“Do not give you bank account information to someone you don’t know or trust.” How do you know whether to trust someone? Apparently lots of people trusted EdebitPay. It’s easier to trust than to do research.

“Don’t enter it in online” I’ve entered my banking information online many times: to PayPal, to Verizon, to my electric company, to my student loan servicer. The convenience outweighs the risk. Did I check that SSL was being used, that the URL was correct, etc.? Barely. Did I check with the BBB? No. Did I search for forums where others reported their experiences with these companies? No.

“don’t give it to someone who calls and claims to be your bank” Easier said than done. Social engineering will always be with us, and people will be tricked. Even I was almost tricked into clicking a link in an email that claimed to be from an old high school friend. Yes, we grow up and get wise. But you never know when someone will be sleepy or overwhelmed or just finished an argument with spouse when they pick up the phone and really believe that it’s their bank rep calling.

I appreciate the warning, but remember: it’s not as easy in real life. The systems we have for identification and verification and trust don’t work. Consumers need more education than just a list of don’ts.