Have you ever been asked this security question?

Toggle sidebar Toggle sidebar
madoka

madoka

Diamond Member
Jun 22, 2004
4,344
712
121
I had to change my credit card due to fraudulent charges, so places where I had recurring charges are now calling me for my new number.

Earthlink calls me because I have an email account with them. It's an Indian customer service rep with a thick accent, so I have to ask him to repeat things. He verifies my name, email address, and new credit card number. Then he asks me if I'd like to prepay my account for an year and I said yes.

For security purposes, he asks me what my father's middle name is.

I told him:

1. You've already verified my info, so what security purpose is there in this situation? To prevent some benevolent stranger from prepaying my account?

2. Who on earth asks for your father's middle name? I asked him twice if he meant mother's maiden, and he confirmed each time he needed my father's middle.

Since I've never given my father's middle name to anyone, I don't know what it would prove. Have you ever been asked this question before?
 
Sonikku

Sonikku

Lifer
Jun 23, 2005
15,902
4,927
136
Clearly he was fishing for security question answers so he could take control of some of your accounts via password resets.
 
Humpy

Humpy

Diamond Member
Mar 3, 2011
4,464
596
126
Don't act like we don't know your father's middle name is James.
 
M

mrjminer

Platinum Member
Dec 2, 2005
2,739
16
76
madoka said:
I had to change my credit card due to fraudulent charges, so places where I had recurring charges are now calling me for my new number.
Click to expand...

Why would you give any information to them at all

Might as well go ahead and change your card number again now, fool
 
W

who?

Platinum Member
Sep 1, 2012
2,327
42
91
Since people are less likely to have used this on other sites it's probably more secure.
 
D

DaveSimmons

Elite Member
Aug 12, 2001
40,730
670
126
I would never give them the info over the phone. Odds of that really being Earthlink are not great.

After you change your CC again because of the new fraudulent charges:

Next time you get a call like that, say "thanks for reminding me, I'll go to the website and update my card." Then go to the website directly, not by clicking on some link in an email, and update your card.
 
madoka

madoka

Diamond Member
Jun 22, 2004
4,344
712
121
No, it was definitely Earthlink. He knew my name, email account, what my charges were for, how much it cost per month, how much I was overdue, etc.

It's just a weird question to ask, since no one asks for your father's middle name. I wonder if it's a cultural difference with India.
 
thesmokingman

thesmokingman

Platinum Member
May 6, 2010
2,302
231
106
No one uses father's middle name cuz the father's middle name carries no weight like the mother's!
 
KeithTalent

KeithTalent

Elite Member | Administrator | No Lifer
Administrator
Nov 30, 2005
50,231
118
116
He called you? Phishing. I always make sure I have initiated contact before providing any info. If someone calls me, I hang up and call the main number on my card or I go to the main website and log in securely that way.

KT
 
gorcorps

gorcorps

aka Brandon
Jul 18, 2004
30,741
456
126
madoka said:
No, it was definitely Earthlink. He knew my name, email account, what my charges were for, how much it cost per month, how much I was overdue, etc.

It's just a weird question to ask, since no one asks for your father's middle name. I wonder if it's a cultural difference with India.
Click to expand...

He's good, and you bought it

Good luck getting your identity back :\
 
W

WHAMPOM

Diamond Member
Feb 28, 2006
7,628
183
106
madoka said:
I had to change my credit card due to fraudulent charges, so places where I had recurring charges are now calling me for my new number.

Earthlink calls me because I have an email account with them. It's an Indian customer service rep with a thick accent, so I have to ask him to repeat things. He verifies my name, email address, and new credit card number. Then he asks me if I'd like to prepay my account for an year and I said yes.

For security purposes, he asks me what my father's middle name is.

I told him:

1. You've already verified my info, so what security purpose is there in this situation? To prevent some benevolent stranger from prepaying my account?

2. Who on earth asks for your father's middle name? I asked him twice if he meant mother's maiden, and he confirmed each time he needed my father's middle.

Since I've never given my father's middle name to anyone, I don't know what it would prove. Have you ever been asked this question before?
Click to expand...

Every one I do business with tells me they will never call and ask me for this kind of information. You just gave your new info to the people charging fraudulently on your last one.
 
glenn1

glenn1

Lifer
Sep 6, 2000
25,383
1,013
126
If trainers ever wanted an example for the topic of phishing and what to do and not to do, they could just quote OP's post. This is like one of the poorly written and acted scenarios that us corporate types get forced to take in annual training. You could just drop in some poorly drawn clip art and you'd have a ready made learning event.

panel1.png
 
R

randay

Lifer
May 30, 2006
11,018
216
106
it is now clear why you have had fraudulent charges. call your credit card company and change your card number again. then proceed to learn how to not give away your credit card information over the phone to random people who call you claiming to be someone/something that you cannot verify.
 
W

WHAMPOM

Diamond Member
Feb 28, 2006
7,628
183
106
madoka said:
No, it was definitely Earthlink. He knew my name, email account, what my charges were for, how much it cost per month, how much I was overdue, etc.

It's just a weird question to ask, since no one asks for your father's middle name. I wonder if it's a cultural difference with India.
Click to expand...

You used your father's middle name as a security question and forgot it? He knew your info by using your old card to get it. You are now in the shame me twice terrority.
 
Last edited:
Miramonti

Miramonti

Lifer
Aug 26, 2000
28,653
100
106
I always use Roboform to generate a unique random 'password' to use for all security answers (then of course save the fields as a new passcard.)
 
Carson Dyle

Carson Dyle

Diamond Member
Jul 2, 2012
8,173
524
126
He told _you_ the credit card number on the phone? The entire number? Are you sure??

In a system configured to store credit card information securely, I wouldn't think CSRs would have access to CC numbers. That would be be a huge security hole. They would have no need to see them, as they'd only be used by the computer systems to make transactions. Nobody is going to key those numbers into a card terminal.

If the guy who called you actually did have your CC number, I would cancel it ASAP.
 
Dr. Zaus

Dr. Zaus

Lifer
Oct 16, 2008
11,764
347
126
Carson Dyle said:
He told _you_ the credit card number on the phone? The entire number? Are you sure??

In a system configured to store credit card information securely, I wouldn't think CSRs would have access to CC numbers. That would be be a huge security hole. They would have no need to see them, as they'd only be used by the computer systems to make transactions. Nobody is going to key those numbers into a card terminal.

If the guy who called you actually did have your CC number, I would cancel it ASAP.
Click to expand...

He just said he 'verified it' now who gave the information up first. The 'real' verification was this:

No, it was definitely Earthlink. He knew my name, email account, what my charges were for, how much it cost per month, how much I was overdue,
Click to expand...

And when you get far enough behind the company reports almost all of this to the credit agencies.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom