I’m guessing the other party was phishing for Nigerians.
O … phish off.
I don’t have a dog is this fight, but the problem is, with as vague as your OP was, some people believed they had experience with your situation and were wrong. If you had been more clear with your initial question, for instance mentioning that it was with scottrade and that it was one of multiple options, the inaccurate answers likely wouldn’t have been posted. Yes, people should wait to post guesses and such if they aren’t sure or aren’t experts on the subject, but I also think the OP of a GQ thread has an obligation to provide as much context as reasonably possible to make sure people don’t have a misunderstanding of the question at hand.
I have to disagree with this. I have known more than a few people who have been caught by scams or phishing and in each case they were aware of it but still got caught anyway. For instance, my best friend’s mom got scammed by a varient of the Nigerian banker scam, despite his and my advice that it was a scam; her counter argument was that they ask for your bank information, but they weren’t doing that here they were sending her cashier’s checks to cash instead, clearly totally legit. :rolleyes: I have also known people get phished who I know had to know about it, since they work in IT, and have had their gamin accounts “hacked” or their bank or credit card accounts accessed.
Of course, I’ve also known people who have gotten phished who weren’t aware of it, but I think its wrong, and potentially dangerous, to believe that the majority of people who get hit by it don’t know what it is.
Heh. You said taint.
Huh. That’s very sad.
None of that was abundantly clear in the two line OP of the thread in question. It may have been obvious to someone already familiar with that form of transaction, but that only demonstrate that things are obvious when you know them.
To someone unfamiliar with that form of transaction, it could easily have been describing a scam, because someone taken in by a scam isn’t guaranteed to describe it coherently anyway.
Either way, it wasn’t an example of people posting Wags in GQ. Just an example of people getting it wrong.
How is that remotely relevant? Lots of legitimate business proposals are also unsolicited. Every day we get bombarded by advertisements from legitimate companies trying to sell us goods and sign us up for services. Occasionally some of them will even make a personal solicitation by mail, by e-mail, on the phone, or in person. Legitimate businesses do this for the same reason that scammers do: sometimes someone will take the bait and then “initiate” (as you put it) the handover of something of value. The only difference is that the legitimate businesses give you a product or service in return, whereas the scammers don’t.
Congratulations on your mind-reading abilities. The rest of us had no way of divining from the original post how it was that treis came to be “signing up” with a company which wanted his bank password in the first place. The premise in its entirety was just seven words: “Sometimes when signing up with a company…”.
Obvious if you know it though. So it should have been obvious if you don’t know it, clearly.
The OP could have been more specific, but I do almost all my banking and bill-paying online so I’m not flabergasted when asked to give out my bank info to an establishment I intend to pay once I’ve requested to be able to do so. The issue I see is that the “you are being scammed” posts continued after treis clarified the question. See post 41 for the appropriate response.
Thanks, I don’t feel all that special but maybe I should.
The OP’s title was “Instant Bank Verification - How Does That Work” and while the text of the post itself was vague and maybe misleading if you’ve never linked a bank account before, your first post was utterly false because instant bank verification is a very real thing commonly used by financial institutions and online businesses, which you might have known if you’d bothered to Google it.
Business proposal? If you want a brokerage account you have to, you know, fund it. One way you do that is by linking it to your bank account, but it’s not done automatically. You have to request the accounts to be linked and one step in that process is giving them your bank info.
Exactly - obvious if you know it.
If you don’t know it, there’s an equally obvious, but sadly wrong, answer. The point is that in this case, there’s no trigger to self-correct. Nobody who mistook it as a scam would feel the need to check themselves with Google, because it’s obvious what’s happening (even though what is obvious, is wrong)
Hmmm… OK. Still, a little more craft all round would have helped - garbage in, garbage out.
The thread is only 31 posts long. Do you mean post 14?
And you would have seen, if you’d bothered to read the whole thread, that as a result of the confusion caused by this vague and misleading post, I did indeed bother to Google it. Curiously, there were no relevant hits from PayPal’s site itself (even when adding “site:paypal.com” to the query); all I could find were third-party references to it. Either PayPal have sensibly discontinued this practice, or else Google is rather unhelpfully returning only those PayPal pages specific to my locale, where this service is unavailabe.
I understand the purpose of bank verification. I understand how this particular method works. However, merely understanding these things does not mean you are not being phished.
I dunno; I think Post 13 summed it up quite nicely. If you give someone your online banking credentials, it’s a simple matter for them to just log in as you and check whatever it is they need to check, or to execute a computer program to do same.
I thought that treis was excessively irritable in the GQ thread and that their pit thread is off base. I thought that the first 3 replies were appropriate.
treis: The thread is not about the original poster: it’s about the original post. It doesn’t matter that you are not an idiot. It is perfectly possible that you were describing a phishing attempt and perfectly reasonable to warn of such a possibility. You want to steer the thread back by adding elaboration? No problem. But I disagree that the initial posts were extra-topical: they were highly relevant for the problem described, which is separate from the problem experienced by the original poster.
Then again, I wouldn’t trust a third party with my password to another financial institution. The possibilities for circular finger pointing in the event of trouble, malicious or otherwise, are too great. Unless of course they accepted explicit liability for problems. Which they wouldn’t.
I just regret the GQ thread being closed before I spotted it. I would have posted:
“Fucking bank-nets… how do they work?”
So I’ll have to settle for posting it here.
I’m guessing they use phishing schemes and dishonest employees.
In the Feb 2008 issue of Digital Transactions: Trends in the Electronic Exchange of Value, George F. Thomas of Radix Consulting admonishes: “Non-account-holding banks are starting to ask consumers for their passwords and other log-on credentials to make sure they own the accounts they’re using to make payments. At a time of massive data breaches, this is a dangerous practice that should stop now.”
Even if all the cool kids are doing instant account verification, think twice. I see that some of the language by at least one of the providers of this “service” is pretty alarming: it involves granting them limited power of attorney! Wow. I’m sticking with the professional advice. I extend my thanks to the first 3 posters of that thread who advised us of some of the risks in this security framework, though not all.
That’s some great info, except the OP didn’t ask if anyone thought it was risky or if anyone thought it was a scam. They stated that institutions are using this practice, and asked simply: ‘how does it work’?
Any answers involving phishing, scamming, security experts saying it is a bad idea to do it, etc. aren’t appropriate in the context of GQ and this OP.
GQ isn’t for advice, I think that is the point. Others reading the thread shouldn’t be hoping to learn people’s opinions on the wisdom of the practice, but rather “how it works”.
I’m sure I’m guilty of it, but when I am offering a WAG or apparent tangential response I do try to a) make sure it is clear that this is what it is, and b) why I’m sharing it anyway (maybe I think it will expand into a useful area or provide a data point that will allow someone else to find an answer.
But sometimes I just get caught up in wanting to say something and forget where I’m posting.
Psychonaut. Apparently you still don’t know wtf you’re talking about. Your lame attempts at junior modding make you look even more like an ass.