Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Financial Quagmire Bringing Out the Scammers

Posted by timothy on from the brother-where-is-your-empathy? dept.

coondoggie contributes this snippet from NetworkWorld: "You could probably see this one coming. With all of the confusion and money involved you knew there would be cyber-vultures out there looking to cash in. Well the Federal Trade Commission today issued a warning that indeed such increased phishing activities are taking place. Specifically the FTC said it was urging user caution regarding e-mails that look as if they come from a financial institution that recently acquired a consumer's bank, savings and loan, or mortgage. In many case such emails are only looking to obtain personal information — account numbers, passwords, Social Security numbers — to run up bills or commit other crimes in a consumer's name, the FTC stated."

5 of 272 comments (clear)

  1. My SOP for Bank E-mails by istartedi · · Score: 4, Informative

    1. Delete e-mail.

    2. Log in to bank via their web site.

    What scares me is that while this guards against the garden variety phishing attack, it can't protect me from an ISP DNS compromise. Running *NIX on your home PC or using a Mac can't protect you from that either, so don't get smug. It's a good idea to find an "obscure" yet stable feature on your bank's site. Phishing sites may not take the time to duplicate it. If you know the bank is based in New York, and you traceroute it to Bulgaria, that's a bad sign too. I have to admit I'm not that paranoid though.

    At the very least, 1 and 2 should be SOP for everybody. Financial institutions shouldn't put any kind of hypertext in a mail, and really ought not to even be using HTML mail which was evil right from its inception. I can dream, can't I?

    --
    For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
    1. Re:My SOP for Bank E-mails by Phroggy · · Score: 2, Informative

      What scares me is that while this guards against the garden variety phishing attack, it can't protect me from an ISP DNS compromise.

      Please stop spreading FUD. SSL certificates protect against DNS compromises, because your browser's database of certificate authorities does not depend on DNS to operate. As long as you use your bookmark (instead of clicking the link in the e-mail) and you see the little padlock icon and you don't get a warning message about a problem with the certificate, you're fine.

      I say use a bookmark because https://www.bankofarnerica.com/ and https://www.weilsfargo.com/ look pretty close to legitimate (depending on your font). SSL doesn't protect you from misspellings.

      --
      $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
      $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
  2. Re:well ... by FLEB · · Score: 2, Informative

    That's a list, not a run-on.

    --
    Information wants to be free.
    Entertainment wants to be paid.
    You just want to be cheap.
  3. Re:*illegal* scammers by mosb1000 · · Score: 4, Informative

    http://en.wikipedia.org/wiki/Community_Reinvestment_Act

  4. Re:*illegal* scammers by nomadic · · Score: 4, Informative

    I will listen to that. CONVINCE me that your viewpoint is the correct viewpoint. I won't listen to "he's a weirdo" non-arguments.

    I don't have to convince you of anything.

    But let me ask a simple question; if it was the mean ol' government forcing these noble banks to make loans to people who wouldn't pay them back...

    Why were so many of these bad loans made by banks that weren't being told to make them by the government? Why were so many of these loans made that had zero connection to either Freddie Mac or Fannie Mae? Why won't any of you the-free-market-always-works types answer these questions?