Cingular actually hired an ex-data broker to meet with the company and incorporated the insights he gave them into its training programs. Such training is especially critical for CSRs because they receive the pretexting calls and must learn to recognize and repel them. All of the wireless carriers conduct extensive initial training in security and provide regular, frequent follow-ups.
Carriers do not divulge the details of such training, or the specifics of any such business security measures, because they do not want to give fraudsters any inside information that they could use to try to scam the systems.
Giving customers tools to fight back
Consumers, too, need education when it comes protecting their information from pretexters and others who fraudulently seek their data. Through billing inserts and customer service contacts, wireless companies continually remind their customers that they do have a simple, yet powerful tool to fight identify theft.
“When customers call in and express concerns about the security of their information, our customer service representatives are trained to encourage our customers to change to a unique password that they can set on their account. This is an additional step they can take to help safeguard their information,” notes
Lynn Majors, principal privacy officer at TMobile. The carriers advise customers to take the normal precautions that they would take with any password: don’t pick anything too obvious (birth dates, pets’ names, etc.); don’t share it; and do change it on a regular basis.
Some company representatives believe consumer attitudes on the issue can shift,
depending on individual circumstances. For example, a customer may generally support measures to protect his personal information at all costs. However, put that same consumer in a situation where perhaps their wireless device was lost on vacation or there’s a question about service, the consumer wants answered immediately. If a customer does not have vital information on hand, such as his account number, to confirm his identity with a CSR, the customer may place
a higher value on fast and efficient customer service. Such situations highlight the importance of establishing a password.
New federal law targets pretexters
Federal authorities are providing some additional safeguards for consumers against
pretexters by passing a law, HR 4709, that expressly prohibits obtaining a customer’s information through fraudulent means, as well as selling, transferring, or purchasing such information. HR 4709 was approved in the final hours of the 109th Congress, and also increases penalties for pretexting. Although carriers could and did bring lawsuits under state common laws that prohibit fraud and the use of false pretenses to obtain information, they support the federal law that criminalizes pretexting while leaving carriers flexibility to adapt their
processes and stay one step ahead of the bad actors.
