Most AdSense Publishers in the Philippines would use Western Union to pick up their earnings because it’s the fastest and most convenient method. However, based on recent experience, it’s also the most un-secure and prone to fraud. Just the other day, someone claimed my AdSense earnings via Western Union and got thru.
This isn’t the first time this kind of MO happened and it isn’t an isolated case either. A number of local publishers (and bloggers) has had their Adsense revenues wiped out thru Western Union in the past.
In my case, I was out of the country (flying in from Jakarta actually) last March 1 when someone cashed out my AdSense account thru Western Union. When I dropped by today to pick it up, I got the bad news and the local branch I went to could not do anything.
My initial hunch was that it was an inside job — someone from the WU agent has access to records (specifically the MTCN). The first time I picked up my AdSense from this new branch (the old branch I usually go to for years, the one in Park Square 1, is already closed) near the house, I gave my credentials and ID (passport).
Those personal information and identification, along with access to the system for MTCN is all they need to cash out. The security flaw could be the ff:
- All WU agents have access to the MTCN. They can just do a reverse look-up (search for the name and then look for corresponding MTCN for that name).
- WU agents have network access to customer information. Anyone can pull it up and share it with an outsider to pose as the customer.
- WU agents are not very strict with regards to verification. Not sure if they have access to the soft copy of the photo ID.
These type of incidents put Western Union in a very bad light. Even if the culprit is just one of their agents, it’s still a huge security hole and will certainly reflect on customers’ trust on the service.
I’ve reported this fraud to Google’s Support and sought the help of a friend who works there. Frankly, I’m more interested to get to the bottom of this, find the lapse in security and figure out who the culprits are.