[WhyNotHugo]

I got a call once where the guy said he was from a bank. He said he wanted to verify who I was, so was going to ask me some personal details. I replied "you're the one calling me, how do I know you're really from the bank?".

He sounded amused by my reply, commented that my stance was quite uncommon, but I had made a fair point. He said I'd get a message via the bank's webapp, with a phone number where I could call him back.

It turned out that it was a legitimate call from the bank. But they clearly aren't training their customers to follow secure practices. The personal information that he was asking for is _exactly_ what a scammer would need to ask me too.

[RileyJames]

Exactly. They have the capability to push notification to the app to request you call them. They should do that BEFORE. And if they do outbound, immediately state were pushing a notification and you should call us back as we have something important to discuss.

[nicolas_t]

I’ve had a similar experience except that the person was clearly irritated at my response. He cut the call and I was only able to confirm that the call was legitimate because I asked my relationship manager at the bank.