[nolok]

In France, basically every bank say (show in their app and everything) "if we call you and ask anything like code, confirmation, to do an action, anything, end the call and call us back, don't do anything on a call you didn't initiate".

Same in their app eg you try to do a sepa wire to a new recipient and you get a warning "are you on the phone with someone ? did someone ask you to do that ? please call your bank by pressing this button. By the way we will never call you to ask an auth code or to do a wire"

[mcintyre1994]

A few UK banks detect that you're on a phone call and show a message like "we've never called you" or "we are not calling you right now" in their app, I think that's really smart.

[lelandfe]

The amount of behind the scenes work to get that set up seems impressive.

[spicymaki]

Here is a fun one, my mobile phone company has an account lock along with a pin and OTP over SMS system. In order for me to activate a new device (like an phone upgrade) with eSIM over the phone, I need to unlock my account with account lock, give them the pin over the phone, and read the SMS OTP to the mobile phone rep online. I get doing the account unlock and verbal pin, but I don't get why they ask for the OTP especially when they train us to never share the OTP over the phone. I even asked the rep about it, but he mentioned that you should never share the OTP if you did not initiate the service request. From a security posture point of view I think that stinks. I am not exactly sure how they expect SMS OTP to work in the case where my phone is not functional.

[benhurmarcel]

And then we have the national post office sending its notifications from the scammiest-looking domain they could find: noreply@notif-colissimo-laposte.info

[bayindirh]

In Turkey, if my bank calls me, they also send a push notification telling "We are calling you. The representative's name is $NAME. You can talk safely".

[dawnerd]

Unfortunately in the US, maybe elsewhere, pharmacies and medical offices have trained the elderly it’s okay to verify their dob when they call. Costco does that when they call and it drives me nuts.

[vkou]

US insurers expect you to click on sms links and log in with your username, password, and 2fa all so you can receive a fucking marketing message.

[MichaelZuo]

Why would anyone stick with an insurer that clearly doesn’t give a darn about them?

Just for a discount?

[vkou]

Well, I could go with a different insurer that blatantly and brazenly lies about their network coverage[1], or I could go with one that doesn't, but still doesn't have my doctors in it, or I could go with the other one that people claim consistently denies care and coverage.

Also, if 'Just for a discount' isn't a reason to use them, do you have $3,000 lying around to wire me? If you do, I'll happily switch to a much more expensive insurer that meets my other criteria, and might or might not send me marketing materials disguised as fishing SMS. (I'll let you know if they do.)

---

Insurers aren't banks or ISPs or gas stations. They don't provide a fungible service that is nearly identical from one to the other. You can't 'just switch'. They are both heavily obfuscated, and heavily differentialized, because the healthcare 'market' is obfuscated and heavily balkanized.

And all of them are utter shit, but in different ways, and if you are lucky, you won't discover the ways in which yours is shit.

---

[1] How this isn't a statutory capital crime for anyone with the rank of director and higher, I have no idea. But the fact that the people orchestrating this are permitted in civil society does lead me to believe that maybe we don't live in a just world.

[MichaelZuo]

From what it sounds like… you are the one already paying either way.

It’s just one firm takes, instead of more dollars, some other value out of you?

I’m not sure why the latter is more preferable. But if your sticking with it after seriously thinking about it, then that is your choice.

[dawnerd]

Don’t have much of a choice. Gotta love our system.