RetirEd | New members welcome and introductions | Discussion forum

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
October 10, 2020
10:55 pm
RetirEd
Member
Members
Forum Posts: 976
Member Since:
November 18, 2017
sp_UserOfflineSmall Offline

Hello again, folks. This is good old RetirEd, a user since very soon after CHISA opened. The E-mail service I used to create my account here went belly-up a few years back and I was unable to recover my membership. Over a year ago (I think) I tried creating a new identity as NewEd, but I think I will be able to post under my old name using a nickname.

Or perhaps our Esteemed Administrator will help me recover my previous acount?

I'm a retiree, as the name implies, and sticking to guaranteed deposits these days as I no longer have enough earned income to recover from risky things.

What makes me unusual in today's financial world is that I completely refuse to do anything (financial or otherwise - I file my taxes on paper) linked to my real name or identity. As such, I don't use any web-based financial institutions. I use the phones and mail - a buck for a stamp now and then is much preferable to the vulnerability of on-line services, which in general make the user responsible for all errors. I demand paper records, too.

See you in the Fora!

-RetirEd

UPDATE: It looks like the nickname can't be made to show here. I hope our Fearless Leader will, thus, recover my original username!

RetirEd

October 18, 2020
8:29 am
Peter
Admin
Forum Posts: 1398
Member Since:
May 15, 2007
sp_UserOfflineSmall Offline

Welcome back! Your display name has been updated now.

October 18, 2020
4:40 pm
Loonie
Member
Members
Forum Posts: 9213
Member Since:
October 21, 2013
sp_UserOfflineSmall Offline

Hello Ed,

I too would prefer not to have to deal with anything online But I came to the conclusion it probably doesn't matter that much because the FIs have everything on computer anyway, so hacking is going to continue, and the FIs are bigger, more attractive, fish than I. The breach some of us experienced at Peoples Trust several years ago, for instance, had to do with the FI itself's vulnerabilities.

So, I continue with internet banking. Best advice is to change passwords frequently, make all your passwords different and unintelligible, download and print statements as soon as available, check them carefully, avoid public computers for banking.
Some techie types probably have more and better ideas.

October 19, 2020
3:26 pm
Rick
Member
Members
Forum Posts: 1110
Member Since:
February 17, 2013
sp_UserOfflineSmall Offline

2nd Best advice is always connect via a link you set up in your browser or the app....whichever you use (or both). NEVER click on an email link no matter how legit it looks.

Loonie said
Hello Ed,

I too would prefer not to have to deal with anything online But I came to the conclusion it probably doesn't matter that much because the FIs have everything on computer anyway, so hacking is going to continue, and the FIs are bigger, more attractive, fish than I. The breach some of us experienced at Peoples Trust several years ago, for instance, had to do with the FI itself's vulnerabilities.

So, I continue with internet banking. Best advice is to change passwords frequently, make all your passwords different and unintelligible, download and print statements as soon as available, check them carefully, avoid public computers for banking.
Some techie types probably have more and better ideas.  

October 19, 2020
5:34 pm
Nehpets
Ontario
Member
Members
Forum Posts: 974
Member Since:
December 20, 2016
sp_UserOfflineSmall Offline

Rick said
...... NEVER click on an email link no matter how legit it looks.
  

In addition, never use a search engine to get the link to your bank for logging in. There have been cases of spoofed listings for financial institutions on search engines, that recorded users' login information when users clicked on that malicious, but legitimate looking search engine listing and cleaned out their accounts.

Best advice, as has been mentioned is to use your own, proven link, on your own computer (device) as the only way to connect to a financial institution.

Oh yes, and never, never click on any link in any email, even if the email comes from a FI or business you deal with. That's how phishing emails that look like the real thing trap unsuspecting users.

Even savvy techie types have been fooled by some really well made phishing emails!

Stephen

October 20, 2020
4:40 am
Loonie
Member
Members
Forum Posts: 9213
Member Since:
October 21, 2013
sp_UserOfflineSmall Offline

I would be especially careful with Peoples Group, which has been hacked before.

Peoples Bank is .ca

but Peoples Trust is .com

Why, oh why, couldn't they make them the same?sf-confused

October 20, 2020
6:02 pm
Briguy
Member
Members
Forum Posts: 713
Member Since:
March 17, 2018
sp_UserOfflineSmall Offline

If you do decide to get to the home page of a FI by using Google's search, do not choose the ad for that FI at the top of the results page. That is more likely to be a phishing site than the other search results. Also, look carefully at the address of the web page that it is spelled correctly, and if you click on it to go there, make sure that the address is https not http.

But preferably bookmark the correct web address for each FI.

And as mentioned before, just because you don't bank online doesn't mean you won't get just as much identity theft as everyone else when your FI gets hacked. 50% of the time it's because of internal fraud.

October 22, 2020
3:57 am
RetirEd
Member
Members
Forum Posts: 976
Member Since:
November 18, 2017
sp_UserOfflineSmall Offline

That's entirely true - even if I don't use on-line banking, the bank's own systems can get hacked, as Peoples' did shortly after I signed up with them. But there is a big difference - once one uses an on-line system portal, new terms and conditions apply that make everything the client's fault. If the financial institution screws up and I have never used their systems, it's THEIR Fault. This has served me well in the past after breaches, most notably two at American Express.
RetirEdsf-cool

RetirEd

October 22, 2020
12:24 pm
Norman1
Member
Members
Forum Posts: 6676
Member Since:
April 6, 2013
sp_UserOfflineSmall Offline

That's not the way the agreements are.

Peoples Trust never blamed the clients for their web server writing an extra copy of the application information to an uncontrolled log file.

If one looks into the cases of online banking users being stuck with losses, one finds that the losses were because of something they did. There was a case on CBC MarketPlace involving an Interac e-Transfer that the bank refused to cover the loss from.

How did the culprit get a hold of the unique link needed to claim the money? How was the culprit able to provide the correct answer to the security question to claim the money?

The answers to those two questions showed that it wasn't the bank's fault.

It is not very different from a non-online banking case where the bank refused full compensation for some ATM withdrawals. Bank questioned how some woman the customer met the night before was able to both obtain the ATM card and provide the correct PIN on the first attempt.

October 25, 2020
12:15 pm
RetirEd
Member
Members
Forum Posts: 976
Member Since:
November 18, 2017
sp_UserOfflineSmall Offline

Quite true: the Peoples' breach never cost clients a cent, nor involved their actions. Just a matter of irony in that case.

But - banks are increasingly refusing to cover clients for scams OR errors. They expect clients to be up on all the constantly-evolving ways scam artists attack them, which is impossible - especially using smartphones crawling with malware. But even without scams, mis-clicks or misunderstandings can trigger penalties. I know quite a few people who thought their transactions had gone through, or their billing plans changed, when in fact they had not. The web portals are quite confusing and frequently not consistently up to date. If I do something on the phone (which the institutions record), get the name of the agent and get paper backup, I feel much safer.
RetirEd

RetirEd

October 25, 2020
4:44 pm
Bill
Member
Members
Forum Posts: 3889
Member Since:
September 11, 2013
sp_UserOfflineSmall Offline

"banks are increasingly refusing to cover clients for scams". I'd need some data re. client losses to scams statistics to believe that, RetirEd.

October 25, 2020
5:10 pm
AltaRed
BC Interior
Member
Members
Forum Posts: 2786
Member Since:
October 27, 2013
sp_UserOfflineSmall Offline

As would I. FWIW, scams are rarely the fault of the financial institution (beyond inside jobs). Mostly, it is terrible customer habits via phishing emails, malware links, poor passwords, keyloggers, public wifi, etc, etc.

That does not mean to say financial websites and apps couldn't be better designed to help customers avoid transactional errors, but that has nothing to do with scams.

October 25, 2020
9:57 pm
Norman1
Member
Members
Forum Posts: 6676
Member Since:
April 6, 2013
sp_UserOfflineSmall Offline

It also depends on what the scam is.

Should a cheque payable to Alice be stolen out of her mailbox and a fake endorsement made to cash the cheque fraudulently, the sender's bank can recover the funds from the bank that cashed that cheque. So, the sender's bank will appear to cover the fraud and reimburse the sender of the cheque.

However, if the sender is tricked by his bookkeeper into signing a payroll cheque for Bob, who is not an employee, and Bob cashes the cheque, then the sender's bank is not going to cover the fraud because it cannot recover the money from the bank that cashed the cheque for Bob. As far as Bob's bank is concerned, cheque was payable to Bob and Bob cashed the cheque.

Lots of scams these days are more like the second one than the first because banks have made it difficult to pull ones like the first.

October 26, 2020
8:54 am
RetirEd
Member
Members
Forum Posts: 976
Member Since:
November 18, 2017
sp_UserOfflineSmall Offline

Bill, I can't provide scam loss statistics at the moment, but bank client agreements have been getting stricter and stricter, as I see in the updates they send me. And journalists and the Canadian Anti-Fraud Centre keep revealing new modes of scamming.

But for me, the risk of misunderstanding or making mistakes with automated on-line systems is a much bigger one.
RetirEd

RetirEd

October 26, 2020
9:44 am
Bill
Member
Members
Forum Posts: 3889
Member Since:
September 11, 2013
sp_UserOfflineSmall Offline

RetireEd, I agree, the agreements are getting stricter as things go on, I'm sure the banks have seen a fair bit now as to the problem behaviours so are being more specific in their requirements. And I agree, by being offline you're much safer. Who rifles through garbage to get data any more? The crooks are basically online, we're told.

I'm quite content with financial institutions that are over-sticklers about online security, I want my money protected.

Please write your comments in the forum.