiple signs of suspicious activity, Chase did nothing to prevent a scammer from raiding a Southern California couple’s checking account.
(Milan Kovacevic)

Banks routinely tell customers their money is safe because measures are in place to protect against fraud. And generally speaking, that’s true.

Every so often, however, a situation comes to light that raises questions about the system and whether safeguarding customers is a top priority for some financial institutions.

What happened to Donna and Michael Hansen is one of those situations.

The La Palma couple — seniors on fixed incomes — discovered about a month ago that they’d been locked out of their Chase checking account. The password for online access had been changed.


Donna Hansen, 67, told me they contacted the bank and regained access to their account. That’s when they found that $22,000 was missing.

The couple rushed to their nearby Chase branch and sat down with a bank employee. He looked things over and informed them that someone had changed the name, address and signature associated with the checking account.

The bank worker said whoever had taken over the account had new checks printed under a different name and wrote a check for $22,000. That money was deposited into a different bank.

The worker declined to provide any other details, instructing the Hansens to contact Chase’s fraud department.

“So we did that,” Donna Hansen said. “They told us they no longer verify names and signatures for consumer accounts, so it’s not difficult to make changes like this. They also said they’ve been seeing more of this since the start of the pandemic.”

Paul Benda, senior vice president of risk and cyber policy for the American Bankers Assn., confirmed that scammers have kept busy over the last year.


He told me con artists “have increased their efforts to gather customer information that lets them hack accounts.”

“This can include posing as the Social Security Administration, the IRS or even your local health department to get you to let your guard down and provide your personal or financial information to access a stimulus payment or get a COVID-19 vaccine,” Benda said.

The industry group cited its own recent report concluding that banks stop the vast majority of attempted fraud.

Even so, Hansen said she’s shocked that so many things that should have been red flags for Chase apparently went ignored — the new name on the account, the change from a Southern California to a New York address, the unusually large check for $22,000.

“We only write two checks a month,” she pointed out, “one for $65 for our pool guy and one for $110 for our RV storage. That’s it.”

You’d think even the most basic fraud-spotting algorithm would have noticed an out-of-the-ordinary $22,000 check being slipped into the mix.


“It’s a nightmare,” Hansen said. “It’s unbelievable this could happen.”

Worse, she and her husband were told by Chase that the bank imposes a three-day hold on checks to guard against fraud. Yet that did nothing in this case. After three days, the money was successfully deposited elsewhere.

Insult to injury, Chase acknowledged that whoever took the $22,000 subsequently tried to write another check for the $5,000 remaining in the account. That was thwarted only because the account by this time had been frozen.

Hansen said she and her husband jumped through every hoop Chase threw at them. They submitted piles of documents. They filed a police report. But they couldn’t get any closer to having their funds returned.

“It makes you wonder how safe your money really is,” Hansen said.

She has no idea how anyone got her bank account number. But she does have a copy of the $22,000 check, which Chase provided for the police report.

It’s printed with a woman’s name — not Hansen’s — and a Minnesota address. The woman named on the check wrote it to herself with, if I’m any judge, a decidedly unpracticed signature, as if it’s not a name the person is accustomed to writing.

I ran a records check and tried various phone numbers connected with the name. All the numbers were no longer working.


Looking into the Minnesota address on the check turned up a different woman’s name as the resident. That woman is listed as being 101 years old.

At my request, Hansen contacted Chase’s fraud department for more information. She was informed that in fact three separate requests for new checks had been submitted using Hansen’s bank account number and three different names and addresses — one in Minnesota, one in New York and one in Florida.

“The lady with the fraud department said she doesn’t understand how this went through,” Hansen told me.

Yet apparently none of this activity triggered a fraud alert at Chase’s end.

In any case, I’m pleased to report that, a day after I contacted Chase, a bank official called Hansen to inform her that the couple’s money would be restored within a day or two. She told me her account was made whole as of Friday.

“They couldn’t say how my account was compromised,” Hansen said. “They just said it was.”

A Chase spokesman declined to comment on the particulars of the case. He said only that “we encourage customers to set up account alerts so they see any unusual activity quickly and we can work on it right away.”

That’s good advice, as far as it goes. And to be sure, Chase and other banks can’t be held responsible for the actions of scammers and identity thieves. But they can do a better job of minding the store.

If nothing else, what happened to the Hansens should be a wake-up call for every financial institution that they need to be more vigilant in spotting questionable transactions, especially in chaotic times like these.


You don’t need to be Sherlock Holmes to be suspicious when an unusually large check gets written, or when multiple requests for new checks are submitted under multiple names and addresses.

And taking weeks to resolve something like this, with this amount of money involved — come on, Chase, that’s not cool.