Posted by
CmdrTaco
on from the stuff-to-think-about dept.
mleachpdx writes "This blog entry probes into the details of an online banking phishing scam and suggests some fraud deterrence and detection measures."
ways to prevent online fraud?
by
Anonymous Coward
·
· Score: 5, Insightful
why not give consumers one time access (through pads)? This is done in Japan and works well there. Maybe consumers here would lose their card? The card isnt electronic its just card with pin numbers that you scratch off each time you use the PIN number.
Banks should STRONGLY educate consumers to never expect emails from the bank that contain links.
The wrost ones are...
by
ScooterBill
·
· Score: 4, Insightful
The EBay request to verify account information. I've received this several times. Perhaps the financial institutions don't do much because a small country in Africa isn't going to let U.S. law enforcement take care of the problem. Too much corruption is usually the case.
The maxim I always use is: The company that holds your account never needs to ask you for your password since they already have it.
Something many probably don't know is that your local police dept. probably has a high tech crimes unit. They will investigate and prosecute illegal activites like snooping around your company network. They can be very helpful.
Enough already with this "a blog entry says" stuff. Can we please get some ACTUAL news on this site and not just someone's rantings on a BB? Is that too much to ask?
-- I'm not a prophet or a stone-age man,
I'm just a mortal with potential of a super man.
Re:Solution: You authorise the bank first
by
legirons
·
· Score: 4, Insightful
"When you sign up, the bank asks you for your 'personalised code', and that will be displayed in every email you recieve from the bank. If you dont see that code in your email, or it's wrong, you know its fraudulent."
And this code would be sent through which secure email-delivery system exactly? Plaintext SMTP on the internet, like all the other emails from your bank?
Hell, banks don't even sign their emails. Many of them don't even know what PGP is. How many of us have had conversations with our banks along the lines of:?
You: I just got an email purporting to be from you
Bank: Yes, that's right
You: So how do I know it's real without phoning you
Bank: Because it's got our name in the From field
You: Did you ever consider signing your emails
Bank: OUR INTERNET IS SECURE, WE USE HTTPS WEBSITE!!!
why not give consumers one time access (through pads)?
This is done in Japan and works well there. Maybe consumers here would lose their card? The card isnt electronic its just card with pin numbers that you scratch off each time you use the PIN number.
Banks should STRONGLY educate consumers to never expect emails from the bank that contain links.
The EBay request to verify account information. I've received this several times. Perhaps the financial institutions don't do much because a small country in Africa isn't going to let U.S. law enforcement take care of the problem. Too much corruption is usually the case.
The maxim I always use is: The company that holds your account never needs to ask you for your password since they already have it.
Something many probably don't know is that your local police dept. probably has a high tech crimes unit. They will investigate and prosecute illegal activites like snooping around your company network. They can be very helpful.
Enough already with this "a blog entry says" stuff. Can we please get some ACTUAL news on this site and not just someone's rantings on a BB? Is that too much to ask?
I'm not a prophet or a stone-age man,
I'm just a mortal with potential of a super man.
"When you sign up, the bank asks you for your 'personalised code', and that will be displayed in every email you recieve from the bank. If you dont see that code in your email, or it's wrong, you know its fraudulent."
And this code would be sent through which secure email-delivery system exactly? Plaintext SMTP on the internet, like all the other emails from your bank?
Hell, banks don't even sign their emails. Many of them don't even know what PGP is. How many of us have had conversations with our banks along the lines of:?
You: I just got an email purporting to be from you
Bank: Yes, that's right
You: So how do I know it's real without phoning you
Bank: Because it's got our name in the From field
You: Did you ever consider signing your emails
Bank: OUR INTERNET IS SECURE, WE USE HTTPS WEBSITE!!!