Bonum Certa Men Certa

[Video] 3 Major Issues in Nationwide, Including (Potentially) a Major Data Breach

posted by Roy Schestowitz on May 23, 2024

Video download link | md5sum 41588754d32c7c1fb9291cffb1f2d70c
Nationwide Security Blunder or More?
Creative Commons Attribution-No Derivative Works 4.0

Preview for Nationwide Security Blunder or More?

BANKING "online" or 'electronic-bank' security has become the joke of the town. Many "modern" banks use inadequate systems and there are new reports this week regarding famous banks cautioning customers about advanced phishing scams (see Daily Links), as usual blaming buzzwords and straw men like "AI" (chatbots or "HEY HI", which doesn't accurately describe LLMs).

In our case, it seems plausible or likely to be much worse than phishing. It looks like Nationwide has suffered a data breach because a highly sophisticated scam, not "HEY HI" chatbot, apparently uses people's names and postcodes to seem legitimate. If those messages are in fact legitimate, that's worrying for a number of other reasons.

So I phoned them up. And they refuse to take a report about this. Or rather, they make it unnecessarily hard. This has become rather typical, as businesses are good at taking money but rather reluctant to take complaints.

In my case, to make matters worse, the complaints number gets through to a person who deals with mortgages! No kidding, I even double-checked while on the line. She tried to blame this on me, but I assured her I phoned the correct number, so it seems like an IT issue (again). Lines crossed?

As they do not let customers talk to IT or to managers (but put them on hold and speak to some unspecified party), maybe they are contracting all this stuff (and staff) outwards.

Towards the end of the call we were comparing the link in her legitimate E-mail to mine, as it goes not to the same domain at our end (unless there's a misunderstanding). Suffice to say, a bank linking to some dodgy third-party domain with extensive tracking in the URL is a terrible security practice, which in itself constitutes a reportable issue. Whoever is responsible should/can/might be sacked on the spot if this was a deliberate design issue. But who knows... they try to not even talk about this issue and refuse to let you speak to the most suitable person. "Nobody else has this problem" would likely be the go-to excuse. "You're only a customer... who are you to care about our IT systems failing...?" (Like Sainsbury's [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]). I recorded the call (didn't plan to publish it; it's crude), so nobody can say I take it out of context. It's totally unedited, so there are some bits there that could be cropped out (albeit it would require further processing).

In the name of "cost-savings" (high profits, temporarily, so some managers bag bonuses) many banks nowadays want to reduce themselves to (just/at most) some overseas AWS ("clown computing") account. Instead of branches they want to herd customers into skinnerboxes with "apps" (or Web sites). This is a worrying trend, akin to some scenes from I, Daniel Blake.

Other Recent Techrights' Posts

[Meme/Photography] Photos From the Tux Machines Parties
took nearly a fortnight
SLAPP as an Own Goal
We have better things to with our limited time
GNU/Linux at New Highs (Again) in Taiwan
latest numbers
Dr. John Campbell on Gates Foundation
Published two days ago
How Much IBM Really Cares About Software Freedom (Exactly One Year Ago IBM Turned RHEL Into Proprietary Software)
RHEL became proprietary software
 
Links 23/06/2024: Hey Hi (AI) Scrapers Gone Very Rogue, Software Patents Squashed at EPO
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 22, 2024
IRC logs for Saturday, June 22, 2024
Gemini Links 23/06/2024: LoRaWAN and Gemini Plugin for KOReade
Links for the day
Links 22/06/2024: Chat Control Vote Postponed, More Economic Perils
Links for the day
Uzbekistan: GNU/Linux Ascent
Uzbekistan is almost the same size as France
Independence From Monopolies
"They were ethnically GAFAM anyway..."
Links 22/06/2024: More Layoffs and Health Scares
Links for the day
Rwanda: Windows Falls Below 30%
For the first time since 2020 Windows is measured below 30%
[Meme] IBM Lost the Case Over "Dinobabies" (and People Died)
IBM agreed to pay to keep the details (and embarrassing evidence) secret; people never forgot what IBM called its staff that wasn't young, this keeps coming up in forums
Exactly One Year Ago RHEL Became Proprietary Operating System
Oh, you want the source code of RHEL? You need to pay me money and promise not to share with anyone
Melinda Gates Did Not Trust Bill Gates, So Why Should You?
She left him because of his ties to child sex trafficker Jeffrey Epstein
Fedora Week of Diversity 2024 Was Powered by Proprietary Software
If instead of opening up to women and minorities we might open up to proprietary software, i.e. become less open
18 Countries in Europe Where Windows Fell Below 30% "Market Share"
Many people still use laptops with Windows, but they're outnumbered by mobile users on Android
[Meme] EPO Pensions in the UK
pensioners: looks like another EPO 'reform'
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 21, 2024
IRC logs for Friday, June 21, 2024
During Fedora Week of Diversity (FWD) 2024 IBM and Its Subsidiaries Dragged to Court Over Discrimination at the Corporate Level
IBM is a deplorable, racist company
Workers of the European Patent Office Take the Office to Court Over Pension
pensions still precarious
Gemini Links 22/06/2024: FreeBSD vs XFCE and Gemini Bookmarks Syncing Solution
Links for the day
Links 21/06/2024: Matrimony Perils and US-Sponsored COVID-19 Misinformation
Links for the day
"A coming cybersecurity schism" by Dr. Andy Farnell
new from Dr. Andy Farnell
Links 21/06/2024: Overpopulation, Censorship, and Conflicts
Links for the day
IBM and Subsidiaries Sued for Ageism (Not Just for Racism)
This is already being discussed
UEFI is Against Computer Security, Its True Goal is to Curtail Adoption of GNU/Linux and BSDs on Existing or New PCs
the world is moving away from Windows
[Meme] Chat Control (EU) is All About Social Control
It won't even protect children
The Persistent Nature of Freedom Isn't About Easy Routes
Resistance to oppression takes effort and sometimes money
EFF Not Only Lobbies for TikTok (CPC) But for All Social Control Media, Irrespective of Known Harms as Explained by the US Government
The EFF's own "free speech" people reject free speech
Microsoft's Search (Bing) Fell From 3.3% to 1% in Turkey Just Since the LLM Hype Began
Bing fell sharply in many other countries
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 20, 2024
IRC logs for Thursday, June 20, 2024
The Real FSF Lost Well Over a Million Dollars Since the Defamation Attacks on Its Founder
2020-2023 income: -$659,756, -$349,927, -$227,857, and -$686,366, respectively
The Fake FSF ('FSF Europe') Connected to Novell Via SUSE, Not Just Via Microsoft (Repeated 'Donations')
'FSF Europe' is an imposter organisation
Just Less Than 3 Hours After Article on Debian Suicide Cluster Debian's Donald Norwood Recycles a Fortnight-Old 'Hit Piece'
The fall of Debian is its attack on its very own volunteers