LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

LWN.net Weekly Edition for June 6, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

I blame the banks.

I blame the banks.

Posted Dec 20, 2008 0:11 UTC (Sat) by giraffedata (subscriber, #1954)
In reply to: I blame the banks. by oak
Parent article: "Vishing" advisory targets Asterisk

In the US, banks always remind us that they will never ask us for a password on the phone. However, they must ask for some kind of weak authentication because they don't know who answers the phone and people are so paranoid about privacy now, they would not tolerate a bank telling another member of the household about their bounced checks. That weak authentication could be a birth date or something. I presume that when the recipient isn't willing to let that information out, they offer the alternative of the recipient looking up the bank's customer service number and calling back.

Many of us are not scared enough to bother; we just give them the information. The actual risk to you from someone knowing your birth date or bank account number is much less than the media hype indicates.

(Log in to post comments)

I blame the banks.

Posted Dec 20, 2008 5:32 UTC (Sat) by mgb (guest, #3226) [Link]

I cancelled my Earthlink account recently because there was no way to call back to Earthlink's "finance department" in India. I'm not going to give someone a new credit card number just because he claims he's with Earthlink. Very dumb move by Earthlink.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds