And your bank makes it hard for you! Chase Bank sent me a (legitimate!) email th... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		patio11 on Feb 18, 2010 \| parent \| context \| favorite \| on: Toward a Grand Unified Theory of n00bs And your bank makes it hard for you! Chase Bank sent me a (legitimate!) email this week saying "We've just intercepted a suspicious transaction and tried reaching you by phone but we couldn't. Please click here if you authorized it or click here if you didn't." And then the link threw up a security certificate error! If they hadn't had my name, four digits of my account number, and a number exactly matching the number Google had just emailed me to say "We tried charging you $523.25 for your AdWords account but it got denied by your bank" 2 hours earlier, I would have sworn it was the world's best phishing attempt.

byrneseyeview on Feb 18, 2010 | [–]

It gets worse:

http://www.pixelmonkey.org/2009/08/21/chase-insecure

Chase sent me this, too. If you visit the site in Chrome, it tells you it's a suspected phishing site.

jerf on Feb 18, 2010 | | [–]

You should submit that as a top-level HN story.

by on Feb 18, 2010 | [–]

Yes, they're terrible at URLs too. Here's another case of something similar to your problem back in 2006.

http://www.lightbluetouchpaper.org/2006/03/10/banks-dont-hel...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact