How Rogers is making their customers vulnerable to fraud

Rogers is actually pretty ridiculous. I was about to make a post about this, but:<p>Rogers also sends text message spam every month. You can't opt out. I have called on 4 separate occasions and spoken to a manager, asking to be opted out of the spam. The first few times, they apologized and told me I'd be taken off the list. After I wasn't, I asked to speak to a manager, who called me back.<p>He told me, "Sir, that isn't spam. Those are Rogers marketing messages." After I told him that I, the customer, considered it spam and would no longer like to receive them, he told me, "I will forward your request to our marketing department, and they will determine whether it is spam."<p>Best company.

I had to talk to rogers about getting some money back after finally cutting all of my services with them.<p>Because my old cellphone number was the account number, they started giving me information about the Department of National Defense employee who now owns my old cell phone number.<p>Hows that for a security failure on Rogers' part?

Totally agree that this isn't a great idea on Rogers part. But it strikes me that there is a relatively easy way to detect social engineering in this case. Just give the caller ridiculous answers in response to their first few queries and see if they balk. Only someone who knows the correct answers will challenge you.<p>It would be really nice if there was a better way to ensure the identity of parties on either end of a phone call. In my case, an inability to remember dates causes a headache every time I try to do telephone banking where it seems to be the only type of security questions they use.

Canadian cellphone companies are pretty much a oligopoly with 3 big players, Rogers, Telus, and Bell. All 3 of them are super expensive and locks people in on super long 3 year contracts. These companies are so shady they create multiple "discount brands" to make consumer feels like they have more choices. It's not till recently that Canadian government realized the need to create competition and auctioned off some AWS spectrum to a couple "startups", namely Wind and Mobilicity and couple other ones.

At work we had privacy training videos shown one was an employee who spoke about the mobile phone company he has service with, no names but he'll call it "Mogers".<p>When he signed up for service with "Mogers" they messed up his name on his bill, instead of e.g. "John Smith" they put "J ohnSmith".<p>Then a week or so later he starts getting junk mail addressed to a "Mr J ohnSmith".

The same thing happened to me, but in the US. I think it was one of my credit card companies calling me, and they started asking me to identify myself. I refused, and I asked them for a number I could call in to. They gave me a number, I googled it to ensure that it was legitimately them, and then called the number.

I had the same thing happen with my bell account, I got a voice mail saying a representative was coming to my house to install a cable box, which I hadn't ordered, the number that was left wasn't the traditional bell 310 number, so I called the bell number on my bill, only to find out that they had not left that actual message - I never called that number because I didn't want to get more spam. These types of calls from tel comm have become so prevalent, once for cable, once for mobile, once for my internet, that I've become numb actually listening to what they are actually saying anymore; I'm sure if my parents were left this message they would have easily given personal information no problem.

Full disclosure: I work for the aforementioned. Much of this stuff doesn't appear to make any sense from the outside, and sometimes puzzles those on the inside. I'm not company PR nor am I trying to be. Actually, to be honest as I'm disgusted by the company for how they are handling things. Morale is in a slump and pressure from above to cut costs and increase profit is insane.<p>But to get back on topic: The policy this blogger has encountered deals with how a dealer must authenticate a customer before making any financially-impacting decisions or contractual obligations. As far as the lawyers are concerned this is to protect the company. If we mail out a new iPhone 5 and charge an account $100, then when it turns out you are not who you said that's simply too bad for us. We just lost an expensive phone. Arguably, it appears to make no sense in some scenarios like the one mentioned (where one could reasonably assume they are speaking to the correct person) but the reality is the person calling you has no bloody clue who you are. The account likely came up on their screen and the system dialed your number. You could be the account holder or a kid holding the phone.<p>The poor sucker calling you is likely sitting in a mile-long row of phones tethered to the desk by cords forced to listen to people complain all day long. Really, that's no different than just about every call centre. You asked for a manager... now guess what? You (if you're lucky) just got transferred to another call centre. Go figure.<p>Sales and service isn't all about money but that's all these big blind companies are able to see. You can complain about it all day long and it doesn't change a thing. Call up and cancel your service, perhaps then one of the dolts overseeing operations will see the light.

Relevant: <a href="http://www.youtube.com/watch?v=F2EJJ8BCfCg&#38;hd=1" rel="nofollow">http://www.youtube.com/watch?v=F2EJJ8BCfCg&#38;hd=1</a>

Just redirect calls from Rogers and other toll-free numbers to your voice mail