>Does anyone else have any ideas for how to authenticate a BigCorp caller whose corporate policies do not allow them to provide any account information to the people they are calling?
Definitely. Hang up the phone and call the phone number on the card associated with your account or look up the appropriate telephone number and call them back.
If they're legit, they will be perfectly fine with that. If not, they'll likely squawk about it.
Either way, the correct process begins with you hanging up without providing any information to the caller.
My bank will also send SMS "fraud alerts" with a request to confirm or deny a transaction. That's the same situation, IMHO and the right action is to call the known to be valid phone number for their customer service.
Perhaps there are other, fancier ways to do something like this, but as a general rule, scammers can't change the customer service phone number printed on your card, or hack third party services just to give you a fake phone number online.
Definitely. Hang up the phone and call the phone number on the card associated with your account or look up the appropriate telephone number and call them back.
If they're legit, they will be perfectly fine with that. If not, they'll likely squawk about it.
Either way, the correct process begins with you hanging up without providing any information to the caller.
My bank will also send SMS "fraud alerts" with a request to confirm or deny a transaction. That's the same situation, IMHO and the right action is to call the known to be valid phone number for their customer service.
Perhaps there are other, fancier ways to do something like this, but as a general rule, scammers can't change the customer service phone number printed on your card, or hack third party services just to give you a fake phone number online.