Personal Finance & Money Asked on July 28, 2021
There is a scam called ‘authorised push payment’ where customers are persuaded to transfer money to a scammer, thinking they were transferring it to a reputable business, such as a conveyancing solicitor.
Which have a page about it, but its instructions for avoiding this are very general (like "Take care"). Is it possible to define a set of concrete actions that you can perform to ensure the bank details you have been given are actually those of the organisation you think it is?
There are 2 situations that this is relevant to me:
The first I suspect is me being paranoid. I wanted a savings account, went to money saving expert, picked a high interest option that I had not heard of, and opened an account. About the same time I read that their certificate issuer was hacked, and as I was not aware of any other way to validate the credentials they provided online I was too frightened to transfer any money into the account.
The second is much more like the sort of thing that generates these scams. I am looking at buying property by auction. The auction website has a registration/login process, but appears to be pure http, I have not found a https page. I have had emails from the auction house, and they have no encryption but are sent from a SPF permitted IP address. The property is currently owned by a company with no web presence or telephone number available online, but exists on companies house. If I win the auction, I will have 24 hours to transfer 10% and 20 days to transfer the rest. I expect to get the payment details by email.
In cases such as this, is there a set of actions that an individual can take to ensure that any set of payment information is who they think it is, and safe to send a large amount of money to?
You've asked this as a generic question, so I'll give a generic answer. If you want to know how to verify a specific transaction then I think that belongs in a separate question.
It all boils down to trust and confirming identity. The various tools that are out there are mechanisms that build trust.
You trust a conveyancing solicitor because they've had an office in town for years. Your friend recommended them after using them to buy a house, which adds some additional trust. If you walk into their office and they hand your their bank details, then you are confident those bank details are legitimate.
When you use an HTTPS website, you trust that your browser maker (e.g. Mozilla) has verified the identity of the Certificate Authority (Cloudflare Inc) and that the Certificate Authority has verified that you really are looking at example.com. You already trust example.com because you've used them in the past, or you've seen TV adverts for them etc.
So you need to confirm that:
Correct answer by thelem on July 28, 2021
To be honest, I'd be more concerned about the auction site than the seller of the house. If their security is so lax that they don't use a secured web page for login, what ELSE is unprotected? How secure is ANY of your information that you provide to them?
I'd have to seriously question the competency of the I.T. department when it shows such amateur data practices, and that doesn't inspire any confidence.
For me, there are too many red flags here to feel comfortable dealing either with the auction house or the seller of the property. I would have to waive off and find a different venue for buying auctioned properties.
Answered by RiverNet on July 28, 2021
I would say be careful, confront the auction host and make absolute sure that you will be getting what you want at the correct price. Also look up when and who certified their server and contact them to see if the certified person was a legit business.
This is all i can say but i hope this helps out
Answered by Joseph Casey on July 28, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP