A Tale of Secure Transactions

[TheKing]

Bearing in mind that online gambling is one of the main industries to (rightly) be concerned over credit card fraud and related security issues, I thought I'd share this tale here. It doesn't concern gambling, but in my view it typifies the expertise of so-called "professionals" in the area of online transactions. Since we have to deal with banks in order to make payments over the internet, this is perhaps something we should all be concerned about!

Other than that, it might give you a laugh or two

Anyway, I recently made an online purchase and was forwarded to a supposed Natwest URL I have never heard of, which asked me for some of the same details a second time (my date of birth, the card security code and expiry dates etc). Since I didn't recognise the URL, I thought I would call my bank and make sure it was one of theirs. This is how the conversation went:

Me: Hello, I need to speak to someone in internet banking
Them: ok, what do you need to know?
Me: I just need to quickly check whether a particular domain is owned by Natwest.
Them: ok, what's the domain?
Me: securesuite.co.uk
Them: Yes, that's one of ours
Me: Oh, ok, fine. Thanks ...
Them: Yes, it's natwestsecure.com/securesuite...
Me: No, this is simply securesuite.co.uk. Is it one of yours?
Them: Securesuite.co ?
Me: No, securesuite.co.uk
Them: Securesuite.co. OK hang on I'd better check

(Yes they b***** well had better check! Geez!)

Them: It's not one of ours, no. We don't have securesite.co
Me: It was securesuite.co.uk

(.co ? Hmmm! It dawns on me that this "Internet Team" advisor has never in fact used the internet at all!)

Them: Yes, as I said, it's not one of ours
Me: Ok, thankyou. Bye!

(I call back, hoping to get someone better this time)

Me: I'd like to speak to an internet expert please
Them: Um... ok... I'll put you through to the internet team
Me: Great
Them: Hello Sir, I'm in the internet team at Natwest, how can I help you?
Me: I need to check to see if Natwest owns a particular URL
Them: Oooooh. I don't think I could help with that. Haha!
Me: Urm... I only want to check to see if you own this URL
Them: We are nothing to do with AOL. We don't own it.
Me: uh....
Them: Am I confusing you? Think I'm confusing myself!! Hee hee!
Me: No, I'm talking about a domain name. I'd like to check to see if Natwest ever use this specific domain name for online transactions.
Them: Which domain? OK, hang on sir, won't be long

(5 mins)

Them: Yes, I've asked around and everyone agrees our domain is Natwest.com

[Gus Mango Fish]

:lol: :lol: :lol: :lol: :roll:

That's funny, and typical of experiences I've had myself in speaking to so called "Internet Experts" who are unsure of even the most simple elements of the internet.

I used to work for a well known investment / pension company as a web developer. I had a main boss, and someone who was supposed to "interface" between myself and the main boss to tell me what they wanted doing with the site.

A typical day would involve the liason person telling me they wanted one of those clicky underline things where people can send you an email from, and are they complicated to add to the site? This is a major International company I am talking about too!..

Things got so garbled being passed down the line that it almost always made more sense to cut out the middle-man(woman) and go straight to the boss.

Back to your story, it doesn't bode well for NatWest (who I am also with) when they send me out literature warning against phishing, keyboard sniffers and the like, when they have no idea what a domain is, or which ones they actually own..

It isn't that surprising that Internet Fraud of this type is on the increase when they were actually telling you at one point that the URL you were about to submit your details to was infact safe, when they were clearly talking about another one entirely...

It seems to be a case of limited training and a chronic lack of communication between the policy makers and those who are customer-facing...