Can Buying T-Bills Online be Dangerous?
According to a recent study, the government website which sells Treasury Bills online failed to take basic computer security steps. The site www.treasurydirect.gov sold $8 billion of the securities in the first half of its fiscal year.
Online investment sites Morningstar and Savings-Bond-Advisor.com have complained about this lack of security. Addresses, usernames, and passwords can be changed without the knowledge of the investor. Currently, private financial investment firms are required to send address change information to both the old and new address. Transactions must be followed up by at least an e-mail to the original e-mail account of the owner. This move helps an investor verify that a transaction is indeed legitimate and was initiated by the proper person.
Given the vast increase of online fraud, the Treasury Department should follow the same requirements as the private sector. In the past year fraudulent online checking account transactions have increased a whopping 104%. By not automatically notifying accountholders of changes, the government site may become a favorite target. The treasury site is susceptible to large scale phishing operations or watch keystroke logger programs.
Investors may print copies of transactions at the time of purchase, but no e-mail confirmation is sent. By simply sending a confirmation, the chance of fraud is reduced. Investors would also feel more comfortable with this procedure.
Online investment sites Morningstar and Savings-Bond-Advisor.com have complained about this lack of security. Addresses, usernames, and passwords can be changed without the knowledge of the investor. Currently, private financial investment firms are required to send address change information to both the old and new address. Transactions must be followed up by at least an e-mail to the original e-mail account of the owner. This move helps an investor verify that a transaction is indeed legitimate and was initiated by the proper person.
Given the vast increase of online fraud, the Treasury Department should follow the same requirements as the private sector. In the past year fraudulent online checking account transactions have increased a whopping 104%. By not automatically notifying accountholders of changes, the government site may become a favorite target. The treasury site is susceptible to large scale phishing operations or watch keystroke logger programs.
Investors may print copies of transactions at the time of purchase, but no e-mail confirmation is sent. By simply sending a confirmation, the chance of fraud is reduced. Investors would also feel more comfortable with this procedure.
posted by skgroner | 7:30 AM
<< Home