The telephone disturbed the afternoon peace a few minutes ago. The line echoed in the manner of a Skype call; I had answered in French naturally, and the caller sounded hesitant.
‘Ms Raccoon’ said he – well, no actually, but you get the idea!
‘I am with HSBC security division and I need to ask you a few questions.’
He had an accent honed in foreign lands that coupled with the echoing line put me on my guard.
‘I need to ask you to confirm some security questions.’
You know the sort of thing, date of birth, mother’s maiden name, which paw your dog has a bunion on….
‘Why?’ said I.
‘There have been some changes to your account, and I need to confirm that you are Ms Raccoon’.
‘How exactly am I supposed to confirm who you are, never mind who I am? I have no intention of giving you my security details over the phone.’
‘If you could just answer these questions, I could explain, but first I need to take you through these questions.’
‘Fine’, I said, ‘e-mail me in the normal way and give me a number that I can confirm and I will call you.’
Sure enough, two minutes later an e-mail arrived. Correctly addressed to my true e-mail. Given that my details have recently been plastered all over the Internet, I still wasn’t satisfied. I studied the e-mail carefully. An unusual header.
Not even from hsbc.com directly. It asked me not to respond to the e-mail but to call ‘this’ number, quoting a three letter code.
Nice try I thought, but not a chance flower!
I immediately telephoned my branch to report this. Well, not exactly immediately – I telephoned the branch, waited the usual ten minutes as the voicemail went through all the options, entered my ten digit secure number, pressed the hash key the requisite number of times, went through the voicemail options yet again, entered yet another security number, and finally I had ‘telephoned my branch’ – God help you if you are dyslexic or elderly or in a rush to report something!
Finally they answered, ‘Good afternoon Ms Raccoon’ said the bright young thing, and ‘how may I help you?’ The wonders of modern technology!
‘Could you confirm to me that you have an employee Za**arizu**u**ipli? I carefully spelt the name out, unable to pronounce it with any confidence.
‘Certainly’ she said, ‘I’ll check our records.’
‘No, we have no one of that name listed’.
I explained to her the mysterious call I had just received.
‘Oh you did the right thing! And you say they wanted you to give out the answers to your security questions over the phone, you should never do that.’
‘Whoever it is has my e-mail address too.’ I read her over the e-mail that I was ‘not’ to respond to, just phone ‘this’ number.
You’re waiting for me to tell you that I caught a Nigerian scammer in the act, aren’t you? Except that I didn’t.
Two minutes later she had finished checking my account and announced that someone from validation had indeed phoned me at exactly 3.25 – it was there on my records – but hadn’t been able to get through. Could she put me through to them?
‘Yes, OK?’ said I, looking forward to giving them an absolute roasting. I was thwarted, whoever it was had left the office and she couldn’t get a reply…….
I am gobsmacked, speechless.
It seems that this was a genuine call from the security division of an internet bank who seriously expect to phone people out of the blue and ask them the answers to their security questions over the phone? Then send them an e-mail that they cannot respond to from a different e-mail address to the normal one? From an employee who isn’t listed in their internal directory? Who promptly leaves his office?
Utter madness. Insanity. Lunacy.
I shall be forwarding a copy of this article to my bank manager – I would phone her, but since she is in a different country to me and I have to pay for the bally time I spend going through the voicemail option and laboriously tapping in my security numbers, I can’t be bothered. She can forward it to the security division by way of explanation as to why they can’t get any co-operation from Ms Raccoon.