cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
1,787 Views
Message 11 of 18

Re: 'You'll need to answer a few security questions ...'


@Firefox1701wrote:

Wow!    I feel like that should have concluded with the words:  'the defence rests'!

'... it would be a very lucky scammer to have picked the correct bank name to use and be able to quote the reason for the call as a follow up to trick you into believing that it was genuine.'    Sorry,  but no.    First of all,  we've had scammers call here claiming to be from four different major banks;   by the sheer law of numbers,  they will get it right sometimes.    Other people on this forum have told that exact story.    And the whole point is that they usually don't quote the reason for the call until you've answered their questions.    This,  not to mention the fact that it is by no means only banks that I'm talking about;   energy providers,  telephone / internet service providers,  the list goes on.    If you believe that the coincidence of timing is unlikely,  I would suggest that you're luckier than many of the other contributors to this forum  -  it being the case that scam calls are one of the most frequently-discussed topics on here.

Ah, I hope the defence had a good rest!

If you are referring to your mobile, then for a 'phone that spends most of its life hiding in a drawer, the number of hits you have had is amazing!

1,782 Views
Message 12 of 18

Re: 'You'll need to answer a few security questions ...'

I'm assuming that by  'hits'  you mean scam calls.    I should perhaps clarify that the scam calls to which I'm referring are all on the landline.    On the odd occasion that I do check the mobile,  there will usually be an assortment of missed calls from anonymous or unknown numbers,  but I don't really care about that,  because it lives in a drawer ...!

1,718 Views
Message 13 of 18

Re: 'You'll need to answer a few security questions ...'

What’s your bright idea to solve it?

1,717 Views
Message 14 of 18

Re: 'You'll need to answer a few security questions ...'

How do you solve it original poster. Send 

1,690 Views
Message 15 of 18

Re: 'You'll need to answer a few security questions ...'

BT sent me an 8 digit password, two characters of which I have to quote if either I call them or they call me. The problem is that if we follow the advice of having unique passwords, security questions etc, it's impossible to remember them.

An option would be for the customer to give BT for example, a word that they must quote when calling us to prove it's them. The problem is that it's yet even more words to remember.

Where BT is lacking is with the My BT app, there is no calling option as far as I can see from within the app, which would negate the need for security questions. It doesn't get around the problem of them calling us though. When they do call us they could quote what services you have, last payment amount, payment date etc, but the assumption is that we have to take it for granted that they are who they say they are.

Even the 8 character BT supplied password doesn't work because if a spoof caller calls me and asks me for characters 3 and 7 for example, they could just say yes that's correct and move on to discussing bank details etc.

The simple thing to do is ask yourself why they are calling you in the first place, unless you have an ongoing issue they shouldn't be contacting you.

1,686 Views
Message 16 of 18

Re: 'You'll need to answer a few security questions ...'

To be clear:  I didn't set myself up as having any  'bright ideas to solve it',  far less did I expect to be pressed into providing them.    As I understand it,  the thread was moved from a different forum to this one precisely because it is a subject for discussion.    However,  this,  I feel,  throws into still sharper relief a point which I've made elsewhere,  which is that we as consumers have been lulled into believing that it it our responsibility to come up with solutions to problems such as this,  whereas in fact it isn't.

Back in the day,  this was never an issue.    If you got a phone call from any major company with whom you were dealing,  telephone / utility provider or otherwise,  you answered the phone and cracked on with the conversation.    If  -  and I do say  'if'  -  there is any official record of the extent to which that practice led to detrimental results for the customer,  I would very much like to see it.    But even then  -  bearing in mind that this is a telephone provider's forum  -  does it not seem contradictory that the same company who are asking us for our personal information in order to  'verify who we are'  when they called us,  are telling us in the next breath never to give out personal information unless we are 100% certain that the caller is legitimate?

I would go further:  the reason we are advised to be cautious about giving out personal details,  is because of the vast assortment of scam calls that many of us receive on a several-times-daily basis.    There are an assortment of methods of addressing that problem,  all dealt with in greater depth elsewhere on this forum;   but once again,  the reality is that it really shouldn't be our problem to address.    We as consumers,  in general,  do not possess the technical nous to be able to truly combat this issue,  and why should we?

If,  despite the warnings,  despite the countless different varieties of scam call,  you are quite comfortable giving out your personal details to someone who may or may not be who they claim to be  -  telephone provider or otherwise  -  then by all means do just that.    I don't have any  'bright ideas'  to solve the problem,  except to say that if enough people persistently refuse to give out their details in response to  'security questions',  the various companies involved will eventually have to do what they should have done in the first place and come up with bright ideas of their own to solve the probem,  if indeed there is actually a problem to solve.    As regards a practical alternative,  the only currently workable one I know of is to obtain the caller's name and extension number and call them back on a known safe number  -  as long,  as I mentioned above,  as you don't mind waiting in a queue of indefinite length and even then very possibly not getting through to the right person.    Alternatively,  let them deal with the issue by e-mail,  if that's a viable alternative.    Other than that,  since I'm not on the payroll of BT or any of the other telephone providers,  I'm happy to entertain  'bright ideas'  from anyone else who may have any  -  ideally,  those who are on the payroll.

1,659 Views
Message 17 of 18

Re: 'You'll need to answer a few security questions ...'

"Even the 8 character BT supplied password doesn't work because if a spoof caller calls me and asks me for characters 3 and 7 for example, they could just say yes that's correct and move on to discussing bank details etc."

The logical next step should be that the caller then repeats, say, character 4 and 8 back to you. That way both parties, in theory, may be trusted.

1,635 Views
Message 18 of 18

Re: 'You'll need to answer a few security questions ...'


@mispeltyuothwrote:

"Even the 8 character BT supplied password doesn't work because if a spoof caller calls me and asks me for characters 3 and 7 for example, they could just say yes that's correct and move on to discussing bank details etc."

The logical next step should be that the caller then repeats, say, character 4 and 8 back to you. That way both parties, in theory, may be trusted.


I might be wrong here @mispeltyuoth but my understanding is that the caller is only shown 2 out of the 8 characters at random, for security reasons. So they cannot do as you suggest. If the person being called is suspicious they could at first give two incorrect characters to see if the caller can acknowledge the error but then it's starting to get silly.