Dell Gets Nosey When Attempting To Verify Order

Zach ordered a netbook online from Dell, then got a call from a customer service rep who wanted to verify his identity for the order. He was stumped as to why the company needed to give his birthday and last four digits of his SSN.

He writes:

I feel good about Dell verifying orders, even as small as $500. Plus, it’s good business. I was definitely not prepared, however, to be asked by the Indian call-center rep my birth date and the last four digits of my SSN!

I would guess a verification phone call requires confirmation of addresses, phone numbers, email, and maybe credit card numbers and codes. She asked for the pertinent information, but she didn’t ask me to confirm my credit card number.

When she asked for my date of birth, I immediately asked why. She said it was for verification purposes, and of course knowing that I had never given Dell my birth date, I asked her how she planned to verify that information? She said she had that information right there in front of her, and I asked her what it said. Of course she wasn’t going to divulge that to me because she was performing a verification!

After a couple more rounds, she finally relented and said I was able to verify my order with the last four digits of my SSN. What?!? Now, I can imagine how Dell might have obtained my birth date. It’s possible I put it in when I created my website account (though I usually use the same false birth date on insignificant sites for obvious reasons). But I know darn well that I never gave Dell my SSN for any reason whatsoever. Ever!

I told her I refuse that information and we went rounds again, finally culminating in my telling her that I’ve had higher-priced items sent to my office using the same credit card several times before, and nobody ever bothered to question or verify the order, and that I would never agree to divulge that information to Dell for any reason. Once she looked at my previous orders, and after I told her that she could cancel the order if she insisted on my most-personal information, and after nearly 45 minutes of holding and haggling, she verified the order and sent it to production.

What on earth is Dell doing with this information? Why in the world are they asking for birth dates and SSNs? Isn’t it technically illegal for Dell to be asking for an SSN, especially considering that Dell is not checking credit reports (I hope), or offering credit (except through Dell Financial Services, which I’ve never used)?

It never hurts to give everyone here a reminder that just because a business asks for this information, it doesn’t mean
that they are entitled to it or that you should tell them.

Whatever Dell wants with Zach’s birthday, I’m betting it’s not to send him a present. If you’ve got an anecdote about any other corporations asking for TMI, leave it in the comments.

(Photo: yoshiffles)

Comments

Edit Your Comment

  1. Osi says:

    Some things are illegal to ask, especially by out-of-country call centers …

  2. GMFish says:

    Good for you for not divulging the information. I would have immediately hung up and called Dell to confirm that Dell authorized the call and then to cancel the order.

    • LMacConn says:

      @GMFish: Ditto.

      This sounds phishy to me. I would call Dell anyway, now, and confirm that “verification” really was from them and should have been asking those questions.

    • PLATTWORX says:

      @GMFish:

      Sadly, if you did call Dell you’d get ANOTHER Indian call center. That is the reason we stopped using Dell. We could not get someone in the US to speak with and many of the reps didn’t seem to understand our requests.

      • bwcbwc says:

        @PLATTWORX: Exactly what does it being an “Indian” call center have to do with it? I’ve dealt with US CSRs with heavy regional accents that were just as much of a pain to deal with as the offshore centers. Seems to me your concerns about jobs being offshored are starting to transform into racism.

  3. deeness says:

    I once ordered some clothes from Old Navy online. It wasn’t the first time but it was the last. They out-the-blue called my credit union to verify account information! Of course, my CU would not tell them anything. So I got a voice mail message from ON asking me to participate in a three way call with my CU or they would cancel my order. What were they trying to verify? The shipping address was the same as my billing…the “ship to” name was the same one as on the card I used. No thanks guys!

    • PLATTWORX says:

      @deeness:

      I have purchased thousands of dollars of merchandise from Banana Republic online (same company as Old Navy) and never had them call to verify a single thing. Very odd.

    • bennilynn says:

      @deeness: It’s an attempt to forestall fraud. Would you rather a scammer use your ill-gotten credit card number to buy thousands of dollars worth of merchandise and not have the company call your bank to verify the information they were given about your account is correct?

      Reputable companies will do this. They will call your bank or credit card issuer and say, “Hey, is 123 Smith St Anytown USA 12345 the billing address associated with this card? Is this name correct?” Your credit union probably refused to disclose this information without you on the line, but banks are NOT required to do this. Banks can and will confirm information with retailers without you knowing. In fact, as I know from working in this industry, there are entire departments in financial institutions devoted to doing just that.

      The only difference is, this time, you knew about it.

      It really is for your protection. Don’t be paranoid.

      • SatanicGuinea says:

        @bennilynn: The verification system that merchants use actually is able to check your shipping address against the billing address on file for your CC so I don’t believe you at all.

        They have absolutely no reason to be calling your bank up and I’d be pissed if my bank voluntarily gave up that information to someone claiming to be from Old Navy or whoever.

        My protection? Actually, I am only liable for the first $50 of fraudulent transactions. This is for the protection of the merchant, nothing more, because they are the ones who get a chargeback if the CC is stolen.

        • bennilynn says:

          @SatanicGuinea: Believe it or not. I’ve worked with banks for years. They do this, especially online retailers.

          They’re not asking for any secret information that you didn’t already provide. The retailer is verifying information you gave them. That includes billing address (which you always have to disclose), your name, phone number, etc, to make sure it is actually your card. The bank can’t provide the correct info. They can only provide a yes or no as to if the information is accurate.

          Banks and credit unions are not required to notify you if a retailer calls them up to ask about information you provided. It happens frequently.

          • bwcbwc says:

            @bennilynn: Which is all fine, but in this day and age of phishing and social engineering, sending an unsolicited phone call is not the way to get the information. They need to call you and tell you that verification is required, and if you elect not to provide personal information to an unsolicited call, to please call the toll-free number that is included in your online invoice in order to provide verification. If they want they can also provide a verification code for you to use during your callback to route the call to an appropriate person.

  4. twophrasebark says:

    A lot of companies are using these third-party vendors to verify your identity.

    But guess what? The process is incredibly prone to error and the data is full of mistakes. People are frequently linked with other individuals with similar names or addresses.

    • Laura Northrup says:

      @twophrasebark: I used to use these same databases to do background checks when I worked as a news librarian. Part of learning how to use the material is cross-checking and trying to figure out which data is good and which isn’t.

      When banks and these third-party vendors can’t do that, loans get denied and other badness happens.

    • Hobz says:

      @twophrasebark: I actually had a credit service tell me that my mothers maiden name was wrong (insisted that I didn’t know my own mothers maiden name) and denied me based on that?!?!?!

      • Difdi says:

        @Hobz: I’ve had that mother’s maiden name thing go wrong that way on me before. I’m currently wrangling with PayPal to prove I’m me…PayPal has, in the recent past, asked me about the model of my first car (I’ve never owned one), the full debit card number tied to my account (they can bill the card, but they declared the number I entered wrong), asked me to name my first pet (and I somehow got that wrong, according to them), etc, etc, etc.

        I know my personal verification questions pretty well. The thing is, I never at any time in the past, supplied the ones they are asking about to PayPal at all…so I have to wonder, who do they think I am, if not me?

  5. HogwartsAlum says:

    No, no, no, no, no. Companies, don’t do this. I will NOT buy stuff from you if you do.

    • mazzic1083 says:

      @HogwartsAlum: I think a lot of companies pay other companies for data mining and the like. Sorry to say but I think companies do this a lot

      • amuro98 says:

        @mazzic1083: And what exactly does my SSN#, or birthdate have to do with data mining?

        If someone called me claiming to be from some company, and asked for private information like this, I’d hang up and call the company directly so I could verify they were actually doing this, and that I wasn’t being phished.

        Of course once I had verified they were doing this I might cancel the order. Why does Dell suddenly need this information? Now, I can understand the credit card calling to ask you to confirm your ID and that you just purchased a computer, but why does Dell care?

        • mazzic1083 says:

          @amuro98: Well I think Dell doesn’t necessarily “care” but probably use the info on your birthdate for marketing purposes. As to the ss# I still haven’t found out a valid reason while any business really needs that information but so many now ask for it. It used to be guarded and treasued and known only to basically you and the government and now there are constant requests for the last 4 of it.

          The point of this was that I think companies have a lot more data than people realize; mostly getting that inofrmation from other companies or forms that customers fill out voluntarily

          • HogwartsAlum says:

            @mazzic1083: Well that doesn’t mean I’m going to give it to them. They don’t need it; I’m not giving it. And they don’t need my money either.

  6. HannahK says:

    When I was called by a credit card company and asked for my entire SSN over the phone, I hesitated, since it seemed like they were asking for a lot. The CSR on the phone understood, and suggested that I verify the company’s phone number and call back myself. That way I would know that I was definitely talking to a rep from the company, not an identity thief who found a piece of my mail, for example.

    From now on, if someone calls me and then asks me to verify any information, I google the company’s main phone number and call them back. But as long as I know I am definitely talking to the company, I don’t mind verifying, and I don’t understand why that is a big deal. Especially when they just want the last 4 digits!

    • poisonpanik says:

      @HannahK1012:

      The last 4 digits of your social security number are the 4 most important digits.

      “Researchers at Carnegie Mellon University demonstrated that public information such as birth state and date of birth found on commercial databases or on social networks such as Facebook is enough to guess part or all nine digits of a victim’s Social Security number with relative accuracy. ” [www.crn.com]

    • Coelacanth says:

      @HannahK1012: The last four digits may be enough to verify your identity to a credit card company.

      See, said Dell representative already has your name, address, phone number, and full credit card information for legitimate business purposes. Combine that with a birthdate and last four digits, he/she could wreck major havoc (e.g. call up credit card company, change address, ship a new card, go on a spending spree.)

    • katstermonster says:

      @HannahK1012: If you had my first and last name, last 4, and birthday, you could get into my FAFSA applications. I don’t think I need to tell you how much information is stored in there. And as poisonpanik and coelacanth have said, those digits are the most important, and can be used by credit card companies.

      Also – I keep coming back to the question of why the heck Dell needs that information in the first place, especially given that all the OP’s addresses and names on the order matched, and that he’d gotten things delivered to that address with that CC before.

  7. Eigtball says:

    It’s NOT illegal to ask for it. [www.michigan.gov]

    I think it’s good that someone is taking the time to verify an expensive order is being place on your account. They are protecting you and your information. There is plenty of fraud going on, and instead of getting all defensive and taking it extremes maybe verifying your identity would have saved you 40 extra minutes.

    Dell and many other companies have privacy policies, and if you took the time to read it, it states in the conduct of it’s business it may gather information on you, but keep that information private. It’s common practice.

    • Karita says:

      @Eigtball: The issue for me is that my personal information should be just that – private. It is a really big deal because they have no need for that type of information. They can gather all they want about my shopping habits at Dell, but I am shocked that they gather irrelevant personal data from other parties. Where, exactly, did I opt in to having that info sent over to Dell? I guess I did it somewhere, but I’d never be able to tell you where, when or why. And considering that it’s quite possible to guess social security numbers, the fact that countless people have access to that type of information is just sickening.

      I’ve had verification calls in the past from companies when my billing and shipping addresses were different, but they mostly involved calling my home phone number and asking if I really placed the order. It amazes me how many places have a right to more information about me than I am able to get on my own. It’s scary, really.

    • Woden501 says:

      @Eigtball: The problem is that while they may not give out the information willingly there is always the chance it will end up being stolen or lost. Just look at all the different businesses who’ve had their databases hacked, lost a laptop loaded with info, etc. in the last few years, and tell me that you still feel that just because they say they won’t give it out doesn’t mean it won’t make it out. The fewer people/entities you give your SSN or any other information to the better.

    • jamar0303 says:

      @Eigtball: What would Dell be doing with a SSN in the first place, let alone sending it off to India for a random call center employee to look at? Highly inappropriate and I won’t be ordering from them anytime soon.

    • GMFish says:

      @Eigtball: Who cares whether or not what Dell did was legal? The reason this was posted is because the call and the questions were invasive and annoying. You might want to spend your money at invasive and annoying businesses, but the rest of us do not.

    • flugennock says:

      @Eigtball:

      Uh huh. They keep it private, until they decided to sell it… or until their network is hacked.

  8. Karita says:

    I’d really like to see someone here give an explanation as to how Dell got that information, and also to explain why it is not illegal. This story really bothers me.

    • K-Bo says:

      @Karita: As someone said before, through a 3rd party company that specializes in it. As for why it’s not illegal, probably because the information companies have a lot of lobbying money.

    • darkforcesjedi says:

      @Karita: Dell doesn’t have the information. What happens is they get the information from you and enter it into a portal provided by a credit reporting agency or another third party service. The third party returns a result indicating how likely it is that you are you or how likely it is that you will pay your debt.

      When I bought my house, everyone (ISP, power, water, sewer, etc.) all asked me for the same information. While I was getting an account with the electric coop, I asked for the associate there to show me the process. I entered my own information into the portal (from Experian), which promptly responded that I don’t exist since I didn’t put in my real information. I ended up putting huge deposits on all my services (totalling over $1000) just to protect my personal info.

      • Karita says:

        @darkforcesjedi: Still, I don’t see why there aren’t limitations on who can get that info, just like there are limitations on who can pull your credit report.

        When I bought my house, I did provide most of that info to all the various parties. But they asked me for it, they didn’t just mysteriously get it. I understand why they want it, even if I don’t like it. I don’t understand why Dell wants it, or has a right to it, when they aren’t extending credit.

      • Karita says:

        @darkforcesjedi: Also I see that you mention that they don’t have it, they just plug it into a system that verifies it. But there is very little difference, in my opinion. And at that point, they do have it. In fact they have it for millions of people who have provided it without question.

    • darkforcesjedi says:

      @Karita: I should note that during this process, they do NOT receive your credit score or your credit report (as that WOULD be illegal). The score reported during this process is not an supposed to be an indicator of credit worthiness.

  9. robocop is bleeding says:

    I learned a lesson about giving false information to salespeople recently:

    So after bungling a repair job, Sears sent us a 50$ gift card. My wife and I decided to spend the card on a new vacuum in order to combat the hair problem owning three rabbits can present.

    We stop by our local Sears while on the way to the movies to pick out a vacuum. We find one, no problem. The gift card covers most of it, but whatever.

    We take the vacuum up to the counter to pay for it (actually, multiple counters before we find one that’s actually staffed, but that’s another story for another day). While we’re being rung up, the clerk asks for my phone number. I normally don’t give out my phone number as it’s a cell phone and I don’t want to pay for minutes for sales calls.

    I don’t want to deal with the clerk insisting I give a number. So instead I give my number, except I change the last digit. That way, the clerk can enter a number and meet whatever quota he might have and I don’t get on a phone list. Of course, that modified number exists in their system. “Oh! Anthony, from Lynn?” the clerk asks.

    “Er, no,” I reply. I just want to pay for my vacuum and leave, little do I know my change-digit lie would stick me there long. “That’s not me.”

    “OK. That’s not a problem. What’s your name?”

    For some reason, I blurt out, “Raoul.” I also give my last name, which is frequently misspelled as a common Irish last name. I doubt there are many Raouls in Ireland. My wife shifts to behind the vacuum box to keep from being caught snickering.

    He starts to look up my Nome de Sears and takes several minutes before exclaiming, “There you are! Raoul from Weymouth!”

    My wife makes a strangled noise as she tries to keep from laughing. I, on the other hand, have a cold pit in my stomach when I realize that if the gift card is not enough to cover the vacuum, I might before forced to use my debit card for the balance.

    My debit card, which has a completely different name on it.

    I think about all the Consumerist articles I’ve read highlighting both the idiocy of Sears and the joy security guards get out of bullying their duties. Is there a Sears jail? My wife thinks my pause is because I too am trying to not laugh, which just makes it all the harder for her to refrain. Her eyes are watering and her face is red. There is now a line behind us.

    I dig out my wallet. Luckily, I have just enough cash – we’re talking down to the quarter – to complete the purchase. We grab our vacuum and receipt and flee to the parking lot. Once we’re in the car ten minutes pass before my wife has stopped laughing enough to drive without crashing into anything. I then show her the receipt, complete with its note thanking Raoul from Weymouth for his purchase.

    We didn’t get the car started for another fifteen minutes.

    So Sears’ policy of building a customer database, combined with my white lie, turned an easy 2 minute transaction into a 7 minute transaction plus almost a half hour of howling laughter.

    We missed the movie.

  10. alpo602e23 says:

    The order was flagged as possibly fraudulent by the system or it was randomly sampled. You were talking to the fraud department. There are any number of fraud algorithms that could have been used to flag your order. The item purchased, the time of day it was ordered, maybe there were several frauds in your neighborhood, who knows?

    No, it is not illegal for them to ask you these things.

    Yes, they can and will cancel your order if you refuse to verify anything. It is your choice and I’m sure that was explained to you.

    They have access to birthdates, SSN’s, addresses, etc., for everyone in the country through a 3rd party verification tool such as Lexis Nexis. This information is widely available to any number of organizations. It doesn’t matter what information you may have given them in the past.

    This is all standard operating procedure for a large company. You may not like it, but it is for the protection of the company and all of their customers.

  11. leastcmplicated says:

    Maybe i’m missing something but i dont see the big deal, they didnt ask for his entire SSN nor did they ask for the CC#, they asked for the last 4 digits and a birthday. Not going to be able to steal much with that info… besides you give it out every time you call up a company.

    • katstermonster says:

      @leastcmplicated: Last 4 digits + birthday can be used as identity confirmation for a LOT of things. If you had my birthday and last 4, you could get into my FAFSA applications, or PeopleSoft at my school. From there, the information available is absolutely endless.

      • leastcmplicated says:

        @katstermonster: Katstermonster, if i could hack into your school to get into PeopleSoft I wouldnt be the slightest bit worried about not having your birthdate and last 4 of your ssn lol, its not like i’d be “awww damn well, now i’m here hacked into the Uni’s PeopleSoft, if only I knew the last 4 or someone’s social” Not trying to be assholish, but seriously what else can a person do to even FIND OUT you have financial Aid OR what uni you go to just by the last 4 and ur birthdate?

        • katstermonster says:

          @leastcmplicated: They may have my first and last name, too, so it’s not that hard to figure out what school I go to. My PeopleSoft has financial aid in it, but it also has my mailing address, my parents’ names (my mom never changed hers, so there’s my mother’s maiden!), etc. This is truly a hypothetical situation, but I’m just trying to point out that last 4 + birthday are NOT as harmless as people think, since they’re used as verification on so very many things (someone else said credit cards use them as well). Also – why does Dell even need that information in the first place?

      • jimv2000 says:

        @katstermonster: It takes a little more than that to get into a FAFSA. You need the whole social security number, full name, birthday, and secret PIN number. And someone would have to be at your school to get into Peoplesoft.

    • Quatre707 says:

      @leastcmplicated: Knowing someone’s date of birth and the last 4 digits of their social security number is enough to gain access to most hospital networks in America.

  12. Preyfar says:

    I know Dell does this if you use Dell’s DPA system, and they get your information that way. So if you ever signed up for it, or used it in your order, Dell would have that data to confirm your identity.

  13. Dyscord says:

    Maybe I’m not as paranoid as I should be, but if they’re willing to go the distance to verify your identity, especially considering all the fraud going on, then how is that a BAD thing?

    Especially since they’re asking for your birthday and the LAST 4 digits of your SSN. If they were asking for your FULL SSN then I’d be worried.

    • katstermonster says:

      @Dyscord: See below – that information is used as confirmation for a LOT of things.

    • jimv2000 says:

      @Dyscord: Paranoia is trendy on the Consumerist. Companies are damned if they do verify, and damned if they don’t. The same people who are complaining about Dell verifying this guy would be the same ones complaining if his Dell credit account was being used by someone else.

    • Gizmosmonster says:

      @Dyscord: When it comes to large companies and paranoia, I don’t think CR goes far enough. We are wooed, tracked, pinpointed, and blackballed with that information. How does the last 4 of my SS# prove my identity once I have given it to a few verification systems? It doesn’t.

      What it does do is allow huge databases out there to link my information together. Names are notoriously hard to use in datamining. Chuck, Charlie, Charles could all be the same guy. Throw in the phone # or last 4- and now you have a data file that has some value! I am not helping them do this.

  14. katstermonster says:

    I’ve said it a few places above, but I’m fairly sure fist and last name, birthday, and last 4 are the only things needed to get into a FAFSA application. You need your PIN, but I bet you can retrieve that with the same information. And oh yeah, FAFSA contains a LOT of personal information.

    You could also get into my school’s PeopleSoft and enroll me in some random classes, if you wanted. heh.

    • gStein_*|bringing starpipe back|* says:

      @katstermonster: i just want to know wtf they’re verifying it against, unless you gave them your ssn previously…

      • katstermonster says:

        @gStein_has joined the star bandwagon: Exactly.

        @jimv2000: First of all, I said “I’m fairly sure,” I was just making a suggestion, not putting it out as gospel truth. Second of all, as someone else has already pointed out, the only other thing you need is your gov’t issued PIN, which can be re-issued with a similar collection of personal information (I know this because I forget or lose it almost every year, without failr). Third, as gStein pointed out, if you never gave Dell that information in the first place, what are they verifying it against?

    • jimv2000 says:

      @katstermonster: You should go look at the FAFSA (fafsa.ed.gov) before making that claim.

  15. jamesdenver says:

    I had a deviation of my phone number I used for a while, and occasionally I’d think “gee I hope nobody else has this number”

    The wrong number was registered as my Comcast phone # (of course so they can’t call and bother me.)

    When I paid a bill I entered my “phone #” as usual and ended up paying someone else’s bill – who probably had that # and started service.

    I fixed it and now give a fake # that’s obviously fake – and don’t care if they ask or see it,.

  16. ninabi says:

    We were planning on bidding on a trained mustang in a few weeks.

    Per the trainer’s advice, we contacted the people in charge of the competition and I downloaded forms from the Bureau of Land Management.

    I know they want the animals to go safe homes with responsible owners but the information they wanted was just too much-

    Along with our address and details about where the horse would be kept they wanted the following-

    Driver’s license number
    Social Security number
    and…
    Our credit card number and expiration date.

    All this, mailed to two different offices. Who was going to be handling this information? How is our identity supposed to be kept safe?

    We’re disappointed but it was not worth the risk. I’m curious if anyone else has had such an experience.

    I think I’d refuse to give my birthdate and SS# over the phone, too. Identity theft is all too common.

    • gStein_*|bringing starpipe back|* says:

      @ninabi: i’ve gotten into the habit of writing in “available upon request” in place of SSN when filling out such forms – a few times, i’ve been called in order to get it, but otherwise, it’s usually not needed

  17. kmw2 says:

    I was recently asked to verify my financial information using information about my sisters! WTF?

  18. Steeb2er says:

    I’m probably going to get exiled for this, but I actually give my real info when asked for it, and it’s never been a problem. (I know, it only takes one time) I understand keeping your SSN under lock and key, but trying to remember fake names and fake phone numbers and fake addresses just seems excessive.

    The only company that calls me is Verizon, my cell provider. I can handle that.

    • Skaperen says:

      @Steeb2er: It’s OK to give out info to someone you trust, when you know who it is, and that trust includes knowing they will handle the info properly. If someone calls you and CLAIMS to be from Company X that you know you did business with, how do you know THIS person really works for them?

      • secret_curse says:

        @Skaperen: You can always tell them that you’re uncomfortable giving that information on an incoming call, so you’re going to get off the line and call the publicly listed number for the company. Ask if they have an extension you can get to through the company’s main phone portal and you’ll be glad to call them back.

        Credit card companies do this all the time. In fact, when my credit card company calls me I get a robo call telling me to please call them back using the number printed on the back of my card at extension X.

  19. bones11 says:

    I used to do verifications for a large online musical instrument retailer. We had this process but we never verified ssn and birthdate with a sub because we didn’t know that information. Instead, we had a specific line for each credit union and credit card company to call. We gave that rep the credit card number, the customers name and address. All that rep said is yes or no but wouldn’t tell us which bit of info was wrong, we would then call the customer back to try and reconfirm the right cardholder information, then repeat the process until we got a match with the financial institution.

    The only difference is we were handling orders of $1000 and more on a regular basis.

    • bwcbwc says:

      @bones11: That’s the old way. The new way is they feed your info into a data-mining service and the service flags certain transactions for follow-up. In some cases, the service provides additional questions for the CSR to ask to verify your ID.

  20. mereshadow says:

    Well, actually I just got my birthday greeting from Dell – I’ve had an account on Dell Direct for years and they offered some “birthday” discounts – so they do send birthday greetings! ROFL

  21. Evil Otto - sleep deprived ftl says:

    “May I have your phone number?” “Sorry, it’s not listed.” “We have to put something in” “Fine. 555-1212.” “I need your real number” “No you don’t, and you’re not getting it, ask me again and you can put $item back on the shelf and watch me walk out.”

    I’ve never given out my home phone number to someone who had no legitimate need for it. Buying $5 worth of RJ-45 terminators does not create this need (I’m looking at you, Radio Shack. DIAF.)

    • Skaperen says:

      @Evil Otto – sleep deprived ftl: I’ve declined that so many times … specifically using the words “I decline” … that the RS staff even describe me to the new people they hire and tell them to not even bother ask me that.

    • snowmentality says:

      @Evil Otto – sleep deprived ftl: I recently went through this at Party City. At first I said “I prefer not to give it out” and apparently that was okay. But when I went to return two items later the same day, with my receipt, picture ID and the credit card I’d used to buy the items, another clerk absolutely dug in her heels and insisted that they needed a phone number to do the return. I explained I didn’t give one when I bought the items. She insisted “We definitely need it for a return.” I’d have kept arguing if there wasn’t a line building up behind me. But I caved and gave my office number to avoid starting a riot.

      I need to memorize the local Rejection Hotline number and start giving that out to stores.

    • mazzic1083 says:

      @Evil Otto – sleep deprived ftl: Hmm what is DIAF? Die In A Fire?

  22. Meddygon says:

    T-mobile once asked me for the username and password to my vonage account when I was transferring my home phone to T-Mobile’s @home service. I simply told the rep that “I don’t see how that will assist you at all. You may not have it.” She insisted that it’ll make the process go faster. After refusing again several times, she said “fine, whatever” and said the order would be processed, but it would take longer.

    Three weeks later I called T-Mobile and asked why my number had not been transfered yet: turns out the rep I spoke to decided to not start the transfer. The new rep I was on the phone with started the process then and there; no mention of the username and password.

  23. davidj5684 says:

    When I tried to sign up for cable 2 years ago comcast was trying to get my full SSN out of me! They refused to let me create an account/ order service without it. My only alternative was to go into the local branch if I wanted to sign up without it.

    I went to the local office and they made me show a utility bill to prove I was a resident at the address I wanted service at (Like I would try to pay for someone else’s cable at another address??? LOL). I got the account set up.

    Funny thing is- everytime I have to call comcast about something (whether its cause of tech trouble or calling billing every 6 months to get them to give me promo price again), they ALWAYS ask me for last 4 of SSN! First couple times I tried explaining they dont have it so how would they verify, then the reps ask me for the last payment and date. One time I told the guy it was 1234 (which it is NOT!) and he said ok and started talking to me like normal. When he took a pause I asked “I thought you were verifying my SSN? How did you do that if you didnt have my # in first place and I gave you a bogus #”. He didn’t know what to say!

    Sadly I think phone reps are usually just reading a scripted opening (or have it memorized).

    I dont get why most companies would ever need this info and if they try to make you give it to provide service I would not deal with them!

  24. highmodulus says:

    The 555-1212 works great, especially when you use the local area code first.

    Of course, now you get harassed to buy worthless extended warranties and magazines and such (looking at you Best Buy). Any wonder why most of my stuff comes from Amazon now. . .

  25. Skaperen says:

    It does not matter what the company is or who the person is … NEVER EVER give out any personal information of any kind to anymore who calls you … unless you know the person well enough to verify exactly who they are with 100% certainty and it is someone that genuinely needs the info and you understand exactly what it is for and you personally trust that person to handle safely and securely (which should be almost no one … maybe your spouse if the relationship is excellent).

    That phone call just reeks of phishing going on by the contractor, or the people working there, that Dell hired to do various support or other back office functions.

    No verification process should ever need more information than was originally given. And since they should also never give out such info, verification would be limited to cross checking older information with a newer order. For example, if you did not give a phone number on this order, but did give one in the past, they can call it to verify if the order was placed. At most they should say what was ordered and ask if you ordered it. Confidential info like SSN, CCs, birth date, mother’s maiden name, should never be given out by either party.

    This should be reported to Dell … via the EECB.

  26. SidusNare says:

    I am angered by how caviller companies and the government are with our SSNs, the last 4 digits are the most important ones, If I know when and where you were born, I have the first set 2 sets of numbers, that’s all they are, is what region and when.

    If you get a dump of Dell’s database, and it has last 4 + DOB you can just guess that they haven’t moved their entire life and probably be right 50% of the time. That has to still be millions of SSNs

    I wish I have the money to win injunctions against anyone who sent me anything with any part of my SSN on it.

    You can read more at [w2.eff.org]

    • secret_curse says:

      @SidusNare: Actually, the first 2 sets are where and when you were registered with social security. They aren’t necessarily where and when you were born. In general, a person will be registered near their birthplace soon after birth. It’s not always the case, though. For example, my sister is 4 years older than me, but my SSN is a lower value than hers.

  27. baristabrawl says:

    I can’t tell you the number of times I’ve verified my SSN and Birthday with false information. If they accept it, then it’s a lie and useless to them. If they don’t accept it, then I know they’re for real. I’ve never been rejected.

  28. colorisnteverything says:

    Tiger Direct does verification and I feel far better that they do! LOL. Of course, they just ask for birthday, address, last 4 digits, but I am glad that they did on my $400.00 order!

  29. 2 replies says:

    My rule of thumb; Do NOT divulge ANY personal information in a phone call unless YOU YOURSELF initiated the call.

    I’m blown away by then number of consumerist readers here who admit to giving away personal information in a phone conversation they didn’t initiate.

    You can’t control the security of your data when it’s in other people’s hands, so you can’t be sure a third (possibly malicious) party doesn’t have access to it.
    Remember, not only can caller ID be blocked, it can also be spoofed to appear to be another number.

    That said, the only way to be sure you’re actually talking to the company you think you are is if YOU YOURSELF dial the number.

    (It’s the same idea behind not clicking links in incoming banking emails. Open your browser, manually nav to your bank’s site and log in as you normally would. Don’t use email links.)

  30. dragonwerx says:

    Back when Bill Clinton was in the White House, my husband bought something at an electronics store (don’t remember which now). They wanted his phone #, employer and employer address…for a credit card purchase, I think.

    He gave them the standard (nnn)555-1212. The rep scowled, then asked for employer’s name. “Mr. William Clinton,” was the reply. Rep dutifully types that, then… “Hey! That’s the president – how can he be your employer?” Husband said, “I’m in the Army, and he’s the Commander-in-Chief.”

    Rep now had a black cloud over his head. “OK, just give me your real employer’s address.” Husband: “1600 Pennsylvania Ave,…” Rep: “That’s the White House! You don’t work there!”

    Husband: “I don’t work there, but that’s where the Commander-in-Chief lives. Now do you want to sell this stereo to me or not?”

    In the end we walked out & bought elsewhere. In retrospect, I can see that our efforts were made null & void by millions of socially engineered people willing to exchange personal information for a widget.

  31. dwasifar says:

    Back in the pre-Netflix days, I used to travel a lot, and sometimes I would rent movies at local Blockbusters while traveling. They always wanted a local phone number before they would rent to me. Sometimes I would give them the hotel number, but other times I wouldn’t have it, so I hit on a better solution. Every Blockbuster movie has the store information printed on it, including the phone number, so I’d just note the phone number on the box while I was waiting to check out, and when asked for a local phone number I’d give them the number to their own store.

    None of them ever caught it.

  32. Stuey says:

    They probably wanted to pre-authorize him for a credit card or to check his credit report, or similar.

    Why do I say this? A few years ago I ordered a laptop from Dell over the phone. All was fine except they grossly misspelled my name on the order. A few weeks later, I checked my credit report, and it included the new misspelling as an alias of mine. How could this have happened if not for the Dell rep checking my credit for who knows what reason.

  33. f5alcon says:

    I am pretty sure that is against Dell policy to ask for that information, I would report it to dell,

    [www.dell.com]

    privacy@dell.com

  34. jiminator says:

    fraud is a huge problem for any big company today. All you need is a voip line and a list of names, addresses and stolen credit cards. Net result is it can wind up costing the company millions on a yearly basis. dell is only doing some due diligence in trying to weed out some obvious fraud. it leads to some unpleasant customer experience, but no doubt when they weighed the risk of lost sales vs the risk of outright fraud the latter risk was more costly to the company.

  35. clevetheripper says:

    Sales reps get graded on lots of metrics, one of them is financing. Some of the slimier ones will try to get ssn and other info from you so they can pre-approve you w/o your knowledge and then heavily try to sell you on their gawd awful financing or put your order through on it w/o your permission. I used to work in Dell Sales. I have seen most of the tricks.

  36. Roeroica says:

    this sounds like a standard call if he has a fraud alert on his credit – but it is strange the CSR didnt frame it that way

  37. rwalford79 says:

    When I signed up with a wireless provider (an MVNO mind you) they required me verify names of family members, old addresses, addresses of my family members, and any past phone numbers I used.

    I pretty much refused, and only offered to verify my LAST PUBLIC FILE ADDRESS and NUMBER. They then required a larger deposit. I agreed.

    I didnt want to give any extra information then I thought was needed.

    Turns out, I was smart… That MVNO was owned and operated by a controversial cult that is getting banned left and right around the world. They know who I am, but dont need to bother my relatives.

  38. typingmonkey says:

    I realize I’m a little late to the discussion but wanted to add my experience which differs a little. I just went through a similar situation with Tiger Direct. Their verification department called me for the last 4 digits of my SSN. I said I wouldn’t give it and he said they would have to cancel the order. So I called TD myself, and said I would verify my identity with them if I called them, but it was very strange to ask me to give my personal info to someone who calls me, from a number I don’t recognize, whether or not they say they are from Tiger Direct. The customer service rep seemed sympathetic, and put me on hold for the verification dept. again. This time the rep did not ask for any part of my SSN – but just asked that I verify:

    1. my full name, and

    2. how long I have lived at my current residence.

    They didn’t get that information from the order form. They are clearly looking at a *credit report**, which I did not authorize. Isn’t this illegal?