I was trying to log in to Merrick Bank's on-line system to check my credit card, and I had the wrong password. Once I figured out what was wrong, I'd done it too many times, I got a screen telling me my account had been locked for too many invalid logins and I had to call to ask for a reset.

I also got an e-mail:
[img]http://in-the-matter-of.com/merrick_security_notice.png[/img]

Notice something about this e-mail. There is absolutely nothing you can click on! You can't make any kind of response to this e-mail. It's impossible for a message from them to be used as a phishing attempt or security breach, because they never provide a means to respond within the e-mail.

This is the way an organization should send you a security warning.

About the only thing I'd change is, next to the 877 number, I'd put "Or the customer service number on the back of your card if you prefer."

I thought about the fact I like this so much that I called them and suggested it, and also told them I really like the fact they don't put any links in their e-mail.