Couldnāt BofA Have deleted the tweet?
I get why youāre saying that since it was Xitted at/tagged Bank of America. But it was still a public post from the userās account. Thatās like assuming a company could delete one of your emails or your Facebook post.
I never used twitter but I guess the best you can do is make it not appear on your wall but the tweet still exists.
Tweets from other people donāt ever appear on your wall. They only appear on that userās profile page, or on the home page of users who follow that user. Or, the third way it can show up is attached to another post that replies to it.
So ironically, by replying and telling the user to remove their personal information, BoA has actually ensured more people are able to see that userās personal information.
No, but they could have (and maybe have) block access to their bank account as a precaution.
That is one way to get their attention
Their policy should just be to reset the password immediately and have the user set a new one. This is one hell of a risk.
I still canāt believe American banks lets you login with just username / password? Surely there is some id check or at least two factors involved?
Yeah Iām European end my job in accounting makes me have to work with American banks regularly. So letās just say my expectations on American banks are quite low.
Wait, American banks donāt go with extra authentication? I couldnāt log in anywhere without SMS or additional apps or whatever. Depending on your bank you might even have to go through three different stages of authentication. Over the pond you just go username / password?
Nope, several years ago someone complained that their steam account has better protection then their bank account. Weāre now in 2023 and that statement still holds. Itās quite scary really. Bank websites that heavily rely on third party scripts ,āMFAā logins based on something you know and something you know. Account verification question based on code words or security questions based on public information. Worst of all, the ignorance of it all. āWe got hacked, here have a identity protection bandage, comes with an automatic subscription after several yearsā.
I wanted to use a 2FA device for my banking accounts and no bank that I have spoken to would allow it. Iād had a breach on one account because my information had been leaked from several different places including the federal government and a credit agency and as a result the person used my leaked information to validate their way into my checking account. At that point they let me set up a pass phrase and a couple of other random safeguards. This was all well and good but it didnāt make me feel safer than having that account protected by a physical 2FA device. I was also given more free credit monitoring (which Iāve gotten like 4 or 5 times in the last 10 years or so). Still bugs me to this day.
Hot take: let the bank release tweets like this as a honeypot, and see who tries to log in.
ngl, as someone whoās been cryptoscammed reasonably recently, everytime i see one of these posts i feel quite a bit more sympathy for the people who donāt understand how to use the internet who do this shit. i did feel some sympathy before but now itās combined with the memory of the feeling of panic and then shame i felt in the immediate aftermath, and also understanding how these scammers are so effective.
a friend of mine was telling me that their parents got scammed recently out of 200k. They were trying to work out how and why and everyone, including the victims was just like āI dunnoā¦ it just kinda happened. Everything looked legit.ā
And I imagine if ābuying something on amazonā looks really confusing to you, thereās little difference between that and a scam, because itās all a mystery you canāt hope to comprehend.
Now I imagine that experienced or savvy people could smell a rat instantly, but if you truly find online payments way beyond your Ken, I can see how it happens