Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
Luckily we don't have this in Denmark, in fact most banks tell you that they will never contact you and ask for that kind of information.
I blame the banks.
Posted Dec 19, 2008 16:14 UTC (Fri) by dwmw2 (subscriber, #2063)
Posted Dec 19, 2008 22:35 UTC (Fri) by oak (subscriber, #2786)
Same thing in Finland (I think it had even been mentioned in TV news when
there was a first large email phishing attempt in Finnish instead of the
normal English spam...).
Posted Dec 20, 2008 0:11 UTC (Sat) by giraffedata (subscriber, #1954)
In the US, banks always remind us that they will never ask us for a password on the phone. However, they must ask for some kind of weak authentication because they don't know who answers the phone and people are so paranoid about privacy now, they would not tolerate a bank telling another member of the household about their bounced checks. That weak authentication could be a birth date or something. I presume that when the recipient isn't willing to let that information out, they offer the alternative of the recipient looking up the bank's customer service number and calling back.
Many of us are not scared enough to bother; we just give them the information. The actual risk to you from someone knowing your birth date or bank account number is much less than the media hype indicates.
Posted Dec 20, 2008 5:32 UTC (Sat) by mgb (guest, #3226)
Posted Dec 20, 2008 11:01 UTC (Sat) by rwmj (subscriber, #5474)
I can confirm dwmw2's account - my UK bank called me up recently,
with blocked caller ID, and then demanded security details. I told
them where to go of course, but I later got a secure message through
their authenticated web service which confirmed it was in fact them.
Ironically, perhaps, the call was about that other ludicrous
UK bank invention - "Verified for Visa". (a.k.a "we verified that you
will take the blame, not Visa"). The one where you get taken
to an iframe on a 3rd party site which asks for your security details.
My inquiry which prompted the call was to ask when they might
actually implement something secure, such as credit card device
that generates one-time keys.
Posted Dec 20, 2008 11:17 UTC (Sat) by dwmw2 (subscriber, #2063)
"My inquiry which prompted the call was to ask when they might actually implement something secure, such as credit card device that generates one-time keys."
Posted Dec 20, 2008 11:23 UTC (Sat) by rwmj (subscriber, #5474)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds