Summary:
Cory Doctorow recounts being scammed by a phone-phisher who posed as a bank representative, tricking them into divulging their credit card number. Despite the author’s knowledge of scams and fraud, they fell victim to the scheme due to being on vacation, using unfamiliar ATMs, and feeling rushed and distracted. The fraudster exploited vulnerabilities in the bank’s after-hours fraud center and the author’s state of mind to obtain sensitive information. The author reflects on how AI-driven automated systems in banking may exacerbate such vulnerabilities, conditioning customers to interact with semi-automated systems that mimic phishing attempts. They emphasize the importance of raising awareness about scams and the need for companies to avoid creating new vulnerabilities in their systems.
My bank called me recently, and I was sure it was legit, but then she wanted my date of birth to confirm she was talking to me and I said “I don’t give out personal information over the phone”. She don’t know how to handle that. I should have said “Can I have your date of birth to confirm who I’m talking to?” Next time…