← Back to context

Comment by TeMPOraL

10 hours ago

> They are not scam calls

What are they, then? Sales/marketing calls? Or some security notifications ("we noticed some suspicious operations in the last 3 days...")? If it's the former, that's still scam in my books. Specifically, it's a first-party scam, as opposed to a third-party scam, where some third party pretends to be your bank.

They both should be treated similarly; unfortunately, you can't report first-party scams to police.

9 comments

TeMPOraL

Reply
seanhunter  8 hours ago

Yeah as sibling points out, lots of orgs have scammy official security calls. This leads to a dance I have been through quite often.

   <phone rings, I pick up> Hello
   Them: Am I speaking to Sean Hunter
   Me: Yes
   Them: This is <rubbish bank who should know better>. Can you confirm your <date of birth/full address with postcode>
   Me: Yes
   Them: Err, … sorry I didn’t quite catch that.
   Me: Yes.
   Them: <thoroughly confused>I asked whether you can confirm your <date of birth/full address with postcode>
   Me: Yes.  I can.
   Them: err… I can’t talk to you without you passing security.
   Me: You called me.
   Them:  I’m sorry…?
   Me: You called me.  You wanting to talk to me about something is your problem.
   Them: I need you to pass security before I can talk to you.
   Me: OK, well.  Have a nice day.  <hang up>

Almost this exact thing has happened multiple times with one of my bank accounts which I can’t completely shut because of boring reasons but I have basically deprecated because they do this sort of nonsense. My main bank now is much better.

  • Scoundreller  5 hours ago

    One of my banks refused to talk to me over the phone and informed me to go to a branch with 2 pieces of ID. Fair, it was a credit card opened online.

    Only to find the 2 pieces of ID were just for them to talk to me and ask for more documents. Rubbish like employment letters (uhhhh, how about YOU call my employer instead of me printing out the “letter” they’ll email me?) or tax return stuff mid-year.

    I cut up the credit card and mailed the pieces to their legal department. Someone called me pretty quick and without any authentication hassles.

  • DamonHD  2 hours ago

    This is very much my experience.

    I generally say at some point before terminating the call "you should not train your customers to give out account access credentials to strangers" and the caller usually has no clue what I mean. Does no one in the security teams have theory of mind?

    This will be the way I bring up the issue with the regulator if I do. I can think of many ways round this issue that would be much safer and not especially arduous.

  • somewhatgoated  2 hours ago

    That’s wild. If my bank needs something from me they send an email saying that a message is available in the online portal - or in some cases they send me a physical letter. Anything else would be highly suspicious

  • monkpit  3 hours ago

    Just don’t answer the phone. If it’s something important they know how to reach you, or they can leave a voicemail.

andyclap2  9 hours ago

In my experience they're security calls. UK has good opt out marketing rules for legit companies.

But the usual security call is exactly like a spam call, no authentication from their end, immediately requesting id verification "answer these security questions", and refusing to go off script.

People have been asking for years to be able to lodge a security challenge code on their profile that can add confidence in the caller. Given there are already multiple security questions on an account, this could be a process change: the security challenge script becomes "the first and sixteenth characters of your mother's maiden name are 7 and F, what are the third and fifth characters of your first pets name".