How to recover your money if your bank account

is hacked or your card details are stolen.

SEP 10, 2013 BY SANJAY KATKAR 47 COMMENTS

Rating: 8.6/10 (98 votes cast)
In this blog I will be focusing on the ways to strengthen the possibility of recovering your money
in situations where your bank account is hacked or your credit card or debit card details have
been stolen and misused. I will not be talking about how to prevent a bank account from getting
hacked because we have discussed it at length in various posts. First of all let me tell you that
the bitter truth is that most of the victims do not get their money back. But there is prevention
and there are ways for a cure. So instead of crying over the spilled milk one needs to find ways
to recover or salvage. After going through several case studies I thought of putting these steps
together so that a victim knows what should be his/her immediate action when someone steals
money from the bank account. In this post I will be referring to only those financial frauds that
are done online. I will not be talking about frauds resulting because of physical loss of
credit/debit card or ATM cash withdrawals.
If a bank account is hacked and the hacker/cybercriminal starts making online purchases using
the stolen card information, bank account user name, password and/or PIN most of the victims
expect the banks to repay. The banks however, refuse to help the victim on the grounds that the
transaction was done with the actual card and the exact password and PIN was entered. So no
matter how hard you try to convince them, it just amounts to a lot of frustration. One should
understand the basics here, the bank is right at its place when it is refusing to pay. Since the
money is already gone from the account to the merchant as legitimate credentials were given, if
the bank agrees to refund it will have to bear the losses. Bank will always try to put the blame
for card fraud on you. Usually they will redirect the victim to go to police for further help.
From my opinion police will also not be able to help you much in this case as often such financial
frauds happen far away in a different country. It is quite difficult to track down the person or
group that has scammed you without the help of law authorities in several different countries
that transaction might have routed through. In most of the case studies of such financial fraud
that I have seen, the victim often wastes lot of time in going to bank and police back and forth.
When your bank account gets hacked and money gets transferred online one should follow
the steps given below to avoid further losses:
1. Contact your bank and first block your bank credit/debit card.
2. If the bank account is hacked immediately after you have done some online transaction
from some PC, then first scan and clean your PC with latest anti-virus scanner. This is to
get rid of any rootkit or key logger that may have been installed on the PC and which
would have compromised your login details and sent it to the hacker.
3. Reset your login password, pin, security questions answers.
4. Verify your contact details like address, phone number are not changed by the hacker.
5. Report the scam to right authority in the bank.
6. Report a fraud to local police station.
What to do to recover lost money from hacked account:
In case of online transactions we have a fair chance of recovering/blocking the transaction if we
act within 24 hours from the date and time of the fraudulent transaction. Most of the victims
miss out on these important steps and hence are unable to recover any of the money they have
lost. When a hacker/cybercriminal hacks the bank account and has access to users login name,
password and PIN they start making online purchase and money transfers immediately. They try
to get the maximum amount out before user blocks the credit/debit card or changes the bank
login details. So what one should do along with the above given steps is to observe the
fraudulent transaction details carefully. For every transaction the bank provides very limited but
important information of the date, time and the merchant id/string on which the transaction
was performed. For example in one of the cases that I studied and was able to successfully
recover the money for the victim, the fraudulent transaction reported by his bank was as
follows:
SC3245244 22/08/2013 VIN/GYMBOREE.CO/2433423432323233/o DR 3894.64
The SC3.. indicates the transaction ID followed by transaction date, then the Merchant ID
clubbed with some unique string for transaction. This is followed by type of transaction DR
indicating as debit and the amount. The key is to reach out to the fraud handling
department/authority of the Merchant in 24 hours giving details of transaction that was
fraudulent. No merchant would like to do business with a stolen card. They will readily block the
transaction and revert the amount. This will ensure that you get the money back in your
account. However, this is possible only if the merchant has not delivered the goods or process
the transaction completely. This usually takes more than 24 hours. In the case mentioned
above, when I searched the Internet for Gymboree I was able to locate the merchant website. I
asked the victim to contact the merchant. When the victim contacted the merchant through
their website and gave details of the transaction it was confirmed by them that the transaction
had taken place. The victim then convinced them that the transaction was fraudulent. They
asked for the card details and when they were convinced they promptly blocked the transaction
and reverted the amount which reflected in victims bank account in a couple of days.
Every victim may not be lucky as in this case but one can always try to reach out to the
merchant through whatever possible way and give them the real picture. The chances of you
getting your money back then become stronger. In some cases like money transfer to individual
through PayPal or some other benefits it is bit difficult to get back the money. But if the
cybercriminal does online purchase of some items/services then there are high changes of
blocking the transaction and getting the money back.
To recover money lost in 419 scams
In case of scams like 419, where the victim himself transfers the money to the cybercriminal, the
money can be recovered if he/she acts fast. For example if you transfer money to the scammer
by say Western Union or MoneyGram and you realize that it was scam in less than 24 hours you
have very good chance to get your money back. You just have to reach out to the right person
from help desk of the money transferring merchant and in this case Western Union or
MoneyGram.
Your feedback
If you ever have faced such situation and have something to share, please do share your
experience. This will add to the knowledge of all our readers and make them alert.
(For security news, tips, suggestions, ideas you can follow Sanjay on Twitter @sanjaykatkar)

Posted under: Uncategorized
47 Comments+ ADD COMMENT

Hrushi Sonar September 10, 2013 at 6:11 PM
Thank you sir for this info, really this info is very help full.
Regards
Hrushi Sonar.
REPLY
o
MEHUL M JIKAR September 11, 2013 at 6:41 PM
Really helpful..thank u sir..:)
REPLY

sumanto September 10, 2013 at 6:52 PM
thankyou sir for this info, Really this is very helpful;
with Regard
Sumanto
REPLY

Aditya September 10, 2013 at 6:58 PM
really really helpful . thank you so much.Now am am a bit aware and know how to handle these
situation
REPLY

ajay September 10, 2013 at 8:18 PM
this information will be read by hacker and he/she will stop shopping online and usually they do
not buy online they withdraw the cash from ATM.because they know these things..as they are
hacker,they are more intelligent than us.and sorry to say sir but this trick does not work in
INDIA,because of corruption.In India,merchant does not help,instead police first ask for their
commission.And steps you have noted above,we usually follow all those steps.but banks rule
are like they can not block Card within 24 hours.they says it will require 48 hours to block the
card.and secondly we can not reach them and police within 24 hours as their working timings
are limited.So boss all above is not going to work in 24 hours.Not at all possible because of
banks policies.
REPLY
o
Sanjay Katkar September 11, 2013 at 11:05 AM
Dear Ajay,
I can understand your reaction. The truth is we were able to recover money
in two of such cases. In case of identity theft there are two types of frauds
One which the hacker/cyber criminal will try to use the stolen information
for cash withdrawal and the other where the hacker just has intercepted
your card details while doing online transaction (through compromised
website or a infected computer). In the other case the hacker is somewhere
else and most probably can be in some other country. They try to use the
card for online transactions through some online selling portals (like amazon,
jabong.. etc). It is possible to recover the money spend on such online
transactions by contacting these online shops and convincing about the
fraudulent transaction.
REPLY

Naman Jain September 10, 2013 at 8:44 PM
Very usefull
THanks
REPLY

Manash Saikia September 10, 2013 at 8:45 PM
Thanks sir.
This information will be helpful.
My orkut account have been hacked and disable by Google. Can i recover again.?
REPLY
o
Sanjay Katkar September 11, 2013 at 10:58 AM
You should contact orkut helpdesk to recover your account.
REPLY

Nilay Vajani September 10, 2013 at 8:47 PM
Very Good information. I think this should surely help the victims in future. One of my friend
recently had such experience of money hacking from his bank account, but he could not do
anything other than informing bank and reporting to police. But the Police officials here were
very much adamant to launch and FIR. This is a long story, and till today as it has been 3 months
but he has not got his money back.
Anyways, thank you very much for the information.
REPLY

Rajendra Singh September 10, 2013 at 9:10 PM
Thanks a lot for such kind of useful information.Pl keep it on for the sake of God n Goodness of
mankind.
once again
with thanks
rsbhagor
REPLY

Rajendra Singh September 10, 2013 at 9:16 PM
Thanks a lot for such kind of useful information.Pl keep it on for the sake of God n Goodness of
mankind.
once again
with thanks
rsbhagor
REPLY

Dake Liyakatali September 10, 2013 at 9:30 PM
It is very good thing you have published for the people,Personally I will obey your valuable
advice.
Warm regards
DLB
REPLY

MMG September 10, 2013 at 10:23 PM
Last year I have purchased a cake for my wife (who was in USA that time) from mumbai. I did
the online transaction through credit card. The transaction was successful. But during
transaction they have not asked for otp or any password. After 2 days, I had received a msg on
my mobile regarding transaction of 200 $ through my credit card for a vendor (supplying valves)
located in third country. I have contacted the credit card company and asked to immediately
block the card. I have explained them about hacking my card. They told me that if the valve
supplier claimed for the payment, then only we can take the action but help less at that
moment. Fortunately that valve supplier didnt ask for payment.
REPLY

Malhar September 10, 2013 at 10:28 PM
Thanks for this valueable information.
REPLY

Aju Chacko September 10, 2013 at 10:53 PM
I faced a similar incident last year. My credit card was fraudulently used for an online purchase
worth 380 Euros (Rs 27000). I reported the matter to the bank immediately and the transaction
was blocked. As the used currency was different and also due to full support from my bank i was
able to recover the full amount
regards
Aju Chacko
REPLY

Sharad Phadke September 10, 2013 at 11:00 PM
My friend was having two Debit cards and he used only ICICI card when to withdraw money
from ATM. He was having SBI card also and un-lucky part was both cards were having same pin.
Within a span of few seconds his SBI saving a/c was debited nine times and he lost Rs.90000/-
where SBI is not willing to give CCTV footage and they are showing only some part of footage to
him.
Can this be term as fraud? If so how to tackle? Police are not taking complaint SBI telling you
took the money.
REPLY
o
Sharad Phadke September 10, 2013 at 11:02 PM
ATM used was SBI ATM only all the time as it was near to his house.
REPLY

raj September 10, 2013 at 11:58 PM
dear friend,
what u said is a not correct.as per SBI rule a card holder can withdraw
money from his account through atm is only up to Rs 40000 per Day(24
hour).No SBI account holder can with draw more than this amount in a
day at any cost.
REPLY

SANT RAM September 10, 2013 at 11:17 PM
It happned with me during November, 2011. I got calls 2-3 times, asking details and told me,
we are just checking your details, as they informed my details, available with them. I
suspected, while they were asking about some confidentials details, which bank never ask, so I
refused, but they threatned me to block my account, I didnt give any details. After 2 days i got
an SMS about some failed transaction attempts, I called customer care, they told me it was done
by them, just to check my security features, next day again I got failed transaction SMS. But
after some minutes I got transction message amount of Rs. 2000. I called customer care and
informed, and request them to block the same, as my limit was Rs.100000. They informed 3
transactions were carried out within few minutes, before blocking the card, result, I have to pay
Rs. 6000, which I never used. Bank informed me, it was done from Pakisatn. Next day it
happened with my Saving Account, with same bank, around 20 transactions were made within
40 minutes, while I rushed to bank, while transactions were on, Chennai, Mumbai, Benglore was
also contacted by Delhi Branch, but they failed to stop the same. My Card was lying at managers
table, but both were helpless. Its cost me Rs. 21000, untill it was blocked, otherwise cost may be
higher, as it has amount in Lakhs, including FDs.
I lodged complaints with local police station, at cyber cell, at bank, but still I lost the amount,
bank never helped me, its a terrible experience, both accounts were with HDFC Bank.
I had all evidences, before happeinings, during happenings, telephone call voice recording,
SMSs, but all were failed. Its my story sir, you are right, but I got terrible experience in 2011.
REPLY

vikas September 11, 2013 at 12:57 AM
Very nice information..thanks to quickheal and double thanks to you.
REPLY

mohammad jalilian September 11, 2013 at 5:31 AM
Yesit happend for me too but in another way, after a long way of not using of my cart(almost 6
month)i discerned the my cart number is invalid & some one with another carte had to empty
my account!!!!!!!!!!!!!!Im not yet understand how the person was able to get my bank a new
card with new numberThe bank has denied all of these events too!!!!!!!!!?I really do not know
what should I doIf every one can help please contact with jalilian515@gmail.com farewell
REPLY
o
Sanjay Katkar September 11, 2013 at 10:52 AM
Sorry to know about your loss. As mentioned in the blog if the fraudulent
transaction is taken place online and has taken place recently (less than 24
hours) the transactions can be reverted by contacting the merchant to whom
the payment was done. In other cases you will have to take help of local
police.
REPLY

Sushant Pawar September 11, 2013 at 9:59 AM
Dear All,
It was also happened with one of my friend in Chandigarh. He was in New Delhi for his official
meeting. suddenly he received a message from his bank that he has made transaction of Rs.
20000/- on his credit card. after few minutes he received one more message from the bank that
again one more transaction has made.
He immediately called his bank and blocked the card. Then he came to Chandigarh and visited
his bank. He has to do lots of formalities to prove that he has not made these transactions and
he cant pay amount of Rs. 40,000/-. After 10 to 15 days it was realized that his card details has
been stolen from one of the petrol pump in Chandigarh where he use to feel petrol in his car
regularly. then the bank launched the complaint against this incident and the amount was not
recovered from my friend. Here my friend was lucky that bank has supported and not taken any
amount from him. but be aware about these kinds of frauds.
Here I just like to suggest you that whenever you do any transaction on your Debit or Credit card
be present still your transaction completes.
because we dont know who is going to stole your card details.
have happy transactions on your cards.
REPLY
o
Rajib Singha September 11, 2013 at 10:45 AM
Hello Sushant,
Thank you for sharing your experience, and advice with our readers.
Regards,
REPLY
o
Hrushi Sonar September 11, 2013 at 5:06 PM
Thank you so much Mr. Sushant for this information and you r advice.
Regards,
Hrushi Sonar
REPLY

Subhransu September 11, 2013 at 10:40 AM
Sir,
Your information & suggestion is very useful for general people also me.
REPLY

b c jain September 11, 2013 at 10:58 AM
1. I hold a cr cd issued by HDFC bank.The bank always send an SMS on transactions being done .
There is a debit of apprx 100US$ for an alleged transaction but no SMS was sent to me . Now
the bank promised to make an enquiry and after sometime claimed that the transaction has
been genuinely done . The bank claims that it has some proof. How to challenge the incorrect
debit and how to prove the wrong debit ?
2. On an earlier occasion also a cash withdrawal by HDFC cr card of Rs.10000 from ATM of
other bank was challenged as the money did not come out of the ATM. Yet the banker HDFC
after making his own enquiry said that cash was withdrawn . How to prove that money actually
did not come out of ATM ?
REPLY
o
Sanjay Katkar September 13, 2013 at 1:05 PM
To answer your queries one need to have a look at the transaction details as
shown in your bank statement. For your query on how to prove is that this
has to be banks duty to prove that the transaction is done by you when you
are rejecting it. You need to file police complaint against bank claiming that
you have not done the transaction. But for all this time factor is very
important.
REPLY

Sampa Pal September 11, 2013 at 10:59 AM
Date Merchant Name Transaction Amt (In INR) Transaction Amt Status
7/30/2013 4:43:19 AM MBI-Probiller.com/HD 123.51 2.00 (In USD) APPROVED
7/30/2013 4:44:18 AM PAYPAL *57SUPERETTE 23517.14 23517.14
APPROVED
7/30/2013 4:45:15 AM MBI-Probiller.com/HD 369.91 5.99 (In USD) APPROVED
7/30/2013 4:54:25 AM SPRINT USAGE 871.97 14.12 (In USD) APPROVED
7/30/2013 4:55:29 AM LA TOURAINE 120.42 1.95 (In USD) APPROVED
7/30/2013 4:57:43 AM PAYZA.COM 93.87 1.52 (In USD) APPROVED
7/30/2013 5:00:04 AM Eastbrook Apartments 33.35 0.54 (In USD) APPROVED
All these transactions were made online. On enquiry I found that they were made outside India
and without password authentication, which I was informed is not necessary if one uses it
outside India. How do these happen?
REPLY
o
Sanjay Katkar September 13, 2013 at 1:01 PM
To answer your query of how do these fraudulent transactions happen is
already given in the blog. In your case it seems that your card details had
been stolen online (may be when you had been doing some on-line
transactions). This can happen through various means like phishing (visiting
fake website) or if your system is infected by malware that captures your
card details while you do the transaction online.
Your above bank statement shows that all these fraudulent transactions
were taken place in the month of July. Had you contacted the respective
merchants at that time you would have got most of your money refund back
by blocking the transaction. You have to react in 24 hours time.
The transaction details show that few of them are payment gateways like
PAYPAL, PAYZA.COM and Probiller.com. These merchants do respond to such
fraudulent transaction claims and block the transactions if we contact them
immediately. If the money is not gone to hacker it can be blocked. It takes
some time for money to reach the hacker.
What you can do is you can still try to contact these merchants (specially
PAYZA, Probiller) and find out if the transactions went through. Like if
somehow they later realized that this transaction was a fraud they also block
it but such amount stays in suspense account until someone claims it. Try to
contact their support and find out if these transactions went through and tell
them that it was your card that was used fraudulently. Its almost impossible
to get the money now but never know you may get lucky. For Probiller
visit http://probiller.com/support, for Payza visit their website and find their
support page. You can try this with all the merchants in the transactions.
REPLY

D Anand Kumar September 11, 2013 at 11:21 AM
Thank you very much for this valuable information sir.
REPLY

shashikant sonar September 11, 2013 at 2:12 PM
Thank you for this important information, pls keep it up!
REPLY

nithish thomas September 11, 2013 at 3:47 PM
quick heal sandbox saves browser data. what does that mean??
REPLY
o
Rajib Singha September 11, 2013 at 4:44 PM
Hi Nitish,
When Quick Heal Sandbox Protection is ON, it takes your Internet Browser
into an isolated virtual environment. Whatever data a website downloads, is
saved in that virtual environment. In this way, even if the data contains
malicious elements, they wont be able to harm your computer.
Regards,
REPLY

vickrant September 11, 2013 at 4:04 PM
really nice blog it gives good advantages to save the money thanks buddy.
REPLY

Suvojit Sinha September 11, 2013 at 9:12 PM
Thanx for such a nice and important topic. This was needed for me.
REPLY

Rohit Singh September 11, 2013 at 10:21 PM
Thanku sir It is really helpful nowadays when millions of accounts are being hacked everyday.
REPLY

Siddhesh Mude September 12, 2013 at 3:16 AM
Thank you for the useful information.
However, I am sure that most people will not follow these steps in spite of reading. They are too
damn stubborn and lazy to go beyond blocking the credit card or bank account.
REPLY

Saurabh Pandey September 12, 2013 at 10:47 AM
Hi friends,
I would like to share a incident happened with my brothers Standard Charted Debit Card, this
happened in Mid 2011, he had done a online purchase 1 year back when he was in USA, that
was the only online purchase he ever did, all of a sudden one day he started getting a message
one after the other of Rs3000, then Rs4000 is deducted, in total around Rs15,000 was deducted,
we immediately contacted our bank on phone banking and blocked the card and the account.
The transaction took place in some other country which we never heard of! Bank promised to
give us our money back, but in installments. In a span of 3months we got 90% of our money
back.
immediate action was the best remedy for us. I hope this helps you all.
May God bless you all,
Chers,
Saurabh Pandey
REPLY
o
Rajib Singha September 12, 2013 at 2:29 PM
Hello Saurabh,
Thank you for sharing your experience with us. Such information helps
educate our readers and make them more cautious against such incidents.
Regards,
REPLY

K. H. Kulkarni September 12, 2013 at 4:28 PM
This is very useful piece of information, no doubt. However, I request you to give us a instances
of hacking in general.
REPLY
o
Rajib Singha September 13, 2013 at 11:02 AM
Hello Mr/Ms Kulkarni,
Thank you.
Talking about a general instance of hacking, we can take the following
hacking incident that recently occurred:
Reportedly, Vodafone Germany has been compromised by hackers, exposing
sensitive and personal information of about two million customers. This
information includes names, addresses, date of births, and even bank
account numbers. The authrorities concerned have said that, more critical
information such as credit care detials, phone numbers, and passwords are
safe. It is suspected that an internal server on Vodafones network was
compromised for this hacking attempt.
Regards,
REPLY

Navin Jha September 12, 2013 at 6:37 PM
Thanks for sharing very improtant info.
REPLY

Subhasish Mazumder September 12, 2013 at 8:27 PM
Thanks Sir helped me a lot.
REPLY

Kashyap September 12, 2013 at 11:07 PM
It is very difficult to get through the current law system to recover our hard earned money.
What I could see in Mr Sant Rams case is that bank also didnt do much to protect or stop the
transactions from taking place which is not right. Also I would like to point out that we should
not leave our account dormant or stop using it for any time gap. At times such accounts also get
cleaned up and we come to know only when we once upon a time like situation decide to go
and check the account status.
Also I came across some random issues where the ATMs are not supposed to place the camera
facing the ATM screen and it should be facing the user and behind the ATM screen.
In the present age of online banking activities where our details can be easily available to the
hackers through various bugs, spyware, malware, etc. we should be very vigilant at all times to
safeguard our earnings so that no one can fleece us and take away our money.
REPLY

sandeep kumar September 13, 2013 at 11:08 AM
Thnaks sir!
REPLY

Name (required)
Mail (will not be published) (required)
Comment


Fill CAPTCHA *

POST COMMENT