Capital one

2e0arr

nic_c said:

2e0arr said:

eskbanker said:

2e0arr said:

D3xt3r5L4b said:

There isn’t one.
You need to phone or send a secure message. 

I think where possible avoid phoning and secure messaging this leaves us open to fraud if their OP is working from home. Whilst the company has a secure link to their OP  and they can monitor what their op is answering it is a fact that a dishonest OP could record the screens using their mobile phone camera and they will see our name and address dob email telephone etc for use at a future time. Those working on current accounts could have a field day.

I reread that quite a few times before working out that you're not using OP in the conventional forum sense of Original/Opening Post/Poster, i.e. the customer, but as some form of shorthand for the institution's employee!  As for the underlying sentiment, it would be a particularly stupid employee to attempt any such fraud where they'd so easily be caught - you surely don't think that the institutions are incapable of tracking which staff access which customer accounts?

OP for operator sorry for confusion.

It would be easy during the call for the OP whilst accessing my account and details during the call to copy them for id fraud. with name address dob bank details etc video'd. the op can use or sell on. I visited an energy supplier and in the call centre the ops were not allowed to use pen paper of have a phone on their desks. Op's working from home have no one to supervise them at all and in the course of their work they have to access  your account and copy your details. If it is safe and sound for OP's at home will they go back to call centres when the corona virus ends ? and if so why ?

The companys security is only as good as the trust they put in all of their employee.

They may employ stupid employees with credit card debts and selling data on for cash (folding stuff) or using the data themselves (if really stupid) it's not beyond the realms of possibility. Someone accused bank staff of telling lies a few days ago on here ?

Except employees do undergo vetting, to check for criminal records and CCJ's etc. I suppose some will get through, like those not been caught but for most why would they risk their jobs? Think about it, if a bunch of accounts had fraud and the common factor was they had all dealt with the same operative - that would be flagged. Companies will have done risk assessments for people working from home.

More tripe for you to consider monday of last week i telephoned a bank (Saga), the guy found my details using my post code.  I told him that I wanted to transfer money above the online range. he told me the amount in my bank was lower than the transfer limit?  It frightened the life out of me. I gave him the account number. he apologised profusely. he had accessed my account of another bank(Marcus). We went through security for the correct bank and completed the transaction. one major bank has these two banks for which i have an account. yesterday in dealing with another issue I had to call them bank again. 6 phone calls later each  one of the 2 banks got a complaint and an SAR request. the complaints also include the security risk of the OP's working from home the ops were working from home all being well they will answer that one. This morning I called my CC company and the op was working from home,and he agreed that I have to trust him and his bank has to trust him that he will not easily from his home copy abuse or sell my data. Search youtube for Anthony Sales data fraud and frank abegnale 's threats on id risk.   My apologies for the long tripe,  i know nothing.

born_again

2e0arr said:

More tripe for you to consider monday of last week i telephoned a bank (Saga), the guy found my details using my post code.  I told him that I wanted to transfer money above the online range. he told me the amount in my bank was lower than the transfer limit?  It frightened the life out of me. I gave him the account number. he apologised profusely. he had accessed my account of another bank(Marcus). We went through security for the correct bank and completed the transaction. one major bank has these two banks for which i have an account. yesterday in dealing with another issue I had to call them bank again. 6 phone calls later each  one of the 2 banks got a complaint and an SAR request. the complaints also include the security risk of the OP's working from home the ops were working from home all being well they will answer that one. This morning I called my CC company and the op was working from home,and he agreed that I have to trust him and his bank has to trust him that he will not easily copy abuse or sell my data. Search youtube for Anthony Sales data fraud and frank abegnale 's threats on id risk.   My apologies for the long tripe,  i know nothing.

Well unless the 2 banks are linked that is simply not possible. I've  worked at enough banks to know that they all have different systems.
You can not see any other bank account details. Nor would you be able to take a customer through any other banks security...

Example. HSBC, FD & M/S are linked by a base customer system. Yet all use their own security & other systems for customer details. So even the use of a base system for many things,  does not mean that a FD staff member could take either of the other 2 through security as they have their own systems & security setup's. They only have access to their own systems.

Sorry but if you are so paranoid that a sat at home employee could take your details, then I suggest that you stop calling and do everything online.
Avoid post as well, while banks will open their own mail. It is sent to be scanned on to systems and this is all outsourced to 3rd parties. 
I have my mobile phone on my desk at work, and use it as part of my job. Funny, but they actually trust us enough. Due to our systems blocking access to certain websites. Using my phone allows me to get contact details for them for customers. And yes even sat in the work environment I could still take a photo on my phone of the screen. 
But why bother. I can just do a screen grab, print it out and take it home if I wanted...

onlyfoolsandparking

2e0arr said:

D3xt3r5L4b said:

There isn’t one.
You need to phone or send a secure message. 

I think where possible avoid phoning and secure messaging this leaves us open to fraud if their OP is working from home. Whilst the company has a secure link to their OP  and they can monitor what their op is answering it is a fact that a dishonest OP could record the screens using their mobile phone camera and they will see our name and address dob email telephone etc for use at a future time. Those working on current accounts could have a field day.

It's an interesting concept I suppose?, not one that I'll lose sleep over though, It's why we have the FSCS.

eskbanker

2e0arr said:
ty for your response. I would try and avoid at all costs contacting the bank while they have staff working from home.

So in response to OP (using the normal convention for what this means rather than your peculiar variation) asking about how to contact Capital One, your advice is don't contact Capital One?

2e0arr said:
How often do you have people who claim as being victims of fraud and the banks call them out as being responsible. if someone has copied your data for fraud and they can wait for an appropriate time to use it then when you raise the complaint the company may have a lot of difficulty tracing the fraud and the polic will be too busy to consider looking at it. Their system for dealing with your data at home means a potential fraud some time down the line would point at you. Your data is vulnerable just now. esk do you consider this point is tripe  please ?

It wasn't me who referred to tripe but you're grossly overstating the risk here!  There are many ways in which financial frauds can be perpetrated, some on a massive scale, and personally I don't believe that the minuscule loophole you feel you've unearthed is in any way significant, given the balance between risk and reward (from the perspective of the fraudsters).  Of course there are posters who are insistent that they're not in any way responsible for unauthorised transactions but they would say that, wouldn't they, and the logical conclusion of your point is that everyone should keep their money in used notes under the mattress....

eskbanker

onlyfoolsandparking said:

2e0arr said:

D3xt3r5L4b said:

There isn’t one.
You need to phone or send a secure message. 

I think where possible avoid phoning and secure messaging this leaves us open to fraud if their OP is working from home. Whilst the company has a secure link to their OP  and they can monitor what their op is answering it is a fact that a dishonest OP could record the screens using their mobile phone camera and they will see our name and address dob email telephone etc for use at a future time. Those working on current accounts could have a field day.

It's an interesting concept I suppose?, not one that I'll lose sleep over though, It's why we have the FSCS.

No it isn't!  FSCS is primarily a deposit guarantee scheme offering protection against firms collapsing, and has nothing to do with redress for individual fraud cases.

onlyfoolsandparking

eskbanker said:

onlyfoolsandparking said:

2e0arr said:

D3xt3r5L4b said:

There isn’t one.
You need to phone or send a secure message. 

I think where possible avoid phoning and secure messaging this leaves us open to fraud if their OP is working from home. Whilst the company has a secure link to their OP  and they can monitor what their op is answering it is a fact that a dishonest OP could record the screens using their mobile phone camera and they will see our name and address dob email telephone etc for use at a future time. Those working on current accounts could have a field day.

It's an interesting concept I suppose?, not one that I'll lose sleep over though, It's why we have the FSCS.

No it isn't!  FSCS is primarily a deposit guarantee scheme offering protection against firms collapsing, and has nothing to do with redress for individual fraud cases.

I meant the FCA, thank you for correcting my stupidity, I really must try harder!!  

2e0arr

born_again said:

2e0arr said:

More tripe for you to consider monday of last week i telephoned a bank (Saga), the guy found my details using my post code.  I told him that I wanted to transfer money above the online range. he told me the amount in my bank was lower than the transfer limit?  It frightened the life out of me. I gave him the account number. he apologised profusely. he had accessed my account of another bank(Marcus). We went through security for the correct bank and completed the transaction. one major bank has these two banks for which i have an account. yesterday in dealing with another issue I had to call them bank again. 6 phone calls later each  one of the 2 banks got a complaint and an SAR request. the complaints also include the security risk of the OP's working from home the ops were working from home all being well they will answer that one. This morning I called my CC company and the op was working from home,and he agreed that I have to trust him and his bank has to trust him that he will not easily copy abuse or sell my data. Search youtube for Anthony Sales data fraud and frank abegnale 's threats on id risk.   My apologies for the long tripe,  i know nothing.

Well unless the 2 banks are linked that is simply not possible. I've  worked at enough banks to know that they all have different systems.
You can not see any other bank account details. Nor would you be able to take a customer through any other banks security...

Example. HSBC, FD & M/S are linked by a base customer system. Yet all use their own security & other systems for customer details. So even the use of a base system for many things,  does not mean that a FD staff member could take either of the other 2 through security as they have their own systems & security setup's. They only have access to their own systems.

Sorry but if you are so paranoid that a sat at home employee could take your details, then I suggest that you stop calling and do everything online.
Avoid post as well, while banks will open their own mail. It is sent to be scanned on to systems and this is all outsourced to 3rd parties. 
I have my mobile phone on my desk at work, and use it as part of my job. Funny, but they actually trust us enough. Due to our systems blocking access to certain websites. Using my phone allows me to get contact details for them for customers. And yes even sat in the work environment I could still take a photo on my phone of the screen. 
But why bother. I can just do a screen grab, print it out and take it home if I wanted...

You are so right the two banks should not be able to see the others accounts and I cannot expect you to believe me. Knowing this should not happen is why I  asked for an SAR  for a copy of the phone call. The complaint against saga was escalated and  the person on the escalator was also working from home said It can happen because they share a call centre and some staff can see both banks (I dont expect you to beleive this and will accept any comments of disbelief).  What cannot happen did happen hence my complaint. in fact on Monday morning i'm going to a call them and point them to this (MSE) thread.  I considered I have a JLFS CC which is HSBC. however i know if i called HSBC and the OP can see my JLFS CC it would flag up as concern with me, although i dont have an HSBC CC.

2e0arr

eskbanker said:

2e0arr said:
ty for your response. I would try and avoid at all costs contacting the bank while they have staff working from home.

So in response to OP (using the normal convention for what this means rather than your peculiar variation) asking about how to contact Capital One, your advice is don't contact Capital One?

2e0arr said:
How often do you have people who claim as being victims of fraud and the banks call them out as being responsible. if someone has copied your data for fraud and they can wait for an appropriate time to use it then when you raise the complaint the company may have a lot of difficulty tracing the fraud and the polic will be too busy to consider looking at it. Their system for dealing with your data at home means a potential fraud some time down the line would point at you. Your data is vulnerable just now. esk do you consider this point is tripe  please ?

It wasn't me who referred to tripe but you're grossly overstating the risk here!  There are many ways in which financial frauds can be perpetrated, some on a massive scale, and personally I don't believe that the minuscule loophole you feel you've unearthed is in any way significant, given the balance between risk and reward (from the perspective of the fraudsters).  Of course there are posters who are insistent that they're not in any way responsible for unauthorised transactions but they would say that, wouldn't they, and the logical conclusion of your point is that everyone should keep their money in used notes under the mattress....

I never said you did say it was tripe. it's the minsicule loopholes that start data breaches. It is ludicrous that I would suggest keeping used notes under a mattress the steam from the chamber pot will make them curl and disintegrate

Chino

D3xt3r5L4b said:

Anyone working from home will still have to adhere to the same guidelines, rules, regulations, accreditation’s etc. as if they were working from within an office environment. 

Except that an employer has no way of enforcing those "same guidelines, rules, regulations, accreditation’s etc." when the employee is not working at the employer's premises. For example, how would an employer prevent members of an employee's household from viewing a customer's data displayed on the employee's screen?

2e0arr

Chino said:

D3xt3r5L4b said:

Anyone working from home will still have to adhere to the same guidelines, rules, regulations, accreditation’s etc. as if they were working from within an office environment. 

Except that an employer has no way of enforcing those "same guidelines, rules, regulations, accreditation’s etc." when the employee is not working at the employer's premises. For example, how would an employer prevent members of an employee's household from viewing a customer's data displayed on the employee's screen?

D3x  more tripe for you,,,,,,  and the "OPERATOR" has a video camera running and gathers days and days of data while working officially with the customers data. The company would have great difficulty to know if the data has been copied and if and when a fraud occurs without a guilty plea almost impossible to convict.

OP (banks operator apologies  for RTTY ( on a creed 444) and packet radio terms )