[LINK] RFC: Guidelines re Avoiding Looking Like a Scammer
Roger Clarke
Roger.Clarke at xamax.com.au
Mon Nov 12 17:23:13 AEDT 2018
I use a broker called CMC.
This morning I received an email that purported to come from them.
It included:
>Click the button below to continue.CMC Client Consent
http://links.cmcmarkets.mkt7114.com/ctt?kn=10&ms=MzcyNDQ2NTAS1&r=MTgxNjE1MjY1MjI0S0&b=2&j=MTQwMTE5MjMxMQS2&mt=1&rt=0
Here you will be required to enter your unique consent code and your
account number, please see both below. Once you have entered your
details, follow the prompts to finalise your agreement.
I emailed CMC, asking whether they sent it, and saying that I was about
to report it to ASIC as a scam.
They replied, saying:
"I can ... confirm that this is an eDM that was sent out to certain
clients earlier today". I have no idea what an eDM is.
Is anyone aware of guidance for marketers, and especially marketers in
the financial services industry, in relation to:
- not using third party domain-names?
- not sending URLs for people to type security-sensitive data into?
Aside: It would be excellent if a relevant regulator had issued both
guidance and stern warnings. But the deplorable performance of
financial service industry regulators exposed by the Hayne Royal
Commission suggests that I'll be disappointed. (Why *do* the people
concerned get to keep their jobs??).
--
Roger Clarke mailto:Roger.Clarke at xamax.com.au
T: +61 2 6288 6916 http://www.xamax.com.au http://www.rogerclarke.com
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Visiting Professor in the Faculty of Law University of N.S.W.
Visiting Professor in Computer Science Australian National University
More information about the Link
mailing list