Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Bank callback and security questions

  • 31-03-2021 2:28pm
    #1
    Registered Users, Registered Users 2 Posts: 179 ✭✭


    A few times I tried to contact a bank about something, and they arranged for a specialist (e.g. certain type of mortgage) to call me back. The first thing the bank employee then does on the callback is ask me some security questions.

    Is this acceptable? Am I supposed to give out security information to somebody who just called me? Even though I arranged a callback, in theory it could be anybody.

    My real question is: if the banks are warning us about scams, should they actually be encouraging people to give security details to somebody who calls them (not the other way around)?

    I find it strange but it happens again and again. Maybe I'm missing something?


Comments

  • Moderators, Music Moderators Posts: 8,490 Mod ✭✭✭✭Fluorescence


    I often used to get this from Ulster Bank years ago. They would freeze my account for "suspicious activity" and then ring me to go through transactions to unlock it. However they'd off the bat start asking me security questions and they had called me! I used to just say, "Sorry, I don't feel comfortable answering these questions from an unverified number. Can I ring you back on a listed number instead for safety's sake?"

    Never an issue but always was a headscratcher for sure!


  • Moderators, Business & Finance Moderators Posts: 10,599 Mod ✭✭✭✭Jim2007


    xabi_a wrote: »
    Is this acceptable? Am I supposed to give out security information to somebody who just called me? Even though I arranged a callback, in theory it could be anybody.


    And what would have them do instead?

    - Not bother trying to verify you, but continue to discuss your business, after all you could also be anyone....
    - Call you call them back on another number, but you'll still have to be verified
    - Refuse to do business with you over the phone and have you come into the branch instead....


    And in any case most of the security verification questions are sufficient to verify you, but useless to any hacker.


  • Registered Users, Registered Users 2 Posts: 2,235 ✭✭✭lau1247


    xabi_a wrote: »
    A few times I tried to contact a bank about something, and they arranged for a specialist (e.g. certain type of mortgage) to call me back. The first thing the bank employee then does on the callback is ask me some security questions.

    Is this acceptable? Am I supposed to give out security information to somebody who just called me? Even though I arranged a callback, in theory it could be anybody.

    My real question is: if the banks are warning us about scams, should they actually be encouraging people to give security details to somebody who calls them (not the other way around)?

    I find it strange but it happens again and again. Maybe I'm missing something?

    Don't they normally start off with explaining the specific reason why they are calling.. i.e. in relation to your request about xyz....

    Any of the one I got that they call back usually do.

    West Dublin, ☀️ 7.83kWp ⚡5.66 kWp South West, ⚡2.18 kWp North East



  • Registered Users, Registered Users 2 Posts: 179 ✭✭xabi_a


    Jim2007 wrote: »
    And in any case most of the security verification questions are sufficient to verify you, but useless to any hacker.

    If some hacker has my phone number and calls me and I give them my address, mother's maiden name etc then that's surely useful to them, no?


  • Registered Users, Registered Users 2 Posts: 14,378 ✭✭✭✭jimmycrackcorm


    Jim2007 wrote: »
    And what would have them do instead?

    - Not bother trying to verify you, but continue to discuss your business, after all you could also be anyone....
    - Call you call them back on another number, but you'll still have to be verified
    - Refuse to do business with you over the phone and have you come into the branch instead....


    And in any case most of the security verification questions are sufficient to verify you, but useless to any hacker.

    A scammer who knows what security questions a bank will ask, can ring you up and you'll happily hand over the answers so that they can use those then when they pretend to be you ringing the bank...?

    The problem is not doing the verification itself, but knowing for sure whether or not someone ringing you is actually calling from the bank.


  • Advertisement
  • Moderators, Business & Finance Moderators Posts: 10,599 Mod ✭✭✭✭Jim2007


    xabi_a wrote: »
    If some hacker has my phone number and calls me and I give them my address, mother's maiden name etc then that's surely useful to them, no?

    To do what exactly? Your address, your mother maiden name etc are all a matter of public record. If a hacker needs that information there are easier ways for them get it laboriously make one call after another. And if they can’t figure out to do that, then they certainly won’t figure out how to hack a bank.


  • Moderators, Business & Finance Moderators Posts: 10,599 Mod ✭✭✭✭Jim2007


    The problem is not doing the verification itself, but knowing for sure whether or not someone ringing you is actually calling from the bank.

    You can do exactly the same thing to verify them - ask them something only they would know and you know. They have access to your accounts so they should be able to:
    - Tell you the balance on a certain account
    - The amount of your last credit card payment
    - The date and amount of your last mortgage payment

    That is what I did.


  • Registered Users, Registered Users 2 Posts: 480 ✭✭Cameraman


    Jim2007 wrote: »
    You can do exactly the same thing to verify them - ask them something only they would know and you know. They have access to your accounts so they should be able to:
    - Tell you the balance on a certain account
    - The amount of your last credit card payment
    - The date and amount of your last mortgage payment

    That is what I did.

    I've tried that in the past. They told me they could only do that when I was verified - Catch-22.

    A simple way around this is to have a keyword/password associated with your account, supplied by you. They would have to confirm this to you before going through the security questions. This method isn't foolproof either, but is pretty straightforward and removes a lot of the risk.


  • Registered Users, Registered Users 2 Posts: 179 ✭✭xabi_a


    Cameraman wrote: »
    A simple way around this is to have a keyword/password associated with your account, supplied by you. They would have to confirm this to you before going through the security questions. This method isn't foolproof either, but is pretty straightforward and removes a lot of the risk.

    Agreed. Or else, if they're offering a callback, they could give a one-off ID or password that they would then provide when they call.


Advertisement