Bank security

[Drsolly <drsollyp () drsolly com>]

I just got called by my bank. And then they wanted some information so 
they could be sure it was me. Why, when it was them that callked me? 
Well, it's just they way they do it.

Naturally, I refused to give out any info to someone who had just called 
me, and I told them that I'd call them back, on a number that I know is my 
bank (i.e., not the number she gave me, although when I checked it out, 
that was indeed the same number).

So I did that. And she still wanted to ask me info to identify me, which 
is a reasonable request, and I have no problem giving this info to my 
bank.

So then she asked me the last two digits of the bank sort code, and the 
last three digits of my accoiunt number.

What???

This information is on every check that I send out (and probably on lots 
of other things too). So, anyone I've ever sent a check to, can call the 
bank and pretend to be me, and be believed.

These people are just *playing* at security.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.