Standard Bank's Ross Linstrom responds to the email scam (on a blog nogal)

Ross Linstrom responds... Well done Standard Bank. After some of my other opinion pieces on their approach to privacy laws - Ross was the last person I thought I would hear from. And in all those pieces, I tried desperately to track the man down for comment. I wonder what's changed.

But, musings aside. Well done man. I hope the blogosphere starts tittering a little - it's not often we see big corporates monitoring the social media airwaves. There are a lot of good customers to find a keep using new media. So nice to see someone waking up.

Ah, it could have been a simple Google Alert... but let's give the man credit where credit is due.

His response below... (I've included the whole bloody thing. Because I can. And I'm impressed with the response time.)

Hi Cowboy...

Nice posting. Yes, it is always better to call your own bank if you are not sure of the authenticity of a mail or bank communication. Below is a press release that we sent out on Monday. We also sent all of our customers a letter warning them of the scam.

Fraudsters have launched a new sophisticated phishing attack on Internet banking customers. Phishing attacks occur when fraudsters, pretending to be from financial institutions, send an email to Internet banking customers to trick them into revealing personal banking information. The recipient is usually told to visit a web site where they are asked to enter information such as Personal Identification Numbers (PINs), bank card details or bank account numbers. The fraudulent web site is generally identical to the financial institutions and customers would find it difficult to distinguish them.

Peter Schlebusch, Deputy Chief Executive, Personal and Business Banking says," this latest attack is very high tech. The fraudsters ask customers to divulge very specific information like card and PIN numbers as well as e-mail addresses. The fraudsters have generated a carbon copy of Standard Bank's website to fool customers into believing they are on the Standard Bank website. Customers are lured to this site via an email. Standard Bank will under no circumstances ever ask its customers for this type of information. PINs are secret and only customers should know their own number." Several customers have, unfortunately, divulged their information and have had their accounts compromised. However no customers have suffered any losses.

Standard Bank advises customers not to divulge personal information like card numbers and PINs to third parties. "Customers should view e-mails from strange sources with the same amount of suspicion as they would the person behind them in an ATM queue. Your personal details are just as vulnerable in cyber space as they are in the real world if the correct precautions are not taken. Customers acting responsibly by keeping their personal details confidential are our first line of defence against online fraudsters. Knowing and understanding the security environment is important so as to not fall victim to these syndicates," says Schlebusch.

Standard Bank remains committed to protecting the integrity of its customers banking details and urges them to take effective security measures when transacting over the Internet. Customers should make use of the bank's free security and authentication offerings. Customers are urged to adopt the following security features and practices: Treat unsolicited email with suspicion Never divulge sensitive information. One-time password is a unique, compulsory and time-sensitive password used as added security on selected Internet banking transactions. The password will be sent by email or SMS and is valid for one Internet banking session. This service is free. My Notification is an email or SMS service that informs customers when profile amendments, new beneficiary additions, amendments to existing beneficiaries and once-off payments are carried out on Internet banking.

Payment confirmation is a notification that informs both the payer and payee that a transfer or payment has been successfully completed. Standard Bank is the only local bank to offer McAfee Antivirus software free to its entire Internet banking customers. This antivirus and firewall software can be downloaded directly from Standard Bank's Internet banking website. Customers who are concerned that their personal details may have been compromised, should contact Standard Bank on 0800 020 600 or +27 11 299 4114, if they are calling from outside South Africa. Standard Bank's lines are open 24 hours a day.

Customers can also email the bank at Standardbank-e-mailunit@standardbank.co.za.

Regards
Ross Linstrom
Standard Bank Media Relation

So, there's a bit of customer evangelism for you. Happy PR'ing.