Does your bank mask your account number?

Posted Monday, October 23rd, 2006 10:20 am by Mon Solo
Viewed 3742 times | Related entries: Security

Marghil and Yuga have revealed a security risk in Xoom. All you need is someone’s email address, zip code, and bank account number.

Yuga mentioned that it is unlikely that a person publishes his or her account number online. But does your bank print the account number on bank statements? Or does it display it when you do your online banking? If you do your internet banking in an internet cafe, do you clean up your tracks?

Consider this: most hacking incidents do not really require technical skills. Common social engineering techniques include dumpster diving (i.e., going through the waste basket) or shoulder surfing. If your bank prints your account number on your statement, the hacker already has two pieces of the puzzle. All he needs is the email account—and how many of us use our names as our email address?

So does your bank mask the account number? If not, you should strongly advise your bank to do so.

Permalink | | 6 Comments


Related Entries:


« Microsoft 5th CIO Quest: Changing the role of IT Manager
Microsoft Loves You with Vista and Office 2007 »

6 Responses to “Does your bank mask your account number? ”


  1. Techno Pinoy » Blog Archive » Plagiarism » October 23rd, 2006 20:57

    [...] I was surprised to find my Pinoytechblog post at Gavilan WeBlog.  While they say that it is the highest form of flattery, the very least the plagiarist could do is to give credit to the author or provide a link to the original article. [...]

  2. bloggementarist » October 24th, 2006 20:51

    there is actually a “better” loophole with the services the xoom is offering, tho i dnt want to post it and someone might find it interesting and actually do it..

    and its imitation, not plagiarism (which is the unauthorized use of the language and thoughts of another author and representing them as one’s own original work), the highest point of flattery..

  3. Techno Pinoy » Blog Archive » Plagiarism chapter 2: Wordpress responds » October 25th, 2006 19:38

    [...] I sent the following mail to Wordpress support: I would like to advise you that gavilan1010 [URL link removed] was plagiarized from http://www.pinoytechblog.com/archives/does-your-bank-mask-your-account-number. [...]

  4. Does Your Bank Mask Your Account Number? « Gavilan’s WeBlog » October 26th, 2006 04:28

    [...] So does your bank mask the account number? If not, you should strongly advise your bank to do so. [...]

  5. Xoom accounts - easy target for hackers?? Not anymore! » Kukote in a Jar Beta » October 27th, 2006 14:40

    [...] As some of you know, that post got yugateched, j spotted, technopinoyed, pinoytechblogged and gavilaned. I checked their recovery password now, and they already made the necessary changes to mitigate this security risk. The New Password screen link will now be sent to your e-mail address. [...]

  6. Pierres Service » Blog Archive » does your bank mask your account number? » November 29th, 2006 04:13

    [...] a couple of bloggers have revealed a security loophole in xoom, which begs the question: does your bank mask the account numbers?Read more: here [...]

Add Your Comments:


Search PTB


Enter your email address:

Adverts


Send money to over 180 countries with EPAY debit card.

Technology & Computers - Top Blogs Philippines

Meta