This morning I discovered a message on my cellphone:
(1)TD account blocked click on https://td.1account-web.com/TD,7 to resolve.
Now I was immediately suspicious of the message so I went to WHOIS.com to check the link and here is what WHOIS reported:
So the same day the phishing attack message arrived, the hackers behind it had setup the account for a full year with thoughtful help from Amazon Web Services.
Here is more relevant info:
I thought TD Canada Trust Security would be interested in the details in the hopes of nipping a phishing hacker in the the bud. Besides, based on the message the hacker knew 1) I had TD accounts, 2)my phone number and 3)likely more. So contacting TD Privacy and Security officials became a priority. After all, TD Privacy and Security had pledged “We take strong measures to protect the security and privacy of your information.“
After 45 minutes of searching and waiting for a connection to the TD Security Group and finally making a connection, it became obvious that 1)the TD Security official could not offer any suggestions on how to increase the safety of my account other than my own vigilance; 2)this was likely a phishing attack so an emphasis on plebian advice “do not click on the offered link but immediately delete the message“; and 3) NO, TD was not interested in the 613 -hack attack phone number nor the WHOIS report data shown above.
Talks about disappointing. No advice on how to increase the security of my TD accounts. If TD Canada Trust Privacy and Security was not interested in documenting the details of a nascent phishing attack – can one expect any forceful action against the Phishing community. Does this Laissez-faire approach permeate the Canadian Banking community? Or is this the contemporary Zeitgeist? Like Climate Change , don’t tilt against the Windmills of Our Times.