Originally posted by "Tann San"...
Not too long ago, my Halifax ATM card got deactivated because I misentered the PIN number three times in a row. So, the next day, I went into the main bank branch to get some cash from a teller.
I headed to the counter with my card in hand and some ID in my pocket. I explained the situation and asked to withdraw a few hundred pounds to carry me over until a new PIN number arrived. After taking my ATM card, she handed me a slip and asked me to sign. I did that, and she then counted out the money and gave it to me. No questions asked.
Let's count the WTF's:
- (Obvious) Me monging up my PIN three times
- The teller did not ask for ID, aside from the defunct card
- She did not compare the signature to anything, as I never signed the back of my ATM card
- I didn't actually use a signature, instead drawing a big circle with a cross through it
- She did not notice that the card wasn't signed, nor that my "signature" looked like the X-Men symbol
- I was given the cash with no security questions whatsoever
As my mind was boggling at these things, she said "I noticed that you didn't respond to our letter about changing your account to a higher rate. Would you like to speak to my co-worker about that?".
I remembered the letter from a few months ago, and figured I might as well convert the account then and there. So, I went to a tiny office with her co-worker, who then lackadaisically explained why my current account sucked and how the higher rate one was miles better. He said this all while blankly staring into space; I looked over my shoulder to see if he was just reading the pitch off a cue sheet stuck to the wall. The higher rate account was a better deal, so I agreed to switch. And this is where the WTFs start with him.
The banker tapped my account number from my ATM card in, and then printed out a sheet that summarized my details: name, DOB, address, phone numbers, etc. He slid it across the table and asked me to double check that the details were correct. At this point, I could have been any mugger off the street who just withdrew several hundred pounds and had the full details of whoever I mugged. I'm fairly sure I could have closed the account and withdrawn the funds in full, without any security challenges.
Ironically, two days later I get a letter from Halifax telling me that I should stop using their phone banking service and switch to their ultra secure online service.
At least the teller was bright and cheerful whilst giving me the cash.