[AusNOG] Optus Hack

Scott Howard scott at doc.net.au
Wed Sep 28 10:47:54 AEST 2022


On Tue, Sep 27, 2022 at 5:32 PM Andrew Oakeley <andrew at oakeley.com.au>
wrote:

> I am sick of my bank and teleco calling me and saying “Before we go any
> further can you please tell me your date of birth so we can confirm we are
> talking to the right person”…. Well how about you confirm who you are
> before I disclose my DOB to someone who has randomly called me.
>

This is starting to happen in the US.  The combination of SHAKEN/STIR
caller id authentication, along with things like Android "Verified Calls" (
https://developers.google.com/business-communications/verified-calls) and
Apple's equivalent mean that it's far easier to confirm the caller really
is who they are saying they are.  When I get a call from my US bank (on my
US phone), it clearly states who it's from, and that the call is verified
to be from them.

Unfortunately it's otherwise a hard problem to solve.  Sure, there are
"simple" solutions (like asking to call back on the number on your card)
but these are an imposition on both sides.  The average consumer doesn't
understand the problem, so when companies do add additional steps like
that, it's seen as a negative by the customer.

  Scott
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ausnog.net/pipermail/ausnog/attachments/20220927/e0713bb5/attachment.htm>


More information about the AusNOG mailing list