Re: Internet ID Theft Worsens, Scares Away Bank Customers

In a message dated 11/8/05 8:27:46 PM Central Standard Time, snipped-for-privacy@telecom-digest.org writes, in a note to a posting by Jonathan Stempel < snipped-for-privacy@telecom-digest.org:

[TELECOM Digest Editor's Note: One of the major banks, Bank of > America, has considered having a picture (a .jpg perhaps?) of the > customer on line to help 'prove his identity', so that if a phisherman > comes along asking you to do something allegedly for BOA, _your_ > picture will have to be part of whatever _authentic_ request is made > by the bank. All well and good, I suppose, but what prevents the > phisherman from adding the same .jpg files to his pitch letters? PAT]

The bank provides a selection of pictures from which to make your selection. You also give the picture a name.

After you enter your username, the picture and the name you gave it is displayed with a warning not to enter your password unless the proper picture appears along with the name you gave it. Then it allows you to enter your password.

Presumably it will be more difficult for the operator of a phishing or fraudulent site to find and display the proper picture and the name you gave it. Why someone would respond to an e-mail request supposedly from a bank by clicking on a link in the e-mail is beyond me anyway.

Wes Leatherock snipped-for-privacy@aol.com snipped-for-privacy@yahoo.com