Shame on Citibank. It violated the security practice promulgated
by the banking authority in HK. Over the
past 12 months, I found that Citibank attached a monthly e-statement pdf to me via
email though the attached pdf was password protected. Fraudsters can disguise themselves as a bank
and attach malicious code in pdf. The chance of success is high as e-statements are so important that target recipients will open and read them to see how much they need to pay. As far
as I know, other banks just alert their users that e-statements are ready
online without providing any clickable links in the email. Until today, Citibank notified me about a new
arrangement of no more e-statement attachment. Unfortunately, Citibank did not offer
apology to its customers for ignoring this important security matter
previously.
3 comments:
HSBC is doing the same.
HSBC not the same. I have dumped a HSBC notice below:
Dear Customer,
Thank you for using HSBC's eStatement and eAdvice Service. The latest eStatement(s) / eAdvice(s) for your below account(s) is / are now available:
xxxx-xxxx-xxxx-xxxx
You can view this/these eStatement(s) / eAdvice(s) by logging-on to HSBC Internet Banking. Please save and retain a copy of this/these eStatement(s) / eAdvice(s) for your future references.
Important Notes: This eAlert will be sent to your designated email address as soon as the latest eStatement(s) / eAdvice(s) is / are available at HSBC Internet Banking. Please check your eStatement(s) / eAdvice(s) promptly to:
avoid additional fees or charges incurred for late payments
take appropriate action and reply before instruction submission deadline as stated in the investment eAdvice(s) (if applicable) and/or
report to the Bank for any errors or discrepancies
Please update your email and/or mobile phone number via HSBC Internet Banking where applicable.
If you have any enquiries on managing eStatements / eAdvices, please call (852) 2233 3322 for HSBC Premier customers, (852) 2748 8333 for HSBC Advance customers or (852) 2233 3000 for other Personal Banking customers.
Thank you for your support to our environment.
Yours faithfully,
i think i have checked the box for "電子結單及電子通知書" and they had sent the attachment to my email address.
Post a Comment