I've been trying to use this technique to alert banks (in Belgium where I live) of online fraud for a while but failed.
We are getting lots of phishing by text, email and hacked IMs. They use a bunch of redirections to get you to "login to your bank" with our security devices. In reality, they'll use MITM it and transfer money to some mules.
If we could have people fill in some canary bank account that would trigger a fraud alert at the banks, we could stop those payments a lot more easily.
The banks don't really seem to care because the payments are signed with the card and PIN of the owner, so they refuse to refund it. No loss to the bank, no action. :(
We are getting lots of phishing by text, email and hacked IMs. They use a bunch of redirections to get you to "login to your bank" with our security devices. In reality, they'll use MITM it and transfer money to some mules.
If we could have people fill in some canary bank account that would trigger a fraud alert at the banks, we could stop those payments a lot more easily.
The banks don't really seem to care because the payments are signed with the card and PIN of the owner, so they refuse to refund it. No loss to the bank, no action. :(