Scribblings Resurrection

Sorry, but you appear to be an idiot

Thursday, 25 November 2004

Brendan O’Donovan, in a letter to this week’s Guardian Online supplement, makes an excellent suggestion about how banks might deal with the 4% of their online customers who fall for phishing scams1 and give their banking details to the phisher’s website.

Smiley face wearing a funnel as a hat

His idea is simple. The banks themselves should send out phishing emails to their online customers and record who responds. Brendan merely says that the banks could then lock out and educate such customers but I’d like to take it further. I’d like to suggest that when a ‘victim’ next tries to log on to their account they are presented with a screen saying Sorry but we’ve suspended access to your account because you appear to be a complete idiot.


1 A phishing scam is one of those emails you receive which claims to come from your bank and tries to present you with a plausible reason why you need to log on to to your bank’s website to re-enter your details. Details such as your user id and password.

Helpfully, the email will provide a link which you can click on to take you to your bank’s website. Except that, of course, it does no such thing. The link takes you to the scam’s website which is set up to look just like your bank’s. The rest of the scam should be obvious. If it isn’t then perhaps you’re not ready to use online banking2.

2 Although if you still feel you must then perhaps you’d be so kind as to send me your id and password. I need it for research. I won’t do anything bad with them. Honest.

Posted 25 November 2004, 18:35 GMT

Search results