I regularly make outgoing phone calls where I need to request payment details. Out of all of those calls, only one person expressed concern about providing said information so I provided them with three options: pay in person, pay online, or look up our phone number and call me back. Apparently that was enough verification for them, so they provided the information right after I finished the sentence.
Is it any surprise that institutions would not know how to handle their customers seeking verification when it is rare and at least some of the people who claim to want verification have a very low standard for evidence?
I suspect part of the problem is the minimal effort put into most scams, which is where this story is sobering. The people involved in this scam were clearly willing to lay down the framework to take a smaller scale crime and escalate it into something more profitable. While many of us may seek solace in our own practices being able to filter out the type of scam described in this story, the real question is when (rather than whether) these people will find an approach that exploits our own vulnerabilities.
Is it any surprise that institutions would not know how to handle their customers seeking verification when it is rare and at least some of the people who claim to want verification have a very low standard for evidence?
I suspect part of the problem is the minimal effort put into most scams, which is where this story is sobering. The people involved in this scam were clearly willing to lay down the framework to take a smaller scale crime and escalate it into something more profitable. While many of us may seek solace in our own practices being able to filter out the type of scam described in this story, the real question is when (rather than whether) these people will find an approach that exploits our own vulnerabilities.