Ye canna beat a gud furtle!
Brits' privates furtled in TWO-THIRDS of UK fraud cases
Two out of three fraud cases in the UK involved identity theft, according to Blighty's Fraud Prevention Service, CIFAS. Brits are reminded to guard their private data as closely as they guard their wallets and purses. The new figures suggest fraud rose to a record level in the UK in 2012 as more and more crooks obtained …
-
Friday 18th January 2013 12:39 GMT Flocke Kroes
Businesses have to prove their identity to customers too
I kind lady with an Indian accent phone me and asked the same questions my bank asks to confirm my identity. She was unable to demonstrate the she worked for a company I had recently purchased from. When I called that company, they had no way to confirm my identity now that I was confident I was talking to the right person.
Which slug brained nitwit selected this easily exploitable procedure?
-
Friday 18th January 2013 13:17 GMT Anonymous Coward
Re: Businesses have to prove their identity to customers too
I hate to tell you this, but banks fail to do this too. The only banks who can do this properly without disclosing your details to a 3rd party are those that use some challenge-response or OTP token, and *none* of them are set up for it.
Thus, the only route for you to talk to your bank is to call them. Unless someone comes up with a VoIP hack..
-
Friday 18th January 2013 15:30 GMT JohnG
Re: Businesses have to prove their identity to customers too
"I kind lady with an Indian accent phone me and asked the same questions my bank asks to confirm my identity"
If my bank (or anyone else) phones me and starts asking for information, I tell them that I will not divulge any information to someone on the telephone and that they can contact me via some other means or they can ask me to contact them.
-
Friday 18th January 2013 16:28 GMT Mayhem
Re: Businesses have to prove their identity to customers too
I get a recurring issue with this if my credit card bill isn't paid for a month.
Lloyds has a collections service based out of a call center in India. They phone you up on the number you have registered with your account, and advise there is a serious problem with your account.
They then ask you to confirm your name, address & DOB before they tell you what kind of problem you have.
I said no ... you called me. What kind of problem is it, and I'll consider answering your questions. "we can't tell you until you confirm your identity". You just specifically asked for me on my own number!
I first asked how I knew they were from the bank. They said because that's who they worked for. I asked them to prove it. I asked for a number to call them back via and they don't have one (being overseas based). They couldn't tell me any of my account details due to "UK privacy laws" and advised me to urgently contact a branch.
The branch looked confused, and said nothing was wrong with my account and to play along next time to see what happens.
Next time round I found a slightly less inept person and went back and forth trading details so I knew they at least had access to my account. Turns out my credit card was overdue by £1.68.
Reasons to love UK customer service #31434 /sigh.
On the other hand the Lloyds Credit Card Fraud guys are fantastic. They have numbers you can verify and call them back on, they will happily provide details from your recent transactions to prove who they are, and they are very very good at picking up on abnormal transactions. They also have an extremely short call queue, which speaks well for their ability to deal with problems fast.
-
-
-
Friday 18th January 2013 13:27 GMT Anonymous Coward
Debrett
Because of something an ancestor did hundreds of years ago, I have a third cousin who's a baronet. This means I and my whole family are in Debrett. Which means the following information about me is in the public domain:
My full name
My date of birth
My address
My wife's name
Our date of marriage
My children's names and dates of birth
My mother's name and maiden name
The names and dates of birth and addresses of all my siblings, and my dad
etc.
Happily I've never been the victim of any sort of identity based fraud. But I cannot keep this information private, so it is worthless as "security details". There are tens of thousands of people to whom this applies, so any organisation that assumes this information "private" is negligent.