Categories
Uncategorized

Another Bank Security Lapse: USAA

Financial institutions are putting on so much security when you call in that you sometimes wonder if it is worth it. Perhaps this is a way for the banks to discourage human interaction, allowing them to reduce staffing costs.

Nevertheless, I get tired of being bombarded with questions galore to substantiate my identity. Yes, good that they are being careful. Horrible that we customers must endure this.

Given the amount of aggravation we customers must go through (not to mention the frustrating voice menu systems), you’d think a financial institution such as USAA could one of the most basic security measures when sending a replacement debit card. This basic action is to seal the envelope. Yes, I received my USAA debit card in an unsealed Priorty Mail Express envelope that was unsealed and open. I’m lucky someone didn’t pull the contents out. I’m lucky the card did not fall out of the open flap.

One would think that if you are going to send Priorty Mail Express that you would seal the envelope. Really, it takes about 2 seconds to do this.

Categories
Uncategorized

How Starbucks Confuses

Here’s a straight forward lesson in confusion. The Starbucks promo that appeared on my phone in the Starbucks app clearly shows ICED drinks. I go into Starbucks on August 29, 2019 to get a two-for-one iced drink. NO! The staff tells me the happy hour promo is only for HOT drinks. I would say this borders on false advertising. Being that the happy hour is August, it is also reasonable to think that the happy hour promo would be doing ICED drinks on a summer day. This is a fail for corporate communications.

Categories
Uncategorized

Discovering a Security Breach at Wells Fargo

Dealing with Wells Fargo is frustrating enough. FOUR phone calls, one hour, just to change my email address. Why? Because the Wells Fargo system said it could not verify my identity, even though I logged into my account with correct username and password. That is verification. The system required me to call an 800 number to further verify. Two of the four calls were dropped by Wells Fargo.

On top of that frustration, the Wells Fargo system morphed the correct email address put into the field into a different email address that is not mine. All this was done and verified (including screen shots) while on a call with a Wells Fargo online banking supervisor. The fact that the Wells Fargo system will change what you type into the email address field into a different email address is a security breach. No system — financial or otherwise — should be changing the values provided by the user. Such allowances — deliberate or not — indicate lax programming that weakens security. This means the email with the verification link went to someone else. Altering the email address and sending emails to that incorrect, altered email address is a security breach.

I have screen shots, but for my own security, they are not included here.