On Mon, 2005-09-19 at 17:13 +1200, Andy Linton wrote:
Matthew Poole wrote:
I'm not suggesting a whole heap of education and I believe it should come from the banks along the lines of:
We will never, never, never email you and ask you to change your password by clicking on a link etc.
That's usually what they do anyway.
You will need to come into the branch and do it there.
If you do follow links and get stung then we'll treat it along the same lines as "so you met this guy in a pub and he said 'can I borrow your ATM card and pin number for ten minutes'.....".
That's absolutely what they should be doing. I just checked ANZ's Ts & Cs for online payments, and they have left themselves room to make a customer entirely liable if their account gets drained because they got phished. I doubt they would actually do so, but since they have the wiggle room they ought to consider making use of it publicly.
Hello?
"They will learn when it bites them on the arse" but "we're going to stop them getting bitten in the first place".
I said "a little proactive", not "rabidly proactive". ie: when we know the dog is loose, if we're told where it is we'll put a fence up. But we're not going to go searching for it, and we're not going to check if it is or isn't loose.
So how will they learn?
When the dog isn't behind a fence, and it bites them. There're a lot of dogs, and we can only build so many fences. -- Matthew Poole "Don't use force. Get a bigger hammer."