There’s a new meme on Facebook, the Name Game. Well, I don’t know how new it really is, but I hadn’t seen it until this morning. It goes like this: you follow the instructions and generate a bunch of “names” for yourself:
Replace my answers with yours and tag as many people as you want (but don’t forget to tag me!)
1. Agent-name (the second one of your fist names and the street you live in) –
2. Moviestar-name (grandparent from your father’s side and your favourite candy) –
3. Rapstar-name (first letter of your first name and 3-5 first letters of your surname) –
4. Game-name (favourite color, favourite animal) –
5. Soap-opera-name (the second one of your first names and the town you were born) –
6. STAR WARS name (Three first letters of your surname, three last letters of your mother’s maiden name and three first letters of your pet’s name) –
7. JEDI name (the second one of your first names backwards, the maiden name of your mom backwards) –
8. Pornstar-name (the name of your first pet, the street where you grew up):
9. Superhero-name: (“The”, favourite color and the car of your dad) –
10. Actionhero-name (The main character of the movie you last saw, the food you last ate) –
Of course, some of those seem quite innocent, like the last one. Nobody cares whether someone finds out the title of the last film they saw, or what they last ate. Your favorite color is not a state secret, after all!
However, a number of those bits of information seem designed to get specific data, and, not coincidentally, it’s the exact sort of data that websites use in their “personal questions” section to ensure that you’re really who you say you are when you’re trying to retrieve a forgotten password. Your mother’s maiden name, the name of your pet, your favorite color or animal, your own middle name, your paternal grandfather’s name: some of these are more common than others, but I’m pretty sure I’ve seen all of them in the “Verify Your Identity” question posed behind the “Forgotten Your Password?” link.
Which is probably no reason to panic, as long as your Facebook settings are on the paranoid side… but me, when I see a list of questions like that, I start wondering who’s going to be collecting the info and hacking people’s various online accounts. This is the internet, after all: it’s not a far-fetched scenario, in a world where you have random Nigerians impersonating the bank of Ethiopia (and coming very close to conning Citibank out of $27 million)!
This reminds me of the “voice-phishing” problem that Korea has supposedly been having the last few years — the same problem that prompted banks to suddenly declare all foreigners can no longer have international debit cards, and cannot open bank accounts for the first few months in Korea (as discussed in part 2 of the article linked here).
[And yes, yes, the “solution” is ridiculous considering most foreigners arrive in Korea explicitly for the purpose of working here, considering that most “foreigners” arrive with little or no Korean ability, and considering that crime rates among foreigners are lower than crime rates among Koreans.]
Well, with the voice-phishing, the police and banks are even considering putting cell-phone blocking technology into bank machines, to prevent old folks being lured to ATMs to transfer their savings to total strangers. Of course, this raises the question of how one is supposed to call the bank when the machine screws up, eats your card, or is broken. This is not an idle question: I once had to do so, because a machine gave me half the money it was supposed to, in a hospital ATM in Bucheon! The bank machine had a phone number on it, I had to provide the location of the machine, and other details. So are banking services going to be hurt in the rush to prevent voice phishing? That’s a case of making new problems to “solve” the old ones, isn’t it?1.
But the bottom line is, scamming is something of an art form: it’s creative, and the more creative the scammer, the faster he or she will find a way to bilk people out of their money (or identity, or whatever). The bottom line is that the change cannot really be achieved by placing restrictions on what people can do online, whether people can talk on the phone in front of an ATM, withholding banking services from foreigners (no matter how long or uneventful their stay in Korea has been), or any of those standard (in Korea) approaches.
The way to defeat the scammers is to teach people how to think in a new way, and to move beyond the idea that all solutions can be automated: not quite paranoid, but at least scam-aware. I know, I know: bank machines, cell phones, money transfers, and the like are all stunningly new, stunningly futuristic things to a certain generation of Koreans. I won’t go so far as to say, “If grandma’s so dumb as to give a stranger all her money…” because who knows what kinds of bewildering technologies I’ll be faced with in thirty or forty years!
However, if someone sat down with grandma and explained, in simple terms, what voice phishing is, and why she should be careful, maybe grandma would understand. And for the cases where grandma’s too old to grasp it, there could be other failsafes. I’m thinking online business certifications, face-to-face meetings with a bank official for all funds transfers over a certain amount between two individuals not previous financially connected, wherein the recipient needs to demonstrate the legitimacy of the transaction, when one of the individuals is over a certain age or even just when he or she has opted for free “scam protection” service? Hell, this would even make it possible to catch attempted scammers — assuming bank security could handle tackling a scammer — and would force those criminals into a new niche. (And I don’t suspect it’d add up to all that many meetings, in the long run.)
1. On the other hand, I personally would be truly appreciative if the authorities would install those on buses and subways, so that people could travel in relative comfort without their immediate neighbours shouting into their phones. It’s very easy to take the punish’-em-all tack when you know it’ll never affect you: I rarely take or receive calls on the subway, and likewise, I’m glad to hear (from James) that DMB service in the subways is on its last legs because it’s a money-losing venture: sure, only one out of ten people is so rude as to watch TV without headphones, but one out of ten is still a lot. Since I don’t use DMB — streaming TV to portable devices — I will not be sad to see it go. Wifi, on the other hand, is something I wish we had on the trains. Ah well.)