Growing up, my grandma gifted me shares in a public energy company every year for my birthday, which fortunately turned out to be a useful emergency fund. The last time I sold any of these shares was about 5 years ago where, after contacting a shareholder services rep on the phone, I had to fill out a stock sale form and email it back to the rep with a scanned copy of a voided check for processing.
Fast forward to a couple of months ago, I am looking to sell about $2,000 worth of shares to cover medical expenses that are piling up. I do not have these shares in a mobile app so I decide to do what I did last time and first call the rep, who tells me to email him a formal request so that he can provide me with a blank stock sale form.
I used my work email to complete the transaction and it turns out that my email had been previously compromised by hackers at some point and they were waiting for an opportunity like this to intervene. With full access to my email, they intercepted my communication with the shareholder services rep and used an RSS feed to hide any incoming or outgoing emails with the rep. In their emails pretending to be me, the scammers used broken English and obviously different font size and style than what I had been using previously. They changed the banking info on the stock sale form to a Green Dot Bank account (an online bank that issues reloadable debit cards) and used a poorly photoshopped Green Dot check with my name and address on it. Despite the numerous red flags, there was no follow-up call from shareholder services and the sale went through.
We launched an internal investigation within my employer and they found that my email was the only one in the company that was compromised, though they could not pinpoint how the scammers could have gained access, and that they did not gain access to my laptop itself, just my work email. They then implemented security measures after the fact like two-factor authentication and an email filtering system. An investigation was also launched within the shareholder services after I reported what had happened and of course, they found themselves not to be liable. I filed a local police report and have been following up with them over the past month but there has been almost no progress.
At this point, I feel like I am running out of options and I desperately need that money to pay for my medical bills before they go to collections. Is there anything else I can do or follow up on to get my money back? Any help is very much appreciated.
TL;DR - Tried to sell shares via email, email was hacked and the sale was redirected to hacker's prepaid debit card account. Nothing came of the ensuing investigations and police report, looking for suggestions to get my money back.
Submitted September 28, 2021 at 01:21PM by EgoShmego https://ift.tt/3ALar0y
