« In 2006, 86% of credit card direct mail included online options | Main | NetBankerJobs Launches with Special Offer »

Is There Anything Left to Phish? Fake Wells Fargo Credit Card Authorization Notification

By Jim Bruene on March 6, 2007 3:34 PM | Comments (0)

I hate phishing. Not only has it cost the world's financial institutions tens of millions in fraud losses, it's just about killed the email channel in terms of getting your customer's attention in a timely fashion, and it's diverted management's attention from much-needed online marketing improvements. That's much worse than the actual fraud losses. 

Like most people with widely published email addresses, I get a half-dozen phishing messages every day (note 1). I rarely give them a second look unless they purport to be from my bank. Almost all of them are placed in the junk folder by Outlook, one of the nicer services of Microsoft Office.

Phishers have to be much more creative these days. The time has past when a few paragraphs of broken English and the bank's logo could net the fraudsters a few extra coins. Now I get fake emails asking me to verify my security settings, authorize account changes, or claim a sweepstakes prize.

Wells Fargo credit card authorization phish CLICK TO ENLARGE For example, today I received a fake credit card authorization request from Wells Fargo (see inset). I'm not sure why it prompted a blog entry. Maybe because I use a Wells card or maybe because I've been talking to mobile banking execs about this very subject. But the fake was good enough to force me to take a closer look. The biggest clue is the wrong format for the USD charge, using a "comma" instead of a decimal point between the dollars and sense. But otherwise it's pretty good, and may even net a few card numbers before its taken down.

Analysis
I am optimistic that email can still be effective if financial institutions clearly personalize their messages (see samples here and here). However, gaining customer trust back, especially for security-related messages, is a long-term project. That's why we are telling financial institutions to invest in RSS/XML feeds (Online Banking Report #135/136) and/or mobile banking (Online Banking Report #138/139) in order to reach their customers in a way that is less prone to fraud, at least for now.

Notes:

1. A great online repository of phishing examples is housed at MillerSmiles.co.uk

2. There's a whole book on phishing, click on cover above to go to Amazon's description of the title.

Comments (0)
Categories: Phishing , RSS , Security & Privacy

Most Recent Posts:

TrackBack

TrackBack URL for this entry:
http://www.netbanker.com/cgi-bin/mt/mt-t.cgi/511

Leave a comment

Sponsors

BackBase IntelliResponse Yodlee FinovateEurope 2012

Events

  • FinovateEurope 2012 -- On February 7th, 2012, the second annual FinovateEurope will feature dozens of Europe's newest fintech innovations via a fast-paced demo-only format in the financial capital of London. 7 minutes each on stage. No slides allowed. Come watch the future of fintech in Europe unfold live! Get your ticket today and lock in your spot before it is too late!
  • FinovateSpring 2012 -- On May 8th & 9th, 2012, Finovate will return to San Francisco for our 5th annual west coast showcase of the newest fintech innovations from Silicon Valley and beyond. Each company gets 7 minutes to demo live. No slides allowed. Come watch the future of fintech debut! Get your ticket today and save big!

Research

  • NEW! Online & Mobile Banking Forecast: Current, future and historical usage: 1994 to 2021 - Find out more
  • NEW! Selling Insurance Online (Banking Edition): Can insurance help fill the fee-income gap? - Find out more
  • NEW! True Virtual Banking Has Arrived: BankSimple, Personal Capital, Betterment and others go branchless, paperless and “bank-less” - Find out more
  • 2012 Guide to Online & Mobile Banking Products, Pricing & Strategy: Preparing for a mobile-first world - Find out more
  • Family Banking: Tweens, Teens & their Parents: In a remote banking world, your most-promising prospects aren’t even driving yet! - Find out more

 

   

RSS Subscribe via RSS
RSS Subscribe to Comments


Email:


@NetBanker Twitter Feed


See all @NetBanker tweets