So, there it was this morning, the email from Wells about this transaction that took place last Thursday.
The only comment that I would make about this new mobile text alerting system from Visa that Wells has now deployed is that it should have been automatic that when I enrolled for that, the previous (and mostly useless) email alerting enrollment should have been cancelled or at least I should have been able to modify/cancel it.
My guess is that I was actually enrolling for the mobile alerts on a Visa hosted page, branded Wells Fargo. Even if it is not hosted by Visa on Well's behalf, it is clear that the two systems are not in synch. I had to go this morning and de-select the overlapping alerts. The site is; https://rapidalerts.wellsfargo.com/rapidalerts/ .
Referencing my background dealing with Phishing issues (ie; PassMark Security), the Catch-22 with all of these things is the possibility that something potentially good, like these real-time text alerts, can be just another oppty for phishing attacks. A url like the one above could (or should) make someone like me suspicious of if I am really at a legit Wells Fargo page or not. It is also interesting to note that Wells (or Visa) chose not to invest in a "secure" url for such a sensitive page as this. You know those green urls from Verisign and others called Extended Validation SSL Certificates. While I do not put much stock in these (or any of the "trust" seals), I doubt they cost considerably more and I guess they cannot hurt.