A good amount of money has been stolen from my bank account bypassing the double factor authentication.

I tried to pay with golddust but they would not accept it.

Just the ridiculous things disruptors do. (And how it affects us ordinary people standing in line)
 
Phishfry said:
Its like the grocery store. I go in for fast trip and some moron is trying to pay with their phone.
They need a moron line for people who want to pay with silly ways.
Click to expand...
I've seen places where people have their act together, the phone works, the money is there, procedure is a habit that has been streamlined - AND the store is actually set up to properly accept phone-based payment, the payment machine is in good working order.

I've been held up in grocery stores where a karen in front of me tries to write a check, and it bounces. That customer had no idea that she has no money in the account? WTF??? And I've seen people who had exact change in coins (yep, even pennies) get through the line in a reasonable amount of time.

Payment method doesn't matter, it matters that both store and customer have their act together.
 
astyle said:
I've seen places where people have their act together, the phone works, the money is there, procedure is a habit that has been streamlined - AND the store is actually set up to properly accept phone-based payment, the payment machine is in good working order.

I've been held up in grocery stores where a karen in front of me tries to write a check, and it bounces. That customer had no idea that she has no money in the account? WTF??? And I've seen people who had exact change in coins (yep, even pennies) get through the line in a reasonable amount of time.

Payment method doesn't matter, it matters that both store and customer have their act together.
Click to expand...

People act differently depending on the medium of communication and therefore also the medium of exchange they have in their "hands". For example, in a textual chat, you may or may not say things that you would or would not say in real life. So,in a hypothetical system where money doesn't circulate, but goods and services are exchanged, people will express different emotions and behaviors than in a system where the medium of exchanges is only their monetary value. However, I believe that exchanging something tangible creates fewer distortions than exchanging their corresponding values.
 
cy@ said:
Don't tell people they need to become propeller heads when they don't need to.

Please don't scare people into building their own infrastructure when more user-friendly options exist.
Click to expand...
That's your point, not mine and I don't want to frighten anyone. I am just saying how I do it to avoid problems with mail.
That's my way to do it.
And you don't have to tell me what I have to write or not on this forum. I find you a bit pedantic.
 
In principle, you're right, but this thread is about someone being scammed. We should focus on solving the problem using the simplest means possible. You wouldn't recommend someone go hunting when they're hungry and the supermarket is only two blocks away.
 
facedebouc said:
That's your point, not mine and I don't want to frighten anyone. I am just saying how I do it to avoid problems with mail.
That's my way to do it.
And you don't have to tell me what I have to write or not on this forum. I find you a bit pedantic.
Click to expand...
The heart of the matter is what you wrote isn't relevant to solving the problem. Why talk about? Why tell or even imply people must run their own SMTP server to solve the problem?
 
cy@ said:
The heart of the matter is what you wrote isn't relevant to solving the problem. Why talk about? Why tell or even imply people must run their own SMTP server to solve the problem?
Click to expand...

It seems that using his method solves the problem. Unfortunately,however,it adds more complexity and this bring more problems. At the end,for one problem solved,more problems will come,so there isn't a good balance.

Maybe facedebouc could remember the KISS phylosophy... (Keep It Simple Stupid).
 
It seems to me that a simple rule would be never to click on a link in an unsolicited email that purports to come from a bank. Instead log into the bank's own website separately to check whatever it is that they are asking. At least, that is what I intend to do as a result of reading this thread.
 
blackbird9 said:
It seems to me that a simple rule would be never to click on a link in an unsolicited email that purports to come from a bank. Instead log into the bank's own website separately to check whatever it is that they are asking. At least, that is what I intend to do as a result of reading this thread.
Click to expand...

For a lot of people it's difficult to have two emails,one for the job / hobby and one for the banking transactions. But I suspect that's even not enough to do this. I think that switching to another OS where nothing is installed and that's always kept updated,is also necessary. To increase further the security don't you want to add an hardware token ? I'm sure that eternal_noob can suggest more tools / strategies to add,to even increase the security. It seems that the aim to reach a good compromise between time and energy spent and the security gained is also something like a chimera.
 
ZioMario said:
It seems that using his method solves the problem. Unfortunately,however,it adds more complexity and this bring more problems. At the end,for one problem solved,more problems will come,so there isn't a good balance.

Maybe facedebouc could remember the KISS phylosophy... (Keep It Simple Stupid).
Click to expand...
Of course it's one way to solve the problem. But at the cost of complexity. One could use procmail or slocal. Both of which don't require admin access to any SMTP server. If you're so inclined, that's fine. If you're not, you're not hosed. You can choose the simple approach.

BTW, I use fail2ban + geoblocking + postfix + spamassassin + procmail. I suppose I should have advocated for people to set up a complex environment. My approach is somewhat punitive to spammers and other bad actors. But it's not necessary. Just use the simplest tool available.
 
BTW, I use fail2ban + geoblocking + postfix + spamassassin + procmail.
Click to expand...

That's all ? Sometime I've thought about how an IA can help to filter the unwanted emails. With IAs times are changed and we explore new methods to achieve even better result than using the old ones.
 
eternal_noob said:
Neither my bank nor my health insurance do have my email address. If they ask, i say i don't have one and that's ok.
Click to expand...
If you sign up to do business with your bank or insurance online, then yeah, you do give them your email address. It is where you get the confirmation codes for 2FA. Yeah, it's possible to set up 2FA to call or text you as a primary method, and have email as a backup method. Yeah, it's a pain to set up correctly, and a pain to use, but that pain is the price to pay for a sense of some security.

Throwaway email addresses take time to maintain (gotta check back from time to time), but they are not a bad security tool if you use it right.
 
www.independent.co.uk

Urgent alert issued to anyone who uses Gmail after 183 million passwords leaked

Breach could also allow hackers to access logins associated with email accounts
www.independent.co.uk www.independent.co.uk

No wonder people are getting hacked.

Quote:-
"Gmail users have been warned about a huge attack that appears to have left as many as 183 million email accounts insecure.The data leaked online includes not only the email accounts themselves but the passwords believed to be associated with those logins.The breach could allow hackers entry not only to email accounts but all of the other logins that depend on Gmail.The breach occurred in April of this year but was recently noted by Have I Been Pwned, a website that tracks data breaches so that users can be alerted to them."

So the data leak happened in april, and the "urgent alert" has just been publicised in the press. Riiiight.....
 
blackbird9 said:
www.independent.co.uk

Urgent alert issued to anyone who uses Gmail after 183 million passwords leaked

Breach could also allow hackers to access logins associated with email accounts
www.independent.co.uk www.independent.co.uk

No wonder people are getting hacked.

Quote:-
"Gmail users have been warned about a huge attack that appears to have left as many as 183 million email accounts insecure.The data leaked online includes not only the email accounts themselves but the passwords believed to be associated with those logins.The breach could allow hackers entry not only to email accounts but all of the other logins that depend on Gmail.The breach occurred in April of this year but was recently noted by Have I Been Pwned, a website that tracks data breaches so that users can be alerted to them."

So the data leak happened in april, and the "urgent alert" has just been publicised in the press. Riiiight.....
Click to expand...

I know everything. In April I have changed the passwords of a LOT of websites where I was signed up. I see that still today Gmail is warning about that problem. But I'm not sure if I should change again the passwords of more than 400 websites where I signed in just because I did it already in April,not sleeping at all for 3 days. At the time it wasn't a bullshit. I've been literally bombed with a lot of attempts to break into almost every account.
 
You must log in or register to reply here.
Back
Top