[LINK] RFC: Guidelines re Avoiding Looking Like a Scammer

Roger Clarke Roger.Clarke at xamax.com.au
Mon Nov 12 17:23:13 AEDT 2018

I use a broker called CMC.

This morning I received an email that purported to come from them.

It included:
 >Click the button below to continue.CMC Client Consent 
Here you will be required to enter your unique consent code and your 
account number, please see both below. Once you have entered your 
details, follow the prompts to finalise your agreement.

I emailed CMC, asking whether they sent it, and saying that I was about 
to report it to ASIC as a scam.

They replied, saying:
"I can ... confirm that this is an eDM that was sent out to certain 
clients earlier today".  I have no idea what an eDM is.

Is anyone aware of guidance for marketers, and especially marketers in 
the financial services industry, in relation to:
-   not using third party domain-names?
-   not sending URLs for people to type security-sensitive data into?

Aside:  It would be excellent if a relevant regulator had issued both 
guidance and stern warnings.  But the deplorable performance of 
financial service industry regulators exposed by the Hayne Royal 
Commission suggests that I'll be disappointed.  (Why *do* the people 
concerned get to keep their jobs??).

Roger Clarke                            mailto:Roger.Clarke at xamax.com.au
T: +61 2 6288 6916   http://www.xamax.com.au  http://www.rogerclarke.com

Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA 

Visiting Professor in the Faculty of Law            University of N.S.W.
Visiting Professor in Computer Science    Australian National University

More information about the Link mailing list