Do you live in the area of Pickering and have a bmo bank of Montreal bank account I'm urging you to look in your personal document records see if you have any other accounts in your profile check your FIT ID numbers Sure they're all unique Cause let me tell you I have all these red flags flopping app and I just want to help somebody else if there's anybody else out there that experiences this let me know
20 thousand stolen twice no logo on stamens majors hind in officesA Canadian bank customer has discovered what appears to be a pattern of serious security failures at BMO Bank of Montreal — including an account opened without their knowledge, fraudulent "investigators," broken digital signatures, and bank statements transmitted with zero encryption.
What the evidence shows:
Account opened without consent: An account exists in the customer's name with their personal details, but they did not open it. BMO refuses to disclose who did.
Cryptographically broken signatures: Account documents signed through eSignLive/OneSpan use a certificate that expired just 17 days after signing. Adobe reports the signatures as "Unknown" with "Signer's identity: Unknown" and flags that the document was modified after the first signature.
No data security: Bank statement files obtained by the customer explicitly show SECURITY: NONE in the header — meaning financial data was transmitted without encryption or authentication.
**875 in duplicate charges:** A forensic analysis of the customer's OFX statement revealed 18 duplicate transaction IDs (FITIDs). In legitimate banking systems, each FITID must be unique. The duplicates total875 in extra charges, concentrated in online gambling transactions.
Fake investigators: During complaint resolution calls, someone claiming to be a BMO "investigator" contacted the customer with no credentials, no case number, and no callback information — then told them their complaint was closed. Phone representatives also asked for the customer's PIN, a practice no legitimate bank should use.
Why this matters:
This isn't just one angry customer. The combination of expired certificates, duplicate transaction IDs, unencrypted data transmission, and fraudulent investigators suggests either systemic negligence or something more deliberate. If a major Canadian bank is using broken digital signatures and transmitting customer data without security, every BMO customer could be at risk.
A Canadian bank customer has discovered what appears to be a pattern of serious security failures at BMO Bank of Montreal — including an account opened without their knowledge, fraudulent "investigators," broken digital signatures, and bank statements transmitted with zero encryption.
What the evidence shows:
Account opened without consent: An account exists in the customer's name with their personal details, but they did not open it. BMO refuses to disclose who did.
Cryptographically broken signatures: Account documents signed through eSignLive/OneSpan use a certificate that expired just 17 days after signing. Adobe reports the signatures as "Unknown" with "Signer's identity: Unknown" and flags that the document was modified after the first signature.
No data security: Bank statement files obtained by the customer explicitly show SECURITY: NONE in the header — meaning financial data was transmitted without encryption or authentication.
**875 in duplicate charges:** A forensic analysis of the customer's OFX statement revealed 18 duplicate transaction IDs (FITIDs). In legitimate banking systems, each FITID must be unique. The duplicates total875 in extra charges, concentrated in online gambling transactions.
Fake investigators: During complaint resolution calls, someone claiming to be a BMO "investigator" contacted the customer with no credentials, no case number, and no callback information — then told them their complaint was closed. Phone representatives also asked for the customer's PIN, a practice no legitimate bank should use.
Why this matters:
This isn't just one angry customer. The combination of expired certificates, duplicate transaction IDs, unencrypted data transmission, and fraudulent investigators suggests either systemic negligence or something more deliberate. If a major Canadian bank is using broken digital signatures and transmitting customer data without security, every BMO customer could be at risk.