I was tricked by a phone-phisher pretending to be from my bank, and he convinced me to hand over my credit-card number, then did $8,000+ worth of fraud with it before I figured out what happened.
I was tricked by a phone-phisher pretending to be from my bank, and he convinced me to hand over my credit-card number, then did $8,000+ worth of fraud with it before I figured out what happened.
For BankID it somewhat does, because only registered services can make the request - so they’d need to register a scam service and then use that. Which also makes it an easier job for anti-fraud police.
So it’d be a lot more complicated.
Like obviously at a certain point if someone is willing to do everything they can - then they will be scammed, see this for example: https://www.bbc.com/news/uk-england-leeds-67208755
But the more steps there are, the higher the chance the person realises it is a scam.
I’m not an expert on digital banking, but this sounds like a no-brainer… Aside from marginally increasing compliance costs, why would this not just be the norm everywhere?
I mean… It was rhetorical. I know why.
It kind of is the norm.
Just a few countries like the US are really backward in terms of accessible banking - mainly due to having no federal ID, residence registration, etc. too on top of outdated bureaucracy.
“A chain is only as strong as its weakest link” - We are the weakest link in any security chain, and always will be. Social engineering is one hell of a drug.