Sunday, March 28, 2010

Security how banks are hurting themselves

I recently got a notice for a bank I deal with the they wanted to verify a charge I did, to protect my identify. But this is where it get stupid.


They send me a e-mail

test 1

If you look at the link

Transaction Authorized -  it links to https://

Note: Real sequence number has been changed to protect data

Upon clicking the link, the next site I see and then get redirected to


Note:Real sequence number has been changed to protect data

Who Is ??? and the web site has broken links on it !


So I call Chase and they do not know who is  but they say contact Abuse @  so i do

and this is the best part

the reply is



Thank you for forwarding your recent e-mail to our Abuse mailbox. We have reviewed the message and it is a valid notification from us regarding Urgent Chase Confirmation ?

Recent transaction for account ending in xxxx. If you have any questions or concerns about this e-mail, please contact us at 1-877-CHASEPC. Thanks for choosing Chase.

Thank you,

Email Customer Service Representative

email address


So not I get reply from not Chase but another company and they do not understand why I think their security stinks.

I then call Chase and after speaking to 20 people i get—you guessed, it no it not a issue.


Why the Chase Bank does not understand is it not good to deal with a bank you redirects you to 3 different domains and they think that fine.

My warning is to deal with banks who understand security and practice it. Do not use a bank if they do not understand on-line security. Sorry Chase you lost me as a customer.