Tip of the Day - Mothers Maiden Name (4 Viewers)

[Uncle Gizmo]

Tip of the day Mothers Maiden Name

You're having a conversation with this really nice friendly person on the internet and you get to know them. Eventually they mention that they they think they might know your family and start asking you questions - Where you come from? Where do your mum and dad come from? What was your mum's name before she got married?

A few days later you see a large sum of money leave your bank account! The scammer had been gathering information about you for months from various places on the internet and your conversations on social media and had pulled together everything! The last piece of information they wanted was your mother's maiden name and now they had it!!

I recommend you check with your bank what the key word is and if you discover they are using your mother's maiden name, then change it!

I suggest you bring to mind your favourite uncle or auntie and use some obscure detail about them that nobody else would know as your "mother's maiden name" password...

 

[KitaYama]

You mean they don't need a password or a phone?
With several on-line information and one's mother maiden name, you can transfer money from one account to another?
I wonder how loose the security of UK Banking system is.
Here, not only you have to use a card and a password, or two differnt password if you don't have your card on yourself, but also they send you a message to your phone for confirmation.

Even if it's not sending money to another account, any withdrawal needs ID card/driving license.

 

[The_Doc_Man]

KitaYama, in any scenario where "mother's maiden name" is significant, you are probably in some bank's "forgot password" dialog where they are asking you some "security" questions to decide whether to reset your password. So in that case, no... you DON'T need a password or phone. You are correct that sometimes another element of identity confirmation is important. The comment by Uncle Gizmo is in the fringe area where this concept applies: If something is so secure that you can't use it, it is of no value to have it in the first place. It is all a balancing act between security and utility, and client password resets are dead-center in that fringe area.

 

[AngelSpeaks]

Tip of the day Mothers Maiden Name

You're having a conversation with this really nice friendly person on the internet and you get to know them. Eventually they mention that they they think they might know your family and start asking you questions - Where you come from? Where do your mum and dad come from? What was your mum's name before she got married?

A few days later you see a large sum of money leave your bank account! The scammer had been gathering information about you for months from various places on the internet and your conversations on social media and had pulled together everything! The last piece of information they wanted was your mother's maiden name and now they had it!!

I recommend you check with your bank what the key word is and if you discover they are using your mother's maiden name, then change it!

I suggest you bring to mind your favourite uncle or auntie and use some obscure detail about them that nobody else would know as your "mother's maiden name" password...

This is why on Facebook , i have never mentioned my maiden name. Heck I abbreviated my married name. I also don't mention the street i grew up on or the make and model of my first car.

 

[NauticalGent]

This is why on Facebook , i have never mentioned my maiden name. Heck I abbreviated my married name. I also don't mention the street i grew up on or the make and model of my first car.

I have long suspected those "random" surveys o n FB were a means to data-mine that info. I first got the idea from the movie "Now You See Me 2", when the Horsemen asked their benefactor what seemed at the time, harmless personal information that were actually security questions to his bank account.

 

[KitaYama]

KitaYama, in any scenario where "mother's maiden name" is significant, you are probably in some bank's "forgot password" dialog where they are asking you some "security" questions to decide whether to reset your password. So in that case, no... you DON'T need a password or phone.

That was my point. Here, if you forget your password, they they send a postal notification (not e-mail) to the address registered to the account. I don't know what you call it, it's a special mail that only the receiver can receive it and you have to show your ID, and sign a card and then the postman gives you the letter.
The letter contains a special paper that you have to fill the form (some personal info) and take the form to the bank, on the date and time registered in the form, to a special person. There you need to show your ID, your insurance card and your driver license (all three is necessary). Then you have to sit in front of a PC (in the bank) and change your password, which it needs a confirmation via a sms to your phone.

Forgetting password can not be solved that easy and is not done on-line.

 

[AccessBlaster]

Several years ago my wife setup a special word that has nothing to do with family, friends or pets. Its a random word the scammers have to know before proceeding. It works so well it keep me out sometimes, go figure.

 

[Cotswold]

I recently had my main email use a CAPTCHA demand to check my recovery email and enter the code that had been sent there. I opened the recovery email and that also required me to enter a code it had sent to my phone. By the time I’d all done that and returned to my main email, it had timed out. I then had the sheer joy of wasting an hour getting back into my main email.

There was a time back in the last century when computers saved time and made life easier. Not any more. Even something simple like a lost phone can prevent you getting hold of many things that you trust to the internet. So many of the online systems cannot cope with an unexpected event and you are left attempting to prove who you are. Whilst at the same time they are happily dishing out your money to anyone who knows your mother’s maiden name.

Bank fraud has increased with WFH, or more accurately, SAH (skiving at home) They can look at your account and share it with anyone who is stood around their kitchen table with a phone to take a photo.

Make sure everyone who needs to know, does know. Maybe with an envelope with your will, or in the safe. Otherwise they'll never know where everything is. Back in the day you could just walk into a bank and open an account in any name you saw fit. This guy had several such accounts for tax reasons. Then he unexpectedly died and his family spent a week lifting all of the floorboards up stairs and down, to try and locate the account names and details. Which they never did. Another guy hid several gold sovereigns in boxes of screws and nails which the family threw out when they cleared the place up. Then his brother went round and told them what he used to do. I got the distinct impression that nobody thought it was funny.

 

[Uncle Gizmo]

Bank fraud has increased with WFH,

Re:- "Bank fraud has increased with WFH" ---- it won't be long before the scammers cotton on to this speech generation stuff, watch YouTube videos of your family talking, and develop a copy of their voice, one of your family members - have the Cloned voice contact you in distress asking for you to send them some money because they are in serious trouble !!!

 

[AngelSpeaks]

I have long suspected those "random" surveys o n FB were a means to data-mine that info. I first got the idea from the movie "Now You See Me 2", when the Horsemen asked their benefactor what seemed at the time, harmless personal information that were actually security questions to his bank account.

If you've ever had to setup an online account with the IRS, you would see the bulk of the questions on these very surveys. I would warn others, but these individuals were too bored to listen. They wanted to play the game.

 

[Isaac]

You mean they don't need a password or a phone?
With several on-line information and one's mother maiden name, you can transfer money from one account to another?
I wonder how loose the security of UK Banking system is.
Here, not only you have to use a card and a password, or two differnt password if you don't have your card on yourself, but also they send you a message to your phone for confirmation.

Even if it's not sending money to another account, any withdrawal needs ID card/driving license.

It's just a matter of tracing original documents back further and further. One example is that it's surprisingly easy to get a reprint of an original birth certificate. With that you can then do quite a few things. I don't think this is to say that as soon as you have someone's mother's maiden name you can transfer money, no of course not. But it's one important piece of the puzzle and not one that you should let be public! At least not here and not one that you should let be public! At least not here

 

[KitaYama]

But it's one important piece of the puzzle and not one that you should let be public! At least not here and not one that you should let be public

I absolutely agree with this,

 

[Isaac]

The Hispanics have an advantage. They have more last names to choose from!

 

[DickyP]

Back to the basis of IT security - it doesn't have to good but good enough. For instance, we are told 'never write your passwords down', but a physically secure bit of paper cannot be hacked and is certainly better than my memory. The stricture about writing them is aimed at the post-it note on your monitor level of physical security.

No site security actually cares about the real mother's maiden name: mine has been (in the past) amongst others, Dracula, MaryPoppins and Aisha.

 

[The_Doc_Man]

In every case in the last 30 years where "mother's maiden name" was a security question, I had options to PICK which of several questions I would answer, and I avoided Mom's name as one of those questions. They had other questions like "what was your first dog's name" and "what was the model of the first car you owned." Which allowed me to slightly lie, since Mom and Dad never actually transferred ownership of cars to me, so in fact more than one car fell under that "disguise."

 

[Steve R.]

Unfortunately, I have taken these "security" questions too literary. I could never remember the answer to absurd questions, such as the name of your first grade teacher. But then @DickyP pointed to a very logical solution, make stuff-up.

Following-up on account security, I recall (years ago) where a newspaper had a sob story of a woman who had all her financial accounts cleaned-out, which left her impoverished. The only reason I remember this story is that the article did not provide a plausible reason for how that could have happened. After contemplating on that, it would seem that this was an inside job by the woman's relatives. Who else would know all the places that woman would have had an account. As much as we would like to trust relatives, when it comes to money, sometimes you can't trust your family.

 

[AccessBlaster]

I use the porn star name method for passwords: your childhood dog's name with with your street name.

 

[The_Doc_Man]

For a while, when I was still a bit more agile, I was using the names of certain ballroom dance moves and styles. Moved away from that because it has been so long since I took those lessons that I've forgotten some of the fancier names.

 

[KitaYama]

If it makes any sense, we can either choose one of the pre-defined questions, or add our specific questions and the answer to that questions. The questions we add is available only for us, not other users/members. When needed, we have to offer both the question and the answer. I normally use Where I proposed to my wife, where was the first date or what was our first argument. If anyone else tries, s/he should know the questions set and their correct answers.
This is only for our local organizations, (Banks, ...).

 

[The_Doc_Man]

It has been a while since I had to supply new security questions, but the places I last visited with that requirement didn't offer the chance to add my own question (and answer). Obviously, this feature hasn't made it to the USA yet OR at least it isn't common in my area.