What problems do banks have when communicating with clients over the phone and what do telephone scammers have to do with it?

At the economic forum in Davos, Mary Callahan Erdos, chief executive officer of asset and capital management at JP Morgan Chase, said that about 45 billion hacker attacks occur on financial institutions every day (the bank later clarified that this is the total number of calls to the system). She assured that all “attacks” ultimately turn out to be unsuccessful, but year by year the number doubled. According to analysts presented at the forum, by 2025, the damage from hackers to the global economy will grow to $10.5 trillion.

In the Russian Federation, as you know, hacker attacks on financial institutions have not stopped for a day over the past two years. In November 2023, Sberbank Deputy Chairman Stanislav Kuznetsov said that the credit institution fought off the most powerful DDoS attack, during which the intensity reached more than 1 million requests per second. Translating this into the dimension adopted by Ms. Erdos, we can say that Sberbank was subject to about 86 billion attacks per day, that is, almost twice as many as JP Morgan Chase.

But if in the United States attacks directly complicate the work of credit institutions, then domestic bankers have problems of a different nature. Before the New Year, a friend of mine encountered a “rarely brazen fraud.” They called from an unknown mobile number and, calling me by name and patronymic, demanded my passport information. The woman, well versed in information security rules, naturally hung up.

After the calls were repeated in different voices, my friend herself called the bank with the intention of causing a scandal due to a leak of personal data. However, as it turned out, the calls were not from scammers, but from real bank employees who needed to inform the client about the debt and the need to repay it before the New Year. Their persistence was most likely explained by the need to achieve a certain level of reduction in client debts in order to receive a New Year’s bonus.

Thus, it turns out that the banks themselves, with numerous information security information, advertising that the bank does not call the client and does not require him to disclose personal data, have instilled in citizens a level of vigilance that now prevents credit institutions themselves from communicating with clients on phone.

How then can we explain that in the third quarter of last year alone, as the Central Bank says, fraudsters, using social engineering, stole more than 1 billion rubles from citizens? Here I can refer to the characteristics of the Slavs presented in the “General History, processed by the Satyricon”: “On the one hand they were brave, but on the other hand they were not brave, as a result of which the outcome of the battle depended on which side they were approached from the enemy – with the brave or not with the brave.”