u/EquivalentCost913

▲ 0 r/CapitalOne+1 crossposts

Locked out while the fraudster spends — thanks, Capital One

Does Capital One even take security seriously?

To preface — I work in cybersecurity. I don’t reuse passwords, and I use MFA everywhere. No other accounts of mine have been compromised — yet my Capital One account has been taken over four times in two months. I have 4 cards with them.

Each time, the attacker:

  • Resets my password
  • Changes my contact info
  • Creates virtual cards
  • Runs up charges on all 4 cards

Each time, I spend hours on the phone, regain access, get new cards issued… and the next day my account is hijacked again.

Twice now, they’ve refused to reissue certain cards or even accept my fraud report until I send them a copy of my driver’s license and a bank statement — while the attacker keeps spending freely.

Right now I’m locked out again while the fraudster still has access. Capital One won’t let me reset my password until new cards arrive (via snail mail — and they wanted to charge me to overnight them), and they’re still approving charges while I wait.

Honestly, it feels like they don’t take security seriously at all.

reddit.com
u/EquivalentCost913 — 19 hours ago