This is my truth

Gone phishing

We are constantly reminded about the dangers of social engineering security breaches, such as phishing attacks. So, you'd think that a responsible financial institution would be sensitive to the advice that we're given, which includes being wary of emails purporting to be from one institution, but coming from a different domain.

In the case of Nationwide Building Society, think again.

It may use the domain, but I receive communications from, containing links to Does that sound suspicious, if not scammy, to you? Because it does to me.

That's three different domains, when a single one with and subdomains would suffice; if communications and service even need to be separated, beyond an email address, in the first place. I raised this as a security concern, to which their response was along the lines of meh! So, all of those emails get sent to junk mail.

Really, how can these fools expect security to be taken seriously, when they don't follow the basic rules themselves? (SMH)