Yeah, locking the PIN is the route to take. You should definitely change your password too though to ensure that your account remains secure, and just on the off-chance you've been phished, check for any sub-accounts that you haven't created yourself. As an aside, do you have auto-withdraw enabled? Check that your auto-withdrawal addresses are the same as what you set them as. If they're not, or if there is a sub-account that you haven't created then you've fallen victim to phishing. If that's the case, message Vendor Support immediately. Libertas