Saturday, October 14, 2006

Your Federal Reserve Bank account has been accessed! Again!

Phishing is an ever-growing problem. Even if you realize the website to which you are directed is not the one from your bank, you are still vulnerable to a number of things. Check out my previous post for the serious side of things.

For some of us, it is one of growing amusement as well. I have a list of email addresses from various companies I forward phishing email to. ("Your Citi account has been violated!" yeah right.) Since I never get just one, I put the report-phishing email addresses in my addressbook. I've got one for the head of security at a credit union. The second time I sent him something, he sent back a thank you, as he hadn't seen that one or the website they were operating from. The last time I sent him something, I said any time he wanted me to stop, just let me know. Haven't heard a thing. I hope some yah-hoo doesn't decide that I'm this great world traveler, based on the "accounts" I have all over. According to the email I get, I have accounts in Alaska, Alabama, Kansas, Indiana, Texas and Tennessee. Oh, and two different accounts in Hawaii.

Man, do I travel a lot, or what?

And with Citi, BofA, Chase, Amazon.com (my credit card with Amazon had been accessed - does Amazon have a credit card?), an assortment of credit unions, the National Credit Union Association (they don't have accounts - I'm waiting for the one about my account with the Federal Reserve Bank), Visa (visa doesn't have individual accounts either), and a host of others.

I choose to be amused. And fight back. To report phishing or spam, these email addresses are useful:

reportphishing@antiphishing.org

spam@uce.gov

Monday, October 09, 2006

That wonderful no-call list

To answer the oft-asked "why don't you put your number on that list thing," that list-thing has more holes than swiss cheese. One is that it doesn't/can't apply to callers from outside the country, so I get lots of calls from guys who say their name is "John," said with a two-tone Indian lilt. I tried one time going thru with a call, to find the name of the company in the US that hired them, so I could complain. Nope, it's still an Indian company, with a generic name, that was pre-screening calls before selling information to an American company. No joy there.

The other is from companies that have a pre-existing relationship. That pre-existing relationship can be established with a simple advertising letter or postcard. Then they call. I had one guy call and ask "did you get the material I sent you last week?" To which I replied, "yes, and I threw it away." He laughed that salesman sort of laugh when they don't take you seriously. I hung up.

We used to get more than a dozen a night. There's a service from the fone company that filters all calls without caller id and sends them to the "Privacy Manager." If the person wants to talk to us, they give their name to the PM, which then calls us and tells us the name. If we want it, we accept, or forward to voice mail, or tell them to fu... go away. So now those foreign companies put "0" or "800 Services" as their caller ID. Since my fone shows me the caller id, I don't answer Mr. 0's calls. Or Mr. Services, either.

Annoyed? Me? nah. I get my revenge, more or less, by picking up the phone, blowing into or tapping on the reciever so the computer at the other end switches me to a live person. I then sit there, holding the line open, while the person at the other end says "Hello? Hello?" I had a great one the other day. The guy didn't disconnect the line before he started talking to his super. Unfortunately, it was not in a language I knew. Fortunately, the sounds of a person being trained come across in any language. Query followed by answer. Answer followed by "oh." Or by something that sounded like the guy was doing something step-by-step and waiting for approval. The call was three or four minutes in length, and was most entertaining.