Home |
Search |
Today's Posts |
|
UK diy (uk.d-i-y) For the discussion of all topics related to diy (do-it-yourself) in the UK. All levels of experience and proficency are welcome to join in to ask questions or offer solutions. |
Reply |
|
|
LinkBack | Thread Tools | Display Modes |
#41
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
On Fri, 24 Feb 2012 20:53:29 +0000, The Natural Philosopher wrote:
At least with an email you can hover over an email/web address and see where it's really pointing to. Not if the HTML page is just an attached file. It points to your hard disk :-) If I load a file from the local disc with external links into my browser I and hover over those links the browser tells me the content of the href. Don't these, recent, all singin', all dancin', enchanced web experience, browsers do that? -- Cheers Dave. |
#42
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
Dave Liquorice wrote:
On Fri, 24 Feb 2012 20:53:29 +0000, The Natural Philosopher wrote: At least with an email you can hover over an email/web address and see where it's really pointing to. Not if the HTML page is just an attached file. It points to your hard disk :-) If I load a file from the local disc with external links into my browser I and hover over those links the browser tells me the content of the href. A FORM statement is not a url. Its isnt a link. You cant 'hover over it' Its just where you go when you push that submit button. Don't these, recent, all singin', all dancin', enchanced web experience, browsers do that? Of course, but it makes no difference. All the LINKS are to the genuine bank pages. |
#43
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
The Natural Philosopher wrote:
A FORM statement is not a url. Its isnt a link. You cant 'hover over it' Its just where you go when you push that submit button. Or what javascript gets triggered as you change values in the fields and is whisked away via XHR before you even think about pressing the button. |
#44
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
On Mon, 27 Feb 2012 10:38:24 +0000, Tim Streater wrote:
There is no HREF underneath. You're clicking a button to submit a form. That doesn't show up in the status bar. Ha lost the track of the thread, probably something to do with leaving for work at 0600 yesterday and not getting back 'till 2130 and getting up again at 0700 this morning. I should also have said that the browser's response is therefo "Sorry Dave, I can't do that." B-) I must watch that, ages since I did, got it on Bluray for Christmas. -- Cheers Dave. |
#45
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
Andy Burns wrote:
The Natural Philosopher wrote: A FORM statement is not a url. Its isnt a link. You cant 'hover over it' Its just where you go when you push that submit button. Or what javascript gets triggered as you change values in the fields and is whisked away via XHR before you even think about pressing the button. I saw no sign of that, I have to say. |
#46
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
On 27/02/2012 10:24, Mark wrote:
On Sun, 26 Feb 2012 10:44:27 +0000, Martin Brown wrote: Worse than that they sometimes cold call me and demand that *I* prove to them who I am. My response is tell me the first line of my address (and they won't because of data protection) we deadlock at that point. Even worse is when this is an automated system and you can't tell them that their security model is flawed. Capital One have a similar problem with their automated phone system. I used to have a credit card with them when I lived in the UK. When I moved to France I gave them my French address but they don't permit me to have a card any more due to being non-resident in the UK. Fair enough. But every few months they send me a letter in the post about something or other such as changes to their terms and conditions. This has gone on for over six years now. I haven't had a Capital One card now for over six years but they still keep sending me mail as though I'm a card holder. I tried to phone them to ask them to stop but it is impossible because their phone system insists I enter my card number - which has long since expired and I forgot 6 years ago. It is impossible to speak to anyone without entering that number. So complete deadlock. They keep sending me mailings about my zero balance account (no account number specified in their mailings) and I keep destroying and binning them. -- David in Normandy. To e-mail you must include the password FROG on the subject line, or it will be automatically deleted by a filter and not reach my inbox. |
#47
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
On 27/02/2012 13:14, David in Normandy wrote:
On 27/02/2012 10:24, Mark wrote: On Sun, 26 Feb 2012 10:44:27 +0000, Martin Brown wrote: Worse than that they sometimes cold call me and demand that *I* prove to them who I am. My response is tell me the first line of my address (and they won't because of data protection) we deadlock at that point. Even worse is when this is an automated system and you can't tell them that their security model is flawed. Capital One have a similar problem with their automated phone system. I used to have a credit card with them when I lived in the UK. When I moved to France I gave them my French address but they don't permit me to have a card any more due to being non-resident in the UK. Fair enough. But every few months they send me a letter in the post about something or other such as changes to their terms and conditions. This has gone on for over six years now. I haven't had a Capital One card now for over six years but they still keep sending me mail as though I'm a card holder. I tried to phone them to ask them to stop but it is impossible because their phone system insists I enter my card number - which has long since expired and I forgot 6 years ago. It is impossible to speak to anyone without entering that number. So complete deadlock. They keep sending me mailings about my zero balance account (no account number specified in their mailings) and I keep destroying and binning them. Striking letters through "NOT KNOWN AT THIS ADDRESS" works eventually. Be *very* careful if you have ever registered for any of the bank branded card protection services linked to one of your cards if you move house. For reasons of "data protection" your change of address sent to the credit card and bank is not shared with the same named card security firm (which is actually a third party provider). The upshot of this is at renewal a complete list of all your credit cards is sent to the address where you previously lived. Then you have to get them to admit that it is a third party provider and which one to sort it out! I have had it happen to me and had a similar pacakage of stuff come to my new address and with a surprising name collision that suggested it might actually be identity fraud (ie addressed to another Mr Brown). -- Regards, Martin Brown |
#48
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
On Mon, 27 Feb 2012 14:14:47 +0100, David in Normandy
wrote: On 27/02/2012 10:24, Mark wrote: On Sun, 26 Feb 2012 10:44:27 +0000, Martin Brown wrote: Worse than that they sometimes cold call me and demand that *I* prove to them who I am. My response is tell me the first line of my address (and they won't because of data protection) we deadlock at that point. Even worse is when this is an automated system and you can't tell them that their security model is flawed. Capital One have a similar problem with their automated phone system. I used to have a credit card with them when I lived in the UK. When I moved to France I gave them my French address but they don't permit me to have a card any more due to being non-resident in the UK. Fair enough. But every few months they send me a letter in the post about something or other such as changes to their terms and conditions. This has gone on for over six years now. I haven't had a Capital One card now for over six years but they still keep sending me mail as though I'm a card holder. I guess I'm lucky. C1 stopped sending me anything after I cancelled my credit card. I tried to phone them to ask them to stop but it is impossible because their phone system insists I enter my card number - which has long since expired and I forgot 6 years ago. It is impossible to speak to anyone without entering that number. So complete deadlock. They keep sending me mailings about my zero balance account (no account number specified in their mailings) and I keep destroying and binning them. I had a similar, but less serious problem with Santander. I am trying to get my last bank statement from them since I closed my account last year. They also keep asking for my card number (account number won't do). However, after about 5 minutes of keep asking/waiting, it does eventually put me through to a human. I still haven't received my statement though :-( -- (\__/) M. (='.'=) If a man stands in a forest and no woman is around (")_(") is he still wrong? |
#49
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
On Mon, 27 Feb 2012 14:14:47 +0100, David in Normandy wrote:
I tried to phone them to ask them to stop but it is impossible because their phone system insists I enter my card number - which has long since expired and I forgot 6 years ago. It is impossible to speak to anyone without entering that number. Some times if you remain quiet and don't press any buttons you will eventually fall through to a real person. May take a while and lots of nagging from the other end mind... Having said that if you don't know the account number they might be reluctant to do anything anyway, at least not the run of the mill script jockey. -- Cheers Dave. |
#50
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
Mark wrote
Andy Champ wrote Mark wrote And it's easy to work out where the spammer got your address from. That doesn't always help. Here are two sample responses (I paraphrase) "Terribly sorry, our server was hacked into and the mailing list was stolen". Then they have admitted it's their poor security that caused the problem. "There's nothing wrong with our systems, it must have been you" Then they're lying. Either way I would not deal with them again. You dont always have a choice, most obviously with the supplier of spare parts you cant get anywhere else or with software etc. |
#51
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
On 27/02/2012 09:22, Mark wrote:
On Fri, 24 Feb 2012 22:46:13 +0000, Andy wrote: On 24/02/2012 11:34, Mark wrote: And it's easy to work out where the spammer got your address from. That doesn't always help. Here are two sample responses (I paraphrase) "Terribly sorry, our server was hacked into and the mailing list was stolen". Then they have admitted it's their poor security that caused the problem. "There's nothing wrong with our systems, it must have been you" Then they're lying. Either way I would not deal with them again. I'd rather deal with the company that had a problem, detected it, and admits to it, than the one who either out and out lies or won't even believe there's a problem. Andy |
#52
Posted to uk.d-i-y
|
|||
|
|||
More ado with phishing..
On Mon, 27 Feb 2012 20:50:28 +0000, Andy Champ
wrote: On 27/02/2012 09:22, Mark wrote: On Fri, 24 Feb 2012 22:46:13 +0000, Andy wrote: On 24/02/2012 11:34, Mark wrote: And it's easy to work out where the spammer got your address from. That doesn't always help. Here are two sample responses (I paraphrase) "Terribly sorry, our server was hacked into and the mailing list was stolen". Then they have admitted it's their poor security that caused the problem. "There's nothing wrong with our systems, it must have been you" Then they're lying. Either way I would not deal with them again. I'd rather deal with the company that had a problem, detected it, and admits to it, than the one who either out and out lies or won't even believe there's a problem. Maybe I would actually let the former off if they were an otherwise reputable organisation. IIRC they normally don't reply at all if I ask them about how my email address got into the hands of spammers. -- (\__/) M. (='.'=) If a man stands in a forest and no woman is around (")_(") is he still wrong? |
Reply |
|
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
BEWARE! PHishing Expedition! | Metalworking | |||
Phishing from HMRC? OT | UK diy |