I thought duping customers [0] to think they were entering their credentials at their bank website while they were giving them to Plaid was bad. But this is some next level malice. How are they still in business?
They got me with that one once, the frame looked exactly like my bank's login and I thoughtlessly assumed it was some kind of federated authentication handoff. This is apparently enough of a problem that my bank is flagging them as likely fraud.
Seems like this is going to wind up in court sooner rather than later.
Seems like this is going to wind up in court sooner rather than later.