wissel.net

wissel.net

Usability - Productivity - Business - The web - Singapore & Twins

Latest Banking Scam?

The phone rings.

He: Hello this is [name changed to protect the innocent] from [insert a big bank]. Can I speak to Mr. Stephan?

Me: Hello there, Stephan speaking

He: This is regarding [pretty usual transaction]

Me: OK

He: Let me ask you some questions to establish your identity

Me: OK

He: What is your account # and [secret question about pets, sports, cities, keywords - you know]

Me: Ah - why would I tell you that?

He: To establish your identity

Me: You called my mobile, so? How should I know you are from the bank

He: Sir I work for [insert a big bank]

Me: Yeah, how should I know that you are who you claim, you not even show a number

He: But I have to establish your identity

Me: And I need to know who you are. I've been burned once with stolen bank data

He: Can I know your account number now

Me: How can I trust you? Don't get me wrong, it is not personal, just security concerns

He: But I work for [insert a big bank]

Me: How would I know. You call out of the blue, with no number in the display, you could be anybody

He: We are not getting anywhere

Me: Right. Why don't I call you back?

He: Uhm - I don't have a callback number

Me: There you go (of course THAT part of the bank call centre is different from the part that takes in calls)

He (sounding desperate since I'm spoiling the average customer handling time): OK Sir, it is about [type of transaction] filed [date] and [value]. You used Internet banking last at [DateAndTime]

Me (feeling very sorry for the guy, assessing the risk: could he have obtained this information in a scam?): OK, I still don't trust you, but here we go. (passing ID information)

(This is actually a very risky behaviour. The very essence of scamming is to obtain a piece of information and use it against the victim to pretend you are a trusted party. E.g. Using a stolen logo is just the simples form of it. Kevin Mitnick was particularly good at Social Engineering, read for yourself. )

He: There is a signature missing

Me: Perfect, I wanted to cancel that transaction anyway.

He: So I cancel for you, have a great day.

Me: Bye! (taking mental note to change the ID information)

What is [insert a big bank] thinking? Disclosing a financial transaction to a stranger (ok the stranger in possession of the customer's hand phone) and expecting customers to blindly trust a caller. Such behaviour invites systematic scamming.

Posted by on 03 February 2010 | Comments (0) | categories: Business

Comments

  1. No comments yet, be the first to comment