On 24/04/12 15:23, Martin Gregorie wrote:
My bank says up front and in writing that they will never ask for account or login details by e-mail. I suggest moving your account away from any bank that doesn't have the same policy and stick to it. Make sure you tell them why you're leaving, though.
In addition to helping customers in this way, it would be really nice if they would similarly help mail admins to by also having a well defined email policy, clearly stating which addresses they will send email from and publishing accurate SPF records for those domains.
That would make it trivial for all mail admins to detect and block bank phishing attempts.
It's not rocket science!
