[blurr]

Yes, I asked the caller to give me a bank number to call back, to which she replied that they don't have a dedicated line for that purpose (???) and that I had to physically go to a bank to get it done. I'll be changing banks for sure :/

[pwg]

> Yes, I asked the caller to give me a bank number to call back

Don't do this either. If the caller was a scammer, they can give you a number that would call them back, and now they have you "hooked" because you think you've called your bank, when you really called the scammer back.

Call them back on a number printed on your statements or a number you retrieve, independent of this caller, from the bank's website.

[genocidicbunny]

At most, you can ask if there's an extension you can dial after you called their public number to skip the phone menu. But yeah, otherwise, the same principle should apply here as with any user-input fields -- do not trust them.

[blurr]

Understood, thanks!

[creamyhorror]

What country is this? It doesn't sound like a banking sector with mature security practices. Major banks in developed markets should have tightened their customer workflows by now.