[Dshield] Banks Openly Inviting Email Fraud
sama at snowplow.org
Tue Feb 24 04:07:49 GMT 2004
I never open the email, I just logon to capitalone.com to look at it :)
Nor would I had done any of the other stuff.
But, I'm also not the average user, I'm a Systems Engineer who handles
a major company's firewall/internet/extranets/proxies and then some
infrastructure... so I know better :)
But it certainly helped to illustrate your point, which was also why I
posted it. I will most certainly be contacting them regarding this and
pursue it as much as I can. It's really incredible as you point out that
a financial institution would do this.
> A couple of question:
> 1) After having received the above email, if the message had contained
> a link to go check your online statement, would you have clicked on
> it without giving it a second thought?
> 2) If the link that you clicked on had prompted you to enter your name,
> credit card number, and PIN in order to access your online statement,
> would you have done so without giving it a second thought?
> Even if you hesitated to do so, imagine how many people would have readily
> entered that information without giving any consideration to the potential
> consequences of having done so! Especially, if they just received a prompt
> dialog box with no URLs or anything else that may give an indication of a
> bogus URL in action.
> Thank you for helping me illustrate my point!
More information about the list