March 31, 2006

Random Pennies

A curious remark from a German bank called Postbank about their desire to use digital signatures:

The electronic signature, which the bank attaches to its e-mail, is issued by TC Trust, the German subsidiary of GeoTrust.

Only Postbank customers using e-mail applications with both S/MIME authentication and TC Trust certification will receive a certification symbol, confirming that the text message is from the bank, according to Ebert.

Currently, only Outlook supports the Postbank service, he said.

Confused. I think he means that TC Trust's root isn't in other mail clients. More curioser is this:

Plans are underway to switch the certification service from TC Trust to VeriSign, which already provides certification services for Postbank's Web pages, according to Ebert. "We started with TC Trust but we think it's better to have everything with Verisign, which is more widely used," he said.

While on the subject of phishing (Internet fraud maybe being the #1 topic in netnews over time) here's a list of myths in phishing:

Secure, encrypted web page indicates a valid website - Contrary to a popular advise, never rely solely on "https://" prefix or padlock icon that indicate a "secure" page. It is possible for a phishing website to have a valid SSL certificate.

Yeah, heard that one before :) There are 10 more. Meanwhile, the US DoJ conducts a large survey and finds:

About 3 percent of all households in the U.S., totaling an estimated 3.6 million families, were hit by some sort of ID theft during the first six months of 2004, according to DOJ data set to be released Sunday. ... According to the DOJ's numbers, credit card misuse is the most common consequence of identity theft. It accounted for about half of the cases of identity theft that the survey tracked, Baum said.

Of the other identity theft victims, about 25 percent had banking and other types of accounts used without permission, 15 percent had their personal information misused, and about 12 percent faced a combination of several types of ID theft.

The average loss from these crimes amounted to US$1,290, with two-thirds of respondents saying that the theft cost them money. Based on these numbers, the nationwide estimated loss during the six months of the study amounted to $3.2 billion, for an annualized total of $6.4 billion.

Risks points at a costly burger mistake:

Four burgers at his neighborhood Burger King cost George Beane a whopping $4,334.33.

Beane ordered two Whopper Jr.s and two Rodeo cheeseburgers when he pulled up to the drive-through window last Tuesday. The cashier, however, forgot that she'd entered the $4.33 charge on his debit card and punched in the numbers again without erasing the original ones - thus creating a four-figure bill.
...
Terri Woody, the restaurant manager, said Burger King officials tried to get the charge refunded. But the bank said the funds were on a three-day hold and could not be released, Pat Beane said.

The hold is designed to prevent customers from spending money that no longer is available in their accounts and to let the bank confirm a transaction is legitimate before transferring funds, said Bank of America supervisor Joel Solorio.

Could have been worse ... could have happened on a stock exchange.

Posted by iang at March 31, 2006 10:42 AM | TrackBack
Comments
Post a comment









Remember personal info?






Hit preview to see your comment as it would be displayed.