The future of the mail deliveries.

[Jerry_Atrick]

I am not saying that we shouldn't tranistion to email. Most things sich as the sharing of engineering plans, and even tax returns, etc, are fine because even if they are intercepted, big deal. I have never met my accountant and when the books are submitted, they become public record anyway. Maybe ASIC charges a fee, whereas UK Companies House doesn't, but for a small chunk of change I can find out most of what I want to for any company or sole proprietor (and anything in between).

 

My argument is that email is still  not secure enough to force people to use it, even when the actions are performed though secure online services for some things - such as official government business and financial transactions. 

 

3 hours ago, octave said:

As usual, these discussions prompt me to do some research.  Whilst there are plenty of online scams, there are also scams involving physical mail theft.  One particular scheme involves stealing a bill from a letter box and reprinting it with different bank details.

 

Physical bills can be used in ID fraud. If you are receiving physical bills, you ought to shred them before disposal

Advice from Victorian Police Delivery and Mail Security says:

 

Minimise the amount of mail delivered to your home by:

• Not having bank or utility documents sent by post. Instead, have them sent by email.

 

You're quite right. I didn't say snail mail entirely protects. What you didn't mention is that email phishing fraud really, really dwarves stolen letter fraud - so the chances of it are happening are quite low. And while the "success" rate of snail mail fraud is higher, the overall lost to fraud this way is significantly lower as well. Also, I couodn't find any data, but I would imagine that the success rate of letter fraud is dropping two for two main reasons: Firstly, with direct debit/BPAY, secondly,. most people these days that pay a recurring bill probably have the payee details stored anyway, fourthly (not sure about Australia), when paying new payees, you have to enter the account name, whether it is business or personal and the bank BSB and account and if they do not match, you are warned to check the bill.

 

Also, if they decide to say up the bill significantly to increase their return, the utility company or whoever is likely to receive a phone call. And it is a lot of faff for the perpetrator. They have to steal the mail, scan the document, make the change, stuff the envelope making it look not tampered and deliver it again as the stamp has been stamped. 

 

In terms of the advice to send the bill to you electronically - it is good advice. Except for two things. Firstly, there is Business Email Compromise, which takes two forms. First, the hacker gets control of the email servers of the business and adulterates the email, as per this poor couple falling victim to: https://www.theage.com.au/lifestyle/life-and-relationships/hope-and-tom-paid-250-000-to-secure-their-dream-home-then-nearly-lost-it-all-20251104-p5n7pr.html 

 

The other is where a sniffer reads the email and attachment, makes the changes and immediately sends out a revised email, apologising for the mistake of payment details in the original email. 

 

If you want your physical bill untampered, yes, get it sent electronically. I agree. But, now you are expecting emails from that company, and there will inevitablly be a phishing email calling people to urgent action because of an imminent account closure or to validate or cancel an unusual transaction. And most people should ignore any links and log into their accounts, but sadly, even savvy people whose circumstances led to a lapse of concentration or the scammers merely put together some situation that coincidentally is very similar to the victims own at the moment, and in a lapse of concentration, they have clicked the link, divulged their credentials and their account has been drained in the blink of an eye.

 

So, you may be stiffed $100 or so for your monthly electricity bill - once - and if you don't use BPAY or you ignore the payee being dfifferent to the banks record. I know of one person who had over £10K drained from their account. They eventually got it back, but ultimately we collectively pay. 

 

And my point is, at the moment, to default to receive snail mail for financial transactions, but allow people to opt into pure email. They either recognise and mitigate the risks, or they ignore them, or they choose not to. Despite the risks of mail theft and fraud, the risks around email at this point in time are much higher. And therefore, I would suggest the advice given by Victoria Police Mail Delivery and Security, aboive, is narrowly framed and does not take into account all of the risks. 

4 hours ago, octave said:

I came for the discussion but stayed for the "untitting"

Well. I dunno.. I am normally happy to have their tops disrobed, but untitting sounds gruesome to me.