Why the FBI Director Doesn't Bank Online 360
angry tapir writes "The head of the US Federal Bureau of Investigation has stopped banking online after nearly falling for a phishing attempt. FBI Director Robert Mueller said he recently came 'just a few clicks away from falling into a classic Internet phishing scam' after receiving an e-mail that appeared to be from his bank."
After reciving an e-mail that appeared... (Score:5, Interesting)
Why does he even consider any such e-mail worth reading?! That is the biggest fail in the chain of his doings....
OK, so he doesn't bank online.. (Score:3, Interesting)
..because he does not understand simple concepts about human nature and, resulting from this, the way in which modern banks conduct their business (e.g. never sending out mails about internet banking/passwords), and is apparently oblivious to the concept of such scams even though it has been reported in the mainstream press over and over again.
Somehow, it worries me that such a person would be the head of the FBI. Good thing I don't live in the States then, although I have reason to expect [youtube.com] things aren't much different where I live.
That link is in Dutch, but you can still gather the idea from watching the movie. What you see is the prime minister (at the time) of the Netherlands who clearly has no clue whatsoever what a computer mouse is for and how it should be used (he attempts to use it like a TV remote). A six year old (!!) girl (!) then helps him out in sending an e-mail. This happened about 10 years ago, but mice had been 100% mainstream for at least a decade then (since Windows 3.11 at least - I mean, if six year old girls know, you can be pretty sure it was well out of nerd-territory by then).
The scary thing is that *these* are also the kind of persons in positions to come up with laws and regulations regarding the internet, filesharing, etc.
Re:After reciving an e-mail that appeared... (Score:2, Interesting)
I will admit to almost falling for one the other day.
I marked the e-mail as phishing and it has since been deleted, but it came from "bank of america" and linked to a quite formal looking page asking for info.
it came simoultenious to my having trouble with Bank of America online system (they took over my mortgage account and it has been a pain getting into the online payment since).
I was looking at it, frustrated it was only a solution for credit card issues, and then realized the site was support.com not bank of america.
Maybe I am particularly stupid, but I don't think so.
Re:After reciving an e-mail that appeared... (Score:5, Interesting)
I would suspect you are right. I don't really know what Robert Mueller's background is (quick look at wiki says marines and law), but I suspect that he wasn't directly involved in cybercrime of any sort. Sure, he gets to make the ultimate decisions, but with lots of advisers/what not who (hopefully) know their stuff.
And hey, at least he didn't ACTUALLY fall for it.
Random note:
The emails you do get from various online institutions don't look all that more legit than the ones from the scamers. I have received 2 notices that an account of mine had been compromised, and I was prompted to login (via a link) and reset my password. One of these was my EBay account I hadn't touched in years. I nearly just binned the email with out even opening it, but curiosity got the better of me and I read through it, checked the links, etc etc, and everything seemed legit, despite looking like a classic phishing attempt.
Re:After reciving an e-mail that appeared... (Score:2, Interesting)
Re:After reciving an e-mail that appeared... (Score:3, Interesting)
Personally I find the access to account history with the lower security level (just password) convenient and it massively cuts down on how often I need to use the security token since you usually want to check account balance/recent history much more often then you do transfers to outside accounts.
Anyhow the option to turn off low security banking all together should exist for the paranoid, what good exactly is a low security login to a phisher if you assume the telephone banking isn't doing bad assumptions about what is and isn't secret?
Re:Baby with the bath water? (Score:5, Interesting)
Mueller said. "Intruders are reaching into our networks every day looking for valuable information. Unfortunately they're finding it. "
wait; who, again, are the bad guys?
given their MO, I consider the feds and police to be 'bad guys' when it comes to their perceived right to 'sneek and peek' any damned place they want for any reason at all. attach a gps to your car? no problem. and on and on it goes.
the government is THE WORST INTRUDER in our personal lives, these days.
I worry much less about criminals. they have a lot less power over me and once they do their deed, they're gone from my life.
Re:After reciving an e-mail that appeared... (Score:3, Interesting)
No he can't because the specific point does not exist. The text someone would mostly likely cite (a few page somewhere in the 50s IIRC the last time I checked one of the house bills) is about healthcare provider to insurance provider payment transactions.
Re:A novel concept... (Score:4, Interesting)
At my university back in 2003, several professors in the Computer Science Department fell for those "Windows Security Patch" attachments sent by email from the "Microsoft Security Department."
I'm ashamed to admit that I almost double-clicked the exe file myself before thinking better of it...
Re:After reciving an e-mail that appeared... (Score:3, Interesting)
Code-pages are shockingly irrelevant in DNS lookups.
Also, quouth the wiki: