Cleaning house of the many services which drain my bank account monthly without me noticing, I observed what I have decided to call the Cancellation Ease and Sleaze Scale in action. At one end there’s Questia, the online research portal, where cancelling is relatively straightforward. Click on a link called “Account information” and there’s a clear link to “Cancel your subscription plan:” The text then reads: If you would like to cancel your Questia account, click the button below to begin the cancellation process. Apart from the rather odd “Cancel” button at the bottom of this (Cancel the account? Cancel the transaction? No other options available?)
This just landed in my inbox: more proof, if it were needed, that banks are dumber than a sack of nails when it comes to security. Or they just don’t care: The email comes ostensibly from HSBC’s Singapore office. But it’s actually mailed by 8rewardsroad.com, a Singapore-based marketing company with a somewhat dodgy website. (As in the pages don’t seem to load without Flash and some pretty awful stuff.) They claim among their clients HSBC and OCBC, another Singapore bank. In other words, no easy way to tell whether the email is really from the bank or not. The email itself offers up to $S400
By Jeremy Wagstaff (This is a copy of my weekly syndicated column) You really don’t need to thank me, but I think you should know that for the past 10 years I’ve been fighting a lonely battle on your behalf. I’ve been taking on mighty corporations to rid the world of spam. Not the spam you’re familiar with. Email spam is still around, it’s just not in your inbox, for the most part. Filters do a great job of keeping it out. I’m talking about more serious things, like eye spam, cabin spam, hand spam, counter spam and now, my most recent campaign, ATM spam.
(Update: corrected a few things. You can’t see the person’s bank account number. But you can see anyone’s phone bill, whether or not they’re a customer of that bank.) — Here’s a hole in Internet banking that allows anyone with an account at a bank to look up other customers’ people’s bills–tax, water bill, Internet bill, landline, cellphone—so long as they have that person’s account or phone number. This means, for example, I can enter a telephone number and—so long as that person pays their phone has an unpaid bill at that bank—I can find out their name. Think of it as a reverse phone
Further to my earlier piece about the scamming potential of Web 2.0, here are a couple more examples of why social engineering is a bigger problem than it might appear. First off, governments and organisations are not as careful with your information as you might expect them to. There are plenty of examples of CD-ROMs and laptops going missing, but often even that doesn’t need to happen. Some governments openly publish such information on the Internet. Indonesia’s minsitry of education, for example, has published the names, addresses, age, date of birth, school and education number of 36 million Indonesian students in easily downloadable XLS format.
Social networks are not really social—they’re informational. While they may appear to be social, and perhaps we flock to them and participate in them because we feel a need to socially connect, the real currency is information. Whereas we might go to a bar, a cocktail party or a dinner and spend 90% of our time talking about things that are not important to us, just to maintain and keep alive that social ‘space’, and 10% exchanging really usable and useful information, online the percentages are probably inverted. Looking at my Facebook inbox, the last 10 exchanges have been about arranging to meet a professional
Increasingly I find that if I enter a search on Google for something that I need explaining to me, the first result is a book. Of course, the book is in Google’s Book Search, but chances are the search is in a page that has been scanned and is available without having to buy the book. What I’m not clear about are the implications of this. (The above example is from me finding myself watching a UK quiz show from 2001 on the BBC’s Entertainment Channel, which I noticed is free this month on our local cable network. As a long-term expat I find these
Banks always talk about being global, and thinking local, and all that tosh. And it is tosh. Really. My bank just called me, for example, to congratulate me for linking my bank accounts in different parts of the world so I can see them from one website. Great idea, weird it hasn’t been possible until now. But I couldn’t help smiling to myself at its limits. The conversation went like this: “Mr Wagstaff Jeremy Rupert John (they seem to call me this, I guess it sounds better), do you have any questions or feedback for us on our service?” “Well, I found I couldn’t remember
It amuses me that banks talk about security but rarely apply it in a consistent enough way to save people like you and me from getting scammed. Take what just happened to me this morning: My bank rings me up (the number is a private number so doesn’t show up on my screen, but that doesn’t seem to be unusual anymore; nearly half of the people who call me seem to withhold their number these days. In any case, it’s not hard to fake a callerID.) The woman on the phone tells me there’s been a problem with my last phonebanking transaction. Before she can
For those of you who thought the former Thai prime minister Thaksin Shinawatra was living it up in Europe buying soccer teams, you’re wrong. He’s having serious financial problems and needs your help, according to this email I just received in his name: Good day. This may appear a bit surprising to you but very sensitive; as a matter of urgency, I am desperately looking for a foreign partner whom I can trust to handle some investment or fund movement under is control for security reasons. I am Mr. Thaksin Shinawatra, Former Thailand Prime Minister, I went on exile for some months over allege assassination