Had a very scary phone conversation today. And made a fool of myself too. It started with a letter on the mat when I got home. “Please ring the Barclaycard fraud hotline” it said in letters that weren’t particularly large and didn’t sound that friendly either. It was signed by someone whose name I forget. But when I rang the number, that person answered. The man himself.
This totally threw me. Barclaycard is a big company. I really didn’t expect to get straight through to the person who wrote the letter. And only yesterday I’d had a phone call from someone at “Windows Support” anxious to tell me about a virus that he knew was on my computer (although he didn’t know my name – asking only to speak to “The person who lives at your address”). Anyway, the chap from Barclaycard started asking me security questions and I started thinking about a scam model where you send someone a letter with a phone number on, get them to ring the number and then ask them for some security questions. And so I asked “How do I know you’re from Barclaycard?”. This threw him. After a while (during which he must have thought some interesting things about me) we decided that I should ring the number printed on the card and talk to them instead. I thanked him and rang off.
I called back on what I now thought would be a proper number and it was all above board. A company I had bought something from a while back had suffered a security breach and my card was therefore “under suspicion”. I get a new card soon, with a different number.
It struck me afterwards that what I did was almost sensible. If the bank is going to spend effort making sure I’m who I say I am, then I should probably put some effort into making sure it really is the bank I’m talking. Although next time I’ll just check the website first.