For Finextra's free daily newsletter, breaking news and flashes and weekly job board.
I can report the following: receive email alert from bank indicating over-spend (a threshold spend exceeded). I view online banking to see that there is no sign of transactions there. I get curious (panic). I think it is a phishing attempt. Call bank.
Incur time and cost. Turns out the transactions are 'pending' and not visible to me online yet, but I still get alerted with an email (which only showed the last small txn, not the large one causing the alert before it).
So all in order, but damn confusing. First time I reported it as suspected phishing (heard nothing). Second time I called. Third time... maybe I will have learnt the deficiency.
To your point(s) - I cannot tell a real alert from a phishing one!
In ten years of using internet banking I have never, ever, received a phishing attempt addressed to me by name - they are always dear customer. My bank sends e-mail addressed to me by name and also provides my postcode.
I'm quite happy with my bank security. If people are foolish enough to respond to e-mails that are not addressed to them, then they have to face the consequences.
Like I'd pointed out here over a year ago, even non-gullible and technically savvy people would find it difficult to distinguish between a URL like easteroffers.mybank.com
(which belongs to my bank and is therefore genuine) and another one like mybank.easteroffers.com (which does not belong to my bank and is quite likely fraudulent). So, refraining from clicking a hyperlink on an URL and instead copying and pasting the URL on
the browser's address bar is not so foolproof either. IMHO, people are not as gullible as phishers are savvy. Some banks send emails to me with my name, others don't. The only foolproof counterstrategy against phishing that I could think of was for the bank
to authenticate its website to the customer by displaying a preselected image at logon. I know a few banks who do it. Others should, too.
Technology Product Director
29 Nov 2010
This post is from a series of posts in the group:
This community is for discussion of developments in the e-banking world, including mobile banking. This can include all the functional, business, technical, marketing, web site design, security and other related topics of Internet Banking segment, including public websites of the banks and financial institutions across the globe.