Thursday, 12 March 2009

Phishing and Trust in a Brand.

I have had the opportunity to meet some some people that have fallen victim to phishing. The experience for me was some sometimes uncomfortable, difficult and an interesting exercise in marketing.

Some people take the knock on the chin and will learn from the experience and be sad and hang on the glimmer of hope of getting their loss back. Others are aggressive and demand that the Bank make it right. I use the analogy of a set of car keys. If you left your car keys in your car, go into the shop and come back and your car is stolen, do you demand that the vehicle manufacturer replaces your car?

The problem, I believe, is that cars have been around for a long time, at least three to four generations and the ins and outs of car ownership, not the oily ins and outs, but the day to day ones have become a part of life's lessons. Take the internet, its only really been in mainstream existance for lets say at most 20 years. This means that our parents don't really comprehend it and our grandparents probably think that it is bordering on voodoo.

How ingraned has the internet and all the ins and out become in our lives? Not a lot. Add in the great work that marketing does, they have built trust. Huge amounts of it, so much in fact that if a customer sees their Bank's logo, that is sufficient. It is all they need to trust the site - no matter how dubious the site looks.

This trust is perfect for criminals, it is very good for the Bank in terms of customer loyalty, but it is horrendous in terms on trying to teach people about the dangers of an online life. The problem that we face is that as we tell customers to scrutinise their banking tool, the marketers are launching new products and campaigns touting the safest and most secure product offering.

Whilst, yes, the banking tool is safe and secure - think about it no one is going to offer a solution that is not secure, the risk is just too high. So where does the tool fall down? The same place that cheques, credit cards and other scams do - People. The people that we are offering a service are the weak point.

Is phishing different from card fraud, or smaller scale Ocean's 11 type scams? Nope. The problem is that when you have a tool, you need to learn how to use it. Driver's license. Should we be making clients get an Internet license? I can hear the marketing people choke on their creative "enhancer".

Interesting thing is, is that the most difficult and aggressive of the interviewees who nearly socked me thought that it was a brilliant idea.

No comments: