Interesting People mailing list archives
MORE ON Bank of America vs security
From: David Farber <dave () farber net>
Date: Wed, 22 Jun 2005 18:42:06 -0400
Begin forwarded message: From: John R Levine <johnl () iecc com> Date: June 22, 2005 5:51:50 PM EDT To: David Farber <dave () farber net> Cc: Bob Frankston <O2RMF2 () Bobf Frankston com> Subject: Re: [IP] Bank of America vs security
Received: from pula.cashedge.com ([129.41.8.16]) by **MYMachine** with Microsoft SMTPSVC(6.0.2600.2180);
What is ?pula.cashedge.com?
Hi, Bob. Believe it or not, that message was legitimate, not a phish. Cashedge is a large service bureau that handles inter-account transfersfor BofA and just about every other bank in the country. I just looked up
pula.cashedge.com which is indeed at 129.41.8.16. It's not surprising that banks outsource technical functions, but it boggles the mind that despite the phishing epidemic, their e-mailpractices remain so sloppy. I get all sorts of mail like the one you saw from Cashedge and their major competitor Checkfree, and if I didn't happen to know who they are and what domains they use, I would have guessed that
they were all phishes, just like the undertrained BofA support droid who answered your question did. It's not just account transfers. I had a BofA credit card (which by coincidence I cancelled this morning) and when I signed up for the modestly useful Verified by Visa program, the confirmation message came from cyota.com, a small Israeli company that would scream phish if Ididn't happen to know who they are because I follow the e-money industry.
Even mail directly from a bank is hard to figure out; the mail that MBNA sends me about my credit card comes from all sorts of names like customercenter.net (which is Checkfree), never mbna.com. Try and guess which of mbna-access.com and mbnaaccess.com belongs to MBNA, which to a squatter in Australia. Hey, banks: if you want us to tell the difference between real mail fromyou and fake mail not from you, how about at least putting your own domain on it? If bulk mailers can do it, like Doubleclick who gets customers to
delegate email.whoever.com to DCLK's mail hosts, so can you. Regards, John Levine, johnl () taugh com, Taughannock Networks, Trumansburg NY http://www.taugh.com ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- MORE ON Bank of America vs security David Farber (Jun 22)