Unsolicited call seeking personal information.

Regis

Hello Users,

I got an unsolicited call this morning from a Cork number from a person who said they were from my bank. He said that all calls are recordedbut first I would have to provide them with some personal information. He asked me for my date of birth and I gave it to him, then he asked me for my address.

I stated to think about this and I thought to myself what am I doing? I am giving out personal information to someone I do not know, this could be a scammer. So I said to him I will give some information if you can give me some confirming information e.g. I will give you the first few digits of my account number if you can give me the last few or I will give you the first line of my address if you give me the next line. From this I would know whether he was legitimate.

He said he could not do that because of Data Protection Act.I said that I was not happy with that, I still had no way of knowing if he was legitimate. I asked if I could speak to his supervisor, he said no that hecould not do that and kept going on about the Data Protection Act. I said I was not prepared to give personal data unless he could prove that he was from my bank.

I, like so many people, am in arrears on my mortgage so this could have been a legitimate, but if I was a scammer and rang most people in this country they too would have some problem with their bank.

I think that he should have given some snippet of data orused some code-word to confirm where he was from.

Has anyone any thoughts on this?

foggy_lad

Just hang up and ring your bank to see if they were trying to contact you!

Some banking safety,
Never give bank details to anyone that rings you!

Your bank will never ask for your details on the phone as they already have your details.

Cabaal

Regis, the caller was 100% correct...it doesn't work that way, you can't look for them to provide details in the manner you requested as this means if they did they would have broken the data protection act.

If you don't like outbound calls like this then ask them to put you on the do not call list and contact your bank directly with any queries.

Kristopherus

Cabaal wrote: »

Regis, the caller was 100% correct...it doesn't work that way, you can't look for them to provide details in the manner you requested as this means if they did they would have broken the data protection act.

If you don't like outbound calls like this then ask them to put you on the do not call list and contact your bank directly with any queries.

Well, the caller could have been 100% correct, but he could also be a scammer:eek: I would go with Foggy Lad's advice on any call that I would consider strange/dodgy/unsolicited.

Cabaal

Kristopherus wrote: »

Well, the caller could have been 100% correct, but he could also be a scammer:eek: I would go with Foggy Lad's advice on any call that I would consider strange/dodgy/unsolicited.

My reference to the caller is the actually person calling the op (not the op as they didn't start the call), the op wanted them to provide them with partial account information. Had the person calling the op done this then they would have broken DPA as they hadn't yet verified who they were speaking to....as such it was silly of the op to ask them to do this.

If the op has any concerns they can simply end the call and call the bank directly, its not a big issue.

RangeR

BOI is notorious for doing this. They withhold their outbound number and expect customers to just give up personal details. It's not the hardest thing to set your outbound caller id to 0818365365. I know that can be spoofed but, more often than not. ...

Cabaal

RangeR wrote: »

BOI is notorious for doing this. They withhold their outbound number and expect customers to just give up personal details. It's not the hardest thing to set your outbound caller id to 0818365365. I know that can be spoofed but, more often than not. ...

Ok, but given a number can be spoofed and given that off hand people won't know BOI's contact number what good will setting their number do?

paddydriver

Cabaal wrote: »

My reference to the caller is the actually person calling the op (not the op as they didn't start the call), the op wanted them to provide them with partial account information. Had the person calling the op done this then they would have broken DPA as they hadn't yet verified who they were speaking to....as such it was silly of the op to ask them to do this.

If the op has any concerns they can simply end the call and call the bank directly, its not a big issue.

So its acceptable for a totally random person to call the OP and start asking him for personal information and you think the OP is silly to want to verify who they actually are?

Every scammer out there just needs to quote "Data Protection" and all is good then? The DPA is seriously flawed in that it can allow call centres to hide behind it when looking for personal information. It would be very easy to implement a method by which they use a something they know and something you know approach - i.e. you give me last line of the address and I can complete it. Not really rocket science it is?

RangeR

paddydriver wrote: »

So its acceptable for a totally random person to call the OP and start asking him for personal information and you think the OP is silly to want to verify who they actually are?

Every scammer out there just needs to quote "Data Protection" and all is good then? The DPA is seriously flawed in that it can allow call centres to hide behind it when looking for personal information. It would be very easy to implement a method by which they use a something they know and something you know approach - i.e. you give me last line of the address and I can complete it. Not really rocket science it is?

The only safe thing to do is to ask the caller their name and department, and tell them that you will ring them back at their registered business number.

Cabaal

paddydriver wrote: »

So its acceptable for a totally random person to call the OP and start asking him for personal information and you think the OP is silly to want to verify who they actually are?

I never said that,
I said it wasn't acceptable for the op to ask the company to break the data protection act in the manner in which they requested.

As I've said before, if the OP has concerns they can simply call the bank themselves.

you give me last line of the address and I can complete it. Not really rocket science it is?

You're still not getting it,

For a company to give out details to a unverified party in this manner would mean they are breaking the data protection act...even if they only gave out partial details of an address.

You are certainly welcome to check this with the data protection commissioner,

Menas

Sometimes when I get these calls I am ok to give out the info as I am comfortable that the call is genuine.

Eg, If Aviva call me they will say at the outset that they are aviva calling about my pension. I have a policy with Aviva and am changing stuff at the moment so I am ok to confirm my details with them as I feel the chances that the call is a scammer 'fishing' is slim.

But if they bank call me out of the blue (normally due to some funny activity on my account) then I will insist on calling them back thru customer services. Banks can log the query in their CRM system and so when you call back the agent you get thru to can either deal wiht you or transfer you to someone who can. In one case the agent could do neither, but he could confirm that the original call I had received was genuine. Knowing that I was happy to wait for a callback.

It is a

paddydriver

Cabaal wrote: »

For a company to give out details to a unverified party in this manner would mean they are breaking the data protection act...even if they only gave out partial details of an address.

You are certainly welcome to check this with the data protection commissioner,

The whole problem is there above... why does the innocent consumer suddenly become the unverified party just because a random person calls them up looking for personal information?

If its banks were talking about here then the chance of getting back through to someone of any value, in order to validate the caller, is nil. Even worse is that many of these calls come from Private Numbers.

Cabaal

paddydriver wrote: »

The whole problem is there above... why does the innocent consumer suddenly become the unverified party just because a random person calls them up looking for personal information?

Because they are the unverified party like it or not unless details are verified,
Just because a company phones the number on their records does not mean in 100% of cases the person who answers the phone is also the account holder.

Would you prefer that the person calling just gives out account details without verifying anything? :eek:

If its banks were talking about here then the chance of getting back through to someone of any value, in order to validate the caller, is nil. Even worse is that many of these calls come from Private Numbers.

Most of these calls tend to be surveys, can we help you with anything type calls, product sales or if debts are outstanding.

If the customer doesn't want survey or sales calls they can opt out, if its a debt owing or the customer wants to sign up to a service then a bank will be more the willing to talk about it (especially any debts)

GerardKeating

RangeR wrote: »

BOI is notorious for doing this. They withhold their outbound number and expect customers to just give up personal details. It's not the hardest thing to set your outbound caller id to 0818365365. I know that can be spoofed but, more often than not. ...

Actually if they are calling customers at the customers work number, having caller id might be am issues since effectively informs the employer whom they have loans/debts with.

keithclancy

If someone calls you looking for personal information then just inform them that you'll call them back.

Google the main number and ask to speak to them.

RangeR

keithclancy wrote: »

If someone calls you looking for personal information then just inform them that you'll call them back.

Google the main number and ask to speak to them.

Don't "Google it". Get it from their official home page.

keithclancy

RangeR wrote: »

Don't "Google it". Get it from their official home page.

Thats what I meant ... its normally how I find a company homepage :pac:

Pablo Sanchez

They would normally only ask some straightforward questions like DOB, address or a recent transaction. They shouldnt be asking for anything that might allow an unscrupulous individual to access your account. If they ask for your account number or pin then hang up!

RangeR

Pablo Sanchez wrote: »

They would normally only ask some straightforward questions like DOB, address or a recent transaction. They shouldnt be asking for anything that might allow an unscrupulous individual to access your account. If they ask for your account number or pin then hang up!

Unknown Caller : Hi. You don't know me. Where do you live? Go on, you can trust me. Oh, when was your Data of Birth too? I'll just pop around and dig around your rubbish bins to find all the other information I need.

keithclancy

Pablo Sanchez wrote: »

They would normally only ask some straightforward questions like DOB, address or a recent transaction. They shouldnt be asking for anything that might allow an unscrupulous individual to access your account. If they ask for your account number or pin then hang up!

If I was a scammer I would have gotten this information from your rubbish already

RangeR

Ha

Del2005

RangeR wrote: »

BOI is notorious for doing this. They withhold their outbound number and expect customers to just give up personal details. It's not the hardest thing to set your outbound caller id to 0818365365. I know that can be spoofed but, more often than not. ...

They use hidden numbers as most of the people they are calling won't answer a number from the bank.

It is dodgy and as has been said the only way to be safe is to get the callers name and call back through the companies main number.

hdowney

They also get quite stroppy at times when you won't give the information. I got a call like this once, I think it was from my credit card people I can't remember. She wanted me to give my name address and date of birth out to her over the phone. I said no. She asked why. I said that A, I have no proof you are who you say you are - to which she replied of course I am! And B, I am in public (was at the zoo) with several strangers standing around me. She said why should that matter, why would they listen to your phone conversation. I swear she was lucky she was at the other end of a phoneline...