Marghil and Yuga have revealed a security risk in Xoom. All you need is someone’s email address, zip code, and bank account number.
Yuga mentioned that it is unlikely that a person publishes his or her account number online. But does your bank print the account number on bank statements? Or does it display it when you do your online banking? If you do your internet banking in an internet cafe, do you clean up your tracks?
Consider this: most hacking incidents do not really require technical skills. Common social engineering techniques include dumpster diving (i.e., going through the waste basket) or shoulder surfing. If your bank prints your account number on your statement, the hacker already has two pieces of the puzzle. All he needs is the email account—and how many of us use our names as our email address?
So does your bank mask the account number? If not, you should strongly advise your bank to do so.
6 comments
there is actually a “better” loophole with the services the xoom is offering, tho i dnt want to post it and someone might find it interesting and actually do it..
and its imitation, not plagiarism (which is the unauthorized use of the language and thoughts of another author and representing them as one’s own original work), the highest point of flattery..