[LINK] Clarkson stung after bank prank
stil at stilgherrian.com
Tue Jan 8 09:47:44 EST 2008
On 8/1/08 9:11 AM, "Darryl (Dassa) Lynch" <dassa at dhs.org> wrote:
> As someone who has had to publish account details so clients could make
> payments, my take on this is to only put up details of accounts that require
> additional signitures to withdraw and not to publish the details of those
> who are associated with the accounts.
Mayhaps. But if you have a business bank account and business banking
online, you can withdraw money from anyone's account without a signature.
You just upload a spreadsheet with account numbers and amounts, and bingo!
This is how it works if a business is authorised to make direct debits from
your accounts, e.g. your ISP each month, or rent to your landlord.
Of course in theory you're meant to have the account-holder's permission and
they're meant to have signed something, but we *are* talking about
fraudulent usage, are we not? Sure, the trail soon leads back to the
culprit, but that's what The Big Bad Guys use gullible cut-outs who've
responded to too-good-to-be-true offers in spam.
Internet, IT and Media Consulting, Sydney, Australia
mobile +61 407 623 600
fax +61 2 9516 5630
ABN 25 231 641 421
More information about the Link