Joho the BlogCiticard does its best to train us in horrible security practices - Joho the Blog

Citicard does its best to train us in horrible security practices

Citibank continues to train its customers to use terrible security processes.

This morning I got a call from a robot that claimed to be from Citibank. When I refused to type in my zip code, and then waited for two minutes of repeated requests to do so, it transferred me to a human who wanted me to give him my name, undoubtedly to be followed by a request for my password. Thus does Citibank train its users to divulge personal information to anyone with an automated phone dialer.

This is the same outfit that no longer offers to put a thumbnail photo of you on your credit card, which is a pretty good way to foil card-grabbing bastards. It also used to embed an image of your signature on the front of the card. Again, a cheap and effective prophylactic measure that it no longer offers.

This is also the same outfit that is very happy to sell us monthly services — $10/month last time I looked — that inform us when Citibank has failed to protect us from identity theft.

3 Responses to “Citicard does its best to train us in horrible security practices”

  1. WOW!
    They asked for your password-amazing. I’m glad I am devoid of a Citibank card.

  2. Citibank was one of the clients of Epsilon, the marketing outfit that had consumers’ names and addresses stolen this week. Maybe some innovative phisher-people were able to put them together with phone numbers?

  3. Andy, I’ve thought about it and I think they did not get as far as asking me for my password. That would certainly have come next. But I’ve edited the post to indicate that the conversation didn’t get far enough for them to ask for the password.


Web Joho only

Comments (RSS).  RSS icon