That can still be gamed by any malicious SEO wizard. People will trust the top Google hit for "bank of america phone number" before they bother with finding it on the website.
Suspicious activity. Suddenly using your card in the UK, when you're in the US. "Swipes" several hundred miles from your normal location, but also occurring in your normal location on the same day.
Ah, I never use my real card on the net, maybe that's why. I used to get a virtual card unique for every purchase but that has been discontinued now. Got a separate card for online usage that I only put money on when I want to buy something. Also needs to be opened up for Internet usage and many places require an electronic signature with the bank id app. Hoping this will be mandatory soon.
But numbers can change (lapses of mergers), is website would be best as card info can become stale over time —and enterprising outfits could scoop up that number.
They could, but I just tried calling the numbers on the back of two cards from merged/acquired banks and they both forwarded to the acquiring bank. Yes it's a small sample size, but I suspect that there's enough money on the line and enough legacy contracts and systems that banks keep their communication channels active for some time.
> But numbers can change (lapses of mergers), is website would be best as card info can become stale over time —and enterprising outfits could scoop up that number.
How long are bank cards valid? I'd say they expire within 5 years? Also, if there is a merger, wouldn't they send you a new card with updated branding?
Credit cards typically expire after some number of years, and mergers will typically include those phone numbers. If for some reason the acquiring company decides it wants to sunset its acquired phone numbers, it just needs to do so after the expiration date for the last card issued with that number still printed.
I wouldn't call it worse. Google maps entries seem to receive less scrutiny than search results, but I also suspect that nobody use as a phonebook. Most people would use google search, or the back of their card.
How is a random fraudster going to suddenly get the top Google result for "Bank of America phone number"?
I'm sure it's possible, but it strikes me as a pretty large hurdle. And even if they manage to pull it off, they also need no one from the bank to notice and report it.
One gets a call from the bank, they give you a number to ring, you type the number in to Google search, the results come back listing that number and the bank's name -- identity confirmed!?!
The fraudsters just need _a_ website listed by Google.
My insurer called me out of the blue: I said I'd call back. Their number was not listed on any of the companies websites. I called the company, and said what has happened, took them about 10 minutes to confirm they'd called me and that the phone number I was called on was valid.
As it happened someone was trying to commit insurance fraud, saying we'd crashed in to them; but that's by-the-by (ie not relevant to the main story).
You don't need your site to be #1, especially if you can manipulate one that is already high-ranking-- just astroturf GetHuman with fraudulent numbers.
But I admit-- having just done a search for every institution I could think of, it seems Google AMP has done a lot to promote legitimate numbers. It used to be sites like GetHuman competing with or outranking the actual company website for contact information.
Should be solvable by making sure there's an easy, reliable, uniform way to get this info within the call.
> "Hello. Please find the callback number on boa.com/contact. Please enter code XYZ to be connected directly to the agent regarding this matter. Thank you & goodbye."
It's not perfect & you'll still have some percentage of fraud that goes through, but I'd be interested to see the impact this has on fraud rates.
* EDIT: Callback number via the card as the other commentor noted probably works too.
