OT: a new scam

I said the same to my bank once. And got a similar reply. As I mentioned they said 'call the number on your credit card'. So I did.

yes.

I have never been inside my bank branch (which for peculiar reasons of takeovers and mergers was not my nearest branch with bank name on it).

HSBC and several others have recently closed their branches. The High Street now quite literally has several "holes in the wall" where bank machines used to reside. Last men standing are Barclays and Santander.

The rules here are:

1) Ignore any texts purporting to be from an organisation such as a bank or delivery cpy, where the text has a link for you to follow. 2) Examine carefully any emails similar to the texts of (1), above. (When I created my email client, I added code such that hovering over a purported link in the email puts up a tip showing the actual web address you'd be going to). 3) Banks make it quite clear they'll never call you asking for password etc details. Any sales calls or supposed calls from banks, just hang up the phone. One can of course do that at any time with any phone call.

How we operate any bank accounts we might or might not have, I won't be sharing with you chaps, sorry.

The millennial snowflakes cant use a keyboard. They have to do everything on StupidPhones

cant do that with a phone either. You have to physically get it to a bank.

Indeed, one of the things I try to get across when training people on this stuff, is that the moment you think "I am too smart to get caught out like this" you are more rather than less vulnerable. It only takes the right circumstances to come together, and you can get fooled. As you say it is the defence in depth that then matters.

then why do you have a pin sentry?

ISTM that a pinSentry device or similar is reasonably secure as it is not communicating over any network, just reading your card and interacting with you. And it comes with any software already built-in.

An app on a phone, would be a lot less secure as it could be buggy, and you could anyway have been fooled into downloading a fake version. The supposed extra benefits of using an app don't appear to amount to a hill of beans.

Anyone seen The Sting?

Canterbury has those two, also HSBC, NatWest, Lloyds, and the Metro Bank (whoever they may be).

Because two years ago I got the impression it would be essential, so I went into the bank and asked for one. Was given it, no questions asked,

Whenever I get a call (unsolicited) and they start conversation with 'I just need to go through security' I tell them, you called me, I am not giving you any security information.

I'll call my Bank (or whatever) and then they route me to you ....... several hang up at that point, genuine callers agree.

Credit Card companies I find are the most difficult

also ignore phone calls from "Visa Security".

Some banks now allow you to pay cheques in by photographing the original from their app. The same functionality is not present in web banking.

My bank will allow me to send a photo of a cheque in conjunction with a phone app.

I am expecting since this mornings delivery a couple of parcels. However its not hard to tell the fake emails from the genuine ones. The genuine ones tally with orders you have placed and do not ask for money

I doubt it's insecure if coded well, but it *isn't* private. Everything done with it on an Android phone will be viewable by Google.

Unfortunately about half of the valid emails I receive use this means to e.g direct you to a parcel tracking page. Or a meter reading page.

This is more sensible.

Unfortunately, they have done so twice in my experience: once to query a transaction they thought might be fraudulent and then a gain to a friend recently to try and get him to clear an overdraft.

Nothing private or secret here. 100% online or debit card in a card reader at a retail outlet. Pin sentry equivalents on all accounts. NOTHING on my StupidPhone.

You can hack a stupidphone, you can't yet hack my brain for my PIN which is the first one I was ever given by Barclays bank in around 2000.

I have never needed to change it.

I have never had my bank accounts compromised.

which is why it shows you a word or phrase chosen by you, to prove it isn't fake.