Transfer all your money out and close the account. Get a whole new account. Also I would dump the email you used with the account. More than likely your details are on a website where that information is traded. People will continue to access your account to try to steal your money. It's also possible you have a key logger on whatever device you use to access your account.
You need to reformat your hard drive and reinstall the operating system on the computer you're using to access the account. As already pointed out its possible that you have malware installed that is trasmitting your personal details to hackers.
Run Malwarebytes, ADW Cleaner, and rkill in safe mode. I'm sure it will find the culprit.
Change the password on your email account, this is a common way hackers gain access. And make sure to use different passwords on every site.
I pretend to work, they pretend to pay me. I have pretend credit cards with pretend limits, so I can pretend to buy pretend things and pretend to pay the bills.
I had told the Company to remove this transfer service from my account and they said they couldnt do that. There does not seem to be much security with this Blue Bird American exspress card. Do they prosecute the Individuals doing this? I am waiting for the Investigation of this fraudulent act.
Others have already spoken about the risk of compromise and what to do, so I'll speak to this part instead.
The ability to transfer money from an account is pretty integrated in most financial services applications, so I'm not surprised they can't disable it. That said, there are typically pretty good security measures you can implement in order to prevent what you describe from happening. Find a bank that does additional verification and bank with them instead. For example, some accounts will require you to verify a transaction by them sending a text or email to a known and confirmed phone number or email. This means if someone does get into your account, they can't send money unless they also have access to your phone and/or email inbox. Some institutions require you to set up trusted accounts money can be sent to in advance, whereby they verify account numbers and do dummy deposits that you must verify. Initiating this process sends notifications to the account owner so you would have been instantly notified of their actions, and since the verification takes a few days, you'd have had plenty of time to correct the situation before any money was transferred.
As for prosecution, that's just not how the law works in cyberspace. If you're lucky, the people who did this are morons and they did nothing to protect themselves from prosecution - namely, they didn't hide where they came from and they did the transaction from a computer in the US. Even then, they have to have done at least so much financial damage before LE is going to waste many cycles on it, and frankly a couple thousand dollars by itself isn't going to raise any eyebrows at the local FBI branch. If they nabbed a million or so from multiple hosts, then you got a chance.
Most kiddies are dumb, but a little more clever than that. Instead, they'll jump through a proxy or a compromised host on their botnet that sits in a country with different (or no) cybercrime laws. This both makes it harder to track, particularly if they cleaned up after themselves on the springbox host, and difficult to prosecute since the law typically says the country where the computer that the deeds were done from is the one who gets to apply their laws to the case. If they trace it back to a computer in Russia, Brazil, China, or a number of other countries, good luck ever seeing anything come of it.