I wholehearted agree with your mantra. But I need banks and other businesses to learn this. Particularly banks.
My bank has literally called me with what amounts to "ur being haxxor3d", and like … who are you? The representative literally would not tell me who he worked for. I was 210% sure it was a scam, and hung up on him. Turned out, it was legit.¹
Companies need to make sure their own operations don't bear the trappings of fraud.
¹(I don't regret hanging up, though. Calling back to a known, published-by-the-business-itself number is the right thing to do.)
Yeah I got a similar call once from someone, maybe a credit card company, and the first question was "to verify your identity we need the last four digits of your social security number" and I was like wait a minute, you called me. What are the last four digits of YOUR social security number?
