By Will Sturgeon, 18 January 2005 14:45
NEWS Almost half the banking customers surveyed by silicon.com believe their banks should be doing more to clarify when and how they will be contacted.
The greatest concern with this issue is the worry that unclear communication strategies can create uncertainty for phishing scams to prey upon.
And a worrying 46.7 per cent of silicon.com readers agree that their banks need to do more to clarify the ways in which they bank will contact them.
For example a number of readers have criticised LloydsTSB for 'cold calling' users with SMS text messages asking them to call a given number. Recipients who do so are asked to divulge certain personal bank details - with no two-authentication confirming they are even talking to their bank.
Another reader banking with Egg received an automated call asking him to call a given number where he was asked for certain log-in details - again with no way on the call of ensuring he was indeed speaking to a member of Egg's staff.
In the hands of criminals such approaches could easily be adapted to steal complete log-ins and passwords.
Reader Paul Green, who witnessed this system first hand, told silicon.com: "Considering how many phishing scams have been going around this year it strikes me as a little odd that Egg is carelessly behaving like the scammers."
Comments
There are 4 comments. Join the discussion
1. Simon Heywood
And e-Bay too. It is hard to tell whether an e-Bay email communication about renewal of credit card details is a scam or bona fide.
Are these people asleep?
2. anonymous
LloydsTSB Policy apparently was not to use “any E-mail” to contact customers.
Now, with phishing at its highest ever. They now bring in e-mail as part of there system.
What logic is this.
In addition they now popup on websites with there latest service to confirm that you are you and ask for details.
Yet more potential abuse.
I think that it is now time for all the banking institutions to sit down and bang there heads together and come up with one uniform standard that will be both acceptable and secure.
They are after our business and are all competing against one another.
However, with regards to the issue of security, this should be the same for all.
After all, at the end of the day it will save money for both the customer and the bank.
Or (on a sarcastic side) are they doing the dirty on each other in an attempt to get business from there competitors.
These days I think anything is possible and that at the end of the day they all need to realise that they all have a common goal.
Put them all I a room and fight it out till they get a secure system that all bank users both big and small will feel both secure and comfortable with.
3. anonymous
Most European online banking operations use two factor authenticaiton (such as a small calculator device where you insert your card). This eliminates 99% of probelms associated with fishing. Why don't they do it in the UK - cost! The ball is in the court of the banks. The banks fail to provide adequate security. How many internet banking operations are ISO17799 registered? Some figures if you can get them please Silicon!
4. Frank Smith
Seems we can't use Firefox for banking with the Hailfax and Bank of Scotland!
When I tried to set up an account I was informed I had to us IE.
I informed them that was insecure for banking, but was informed I could use IE on a Mac! ( I use Linux)
Barclays bank is fine on all browsers, and is secure.
Go Figure!!