Hacker News new | ask | show | jobs
by DamonHD 25 days ago
This is very much my experience.

I generally say at some point before terminating the call "you should not train your customers to give out account access credentials to strangers" and the caller usually has no clue what I mean. Does no one in the security teams have theory of mind?

This will be the way I bring up the issue with the regulator if I do. I can think of many ways round this issue that would be much safer and not especially arduous.
1 comments
vkou 24 days ago
The caller is a minimal wagie following a script, you can't get mad at them.

The chucklefuck that wrote the script that you can get mad at won't pick up your calls.

That's how responsibility works.

link
DamonHD 24 days ago
A few of the bank people that I spoke to during the last caper were pretty senior and those did understand the issue that I raised but found themselves constrained by their rules, though one or two got creative with me in a good way. (Pretty much none of those who called me were 'minimum wage' in my estimation.) But very more senior management should be setting good scripts and expectations for the less-well-paid staff doing the grunt work. That is what their higher pay should be buying, IMHO.
link