🍍David Longenecker🍍Apr 19, 2017

In March, crooks made off with personal information on around 100,000 taxpayers by breaching a website tool intended t help with the FAFSA.

This letter sent by the IRS to affected taxpayers implies the crooks made off with far more than just income data. Credit monitoring is OK for detecting fraudulent new accounts - but does nothing if the crook has enough information to social engineer your bank.

https://www.securityforrealpeople.com/2017/04/a-letter-from-irs.html

Show thread🍍David Longenecker🍍Apr 19, 2017

I just heard that USAA is adding multifactor authentication for human-to-human customer service calls. Nice move!

Anyone know of any other banks that do this?

Show threadMunin, Keeper of LoreApr 19, 2017
@dnlongen That sounds nice, but....what factors? Please say KBIs aren't included.
Show thread🍍David Longenecker🍍Apr 19, 2017
@munin not KBI. A code sent via SMS or email. It's not ideal by any stretch of the imagination, but it's a significant step up from anyone else I have heard of.
Show thread🍍David Longenecker🍍
@munin And yes, I have given feedback privately to that effect :-)
Apr 19, 2017 at 1:17amWeb