Terence Eden

1 year ago

Terence Eden
1 year ago

You receive a call on your phone.
The caller says they're from your bank and they're calling about a suspected fraud.

"Oh yeah," you think. Obvious scam, right?

The caller says "I'll send you an in-app notification to prove I'm calling from your bank."

Your phone buzzes. You tap the notification This is what you see.

Still think it is a scam?
1/3

This entry was edited (1 year ago)

in reply to Terence Eden

Terence Eden

in reply to Terence Eden 1 year ago

The scammer is on the phone to you.
Their accomplice is on the phone to your bank, pretending to be you.
Your bank send you the notification.
You accept, and scammers proceed to drain your account.

Someone has just lost £18,000 because of this.
reddit.com/r/UKPersonalFinance…

2/3

This entry was edited (1 year ago)

in reply to Terence Eden

Terence Eden

in reply to Terence Eden 1 year ago

It *is* a genuine notification. But it isn't confirming the bank is calling you.

Should the bank word that differently?

In a rush, would you read it thoroughly?

Most likely, in a panic about the fraud, you'd confirm it was a genuine notification (it is!) and accept it.

3/3

This entry was edited (1 year ago)

in reply to Terence Eden

I think I’d be taken in by that. My thought was: why do they need to check they’re on the phone to me if *they* called *me*? But on balance I’d decided it was just poor wording or an ill thought through system (both of which I still think, in fact!) so I wouldn’t have challenged it.

in reply to Simon Wood

flabberghaster

in reply to Simon Wood 1 year ago

@simonwood one might assume even if they believed the bank was calling them, that they still need to confirm they got you and not someone else.

@Simon Wood

in reply to flabberghaster

Simon Wood

in reply to flabberghaster 1 year ago

@flabberghaster I have had my actual bank call me, and then ask me (via security questions) to verify that I am actually me. I feel that was *training* customers to divulge information insecurely, as I had no way of knowing that they were who they were, and they wouldn’t have provided it if I’d gone along with their request.

@flabberghaster

This entry was edited (1 year ago)

in reply to Simon Wood

flabberghaster

in reply to Simon Wood 1 year ago

@simonwood yeah, same. I had told my bank I intended to travel internationally and then when I got there my card stopped working and they called me saying there was suspected fraud on my card. I knew it was legit because I called back on the number on my card, but I think it's bad practice to initiate calls.

@Simon Wood

in reply to flabberghaster

GunChleoc

in reply to flabberghaster 1 year ago

@flabberghaster @simonwood Yes, always call back on a phone number that you know to be legit when your "bank" calls.

@flabberghaster @Simon Wood

in reply to flabberghaster

Ľuboš Moščovič

in reply to flabberghaster 1 year ago

@flabberghaster @simonwood
Indeed. They should, probably, do it like the good banks send mails: plaintext notification, no link at all, just an info - there is an important message in your Internet banking inbox, go there and fetch it.

So even the call may be initiated in a way - hello, this is your bank, we need to talk to you immediately because of "reason without details" (e.g. there was a suspicious transaction we want to xcheck with you), please contact our telebanking number to proceed.

@flabberghaster @Simon Wood

in reply to Terence Eden

Ľuboš Moščovič

in reply to Terence Eden 1 year ago

The tricky part of this story is that sometimes banks do really call you - it happens to me whenever I do really nonstandard transaction.

Truth to be told I've always seen this as mixed blessing and I have also been "that weird one" who asks the caller for their name and do the callback to the known (read official telebanking) number of the bank...

My colleague once seen that and was like WTF you're doing dude, they're doing you a favour... and my answer was "never trust a caller, just loose one more minute and do the callback to a known and trusted number".

in reply to Terence Eden

💙🩷💜Ⓑⓡⓔⓣⓣ🐡🍉🐧

in reply to Terence Eden 8 months ago

yes because I would never install a bank app on my phone 🙂

⇧

Terence Eden 1 year ago • •

Terence Eden
1 year ago