Image via WikipediaIt's yet another very odd story coming out of Dubai Courts and I'm not sure whether that's because Dubai Courts are an odd place or because the journalism itself is odd. Gulf News reports today on a woman whose account was "hacked by a phishing syndicate". The story's here.
It's a very confusing story indeed - her account is variously described as having been hacked into and she as having been victimised by a phishing syndicate. Well, being hacked is one thing, being phished is quite another - and the core of the story, surely, is whether one or the other situation applies. If she was phished, she willingly gave away her account details which then would have been used by a criminal to access her account - no hacking involved. If she was hacked, someone illegally accessed her account by manipulating the bank's security systems.
And where did a 'syndicate' come from?
The story also makes mention of a mobile notification service which didn't kick in until four days after the transactions, but not why the service didn't kick in. Are we saying that all banks now have to notify all clients of all transactions or face liability for any fraud howsoever caused?
The court brought in an expert, a banker. I wonder why it didn't bring an expert on security in to clear things up a little? The whole report left me with a great deal more questions than answers - and that's not what journalism is supposed to do, is it? It's supposed to give us 'context and analysis'...
It's a very confusing story indeed - her account is variously described as having been hacked into and she as having been victimised by a phishing syndicate. Well, being hacked is one thing, being phished is quite another - and the core of the story, surely, is whether one or the other situation applies. If she was phished, she willingly gave away her account details which then would have been used by a criminal to access her account - no hacking involved. If she was hacked, someone illegally accessed her account by manipulating the bank's security systems.
And where did a 'syndicate' come from?
The story also makes mention of a mobile notification service which didn't kick in until four days after the transactions, but not why the service didn't kick in. Are we saying that all banks now have to notify all clients of all transactions or face liability for any fraud howsoever caused?
The court brought in an expert, a banker. I wonder why it didn't bring an expert on security in to clear things up a little? The whole report left me with a great deal more questions than answers - and that's not what journalism is supposed to do, is it? It's supposed to give us 'context and analysis'...
No comments:
Post a Comment