Like a man… went to the bank
Back in 2007, I decided to buy housing. Yes, not simple, but mortgage.
Over time, I realized that “the most reliable investment is a mortgage” © (mine)
I turned to the well-known blue bank (bank1) with 3 letters for a small amount and quickly repaid the loan. Even then, a credit history was formed and a life hack was applied, as they like to say now. A small loan amount is taken out, for example, to purchase household appliances, and the loan is successfully closed. A green checkmark appears in your credit history; the bank kindly considers issuing a higher amount.
Loan after loan, the history is updated with green checkmarks, the operator’s smile gets wider with each visit. This went on for ten years. The life situation has been different for the last 7 years; there was no need to contact the bank. Salary funds were in other banks. The Blue Bank did not bother with its advertising, and did not in any way remind itself of an open account. I wouldn’t have remembered about the long-blocked cards and the fact that I need to provide a new phone number, since I’ve already lost the old one.
But….Penapple
Part 1. Credit
A few days ago, during work hours I received about 6 missed calls from numbers marked as scam. I'll publish them here:
+79031779204
+79031273184
+79031104575
+79031075611
+79653139598
Well, who doesn’t it happen to? There are many stories, we know, we swam. But no.
I still managed to answer the last call and listen. They introduced themselves as employees of the bank1, explained that a few minutes ago on the partner’s website an application for a loan of 1.5 million (rounded up to 100 rubles) was submitted to me and asked me to name the code that had arrived via SMS.
Hung up and marked it as spam.
Smart, huh?
Immediately there is a call from number 1000!!! They tell exactly the same story and ask for exactly the same code from a new SMS.
I call back to number 1000 and try to get through to the operator. Music, robot voice every 30 seconds:
“Waiting time 6 minutes”
“Waiting time 2 minutes”
“Waiting time 4 minutes”
“Wait time less than 1 minute”
“Waiting time 6 minutes”
“Waiting time 4 minutes”
In total I waited 15 minutes:
– Good afternoon! My name is Victoria. How may I address you?
– Good afternoon, Victoria. My name is Sergey…..
Part 2. Denial, anger, bargaining, depression, acceptance
During the conversation with the operator, I asked to block all online transactions on my account and not issue loans without my personal presence at the bank branch.
All I achieved was that I was removed from the mailing list of notifications regarding transactions, including the issuance of loans.
Well done!!! Keep it up!!!
During the evening I remembered that I had changed my phone number for the last 6 years and that I should inform the bank about this.
Part 3. Merger
Everyone knows how the Central Bank of the Russian Federation famously revokes the licenses of those who are guilty. Here is the blue bank (bank2), where mine is located salary account at my previous job, I recently lost my license.
It was announced to the whole country that the bank had come under the control of the blue bank (bank 1) and that a takeover (merger) would take place in the future. Well, it will happen and it will happen. For consumers, including me personally, ultimately nothing will change. That's what they said, that's what they believed.
Last year I changed jobs. The salary project account in the blue bank was transferred to personal use. There is little activity left.
The next day I gathered my documents and went. to Poltava to the nearest bank branch.
He didn't wait long and didn't say much. I expressed a desire to prohibit any transactions on the account without my personal presence and correct the phone number. The operator scanned the passport, entered new data into the database, printed out the documents and handed them to me to sign.
The first and important document is the “Single Consent Form”.
Section 1, paragraph 1 refers to the “Rules for the processing of personal data (hereinafter referred to as the Rules)”. Together with the operator and the bot on the bank website1, after 10 minutes of searching, we still couldn’t find these rules.
I'm sure they are there, but try to find them among the huge number of offers. And the rules on the site can always be changed. How will this be tied to consent given at a particular time?
The operator printed out the rules from her database, certified them with a signature and seal.
Ask politely – they will give it.
in the “Unified Consent Form” all the boxes were “courteously” ticked for me, conditionally for everyone.
I started crossing out and writing my prohibitions by hand. The operator, seeing this document, printed it out with the checkboxes I needed and told me with an apology that their database would not accept my first option.
Of course, I thank you for such courtesy, but to deprive me of the right to choose by slipping me a document with pre-checked boxes, I consider this a pure violation 152-FZ.
This especially applies to the transfer of personal data to third parties for advertising purposes.
There are 2 documents on hand.
A less interesting document is “Additional information about the client.”
There is nothing special here, the data was collected during the loan application.
The most important document that I would like to pay attention to and answer the question, what does the merger have to do with it:
The mailbox has changed from gmail.com on mail.ru. But my bank1 has always indicated exclusively gmail.com. Strange, but not critical.
Wow, how many phones had access to the personal account. Wait! What are landline numbers doing here?! How so?
Here we need to clarify.
The first and last numbers are identical. Duplicate numbers are a strange situation. In the center there are 2 cell phones – one is current, the second I haven’t used for a long time.
But the city numbers are somehow suspiciously familiar.
So these are city numbers belonging to the legal entity where the bank’s salary project was opened2.
This is how bank2 numbers gained access to control an account opened several decades ago at bank1.
So much for the merger. Phone numbers were simply added and the mailbox was rewritten.
Without my knowledge or consent, the bank simply made changes to the data for managing my account during the takeover.
I went into the bank's personal account2, I only see my cell phone, I don't see the city numbers of my old employer. Now you have to go to bank2 and close access to landline numbers.
I made several conclusions for myself.
1. The salary project allows employers to manage the accounts of company employees. Maybe they can even take out a loan.
2. When you quit and transfer your account from a salary project to a personal one, the access data does not change, the legal entity continues to have access.
3. Merger is understood differently for everyone – some consider finances, while programmers at the bank1 simply add records. And if the field type does not allow it, simply replace the value.
4. Information on approved loans reaches fraudsters faster than officials.