Today my postbox contained an application, in my name, for a NatWest platinum account. The form was already filled in, it just needed my signature. It had my correct name (not really a secret) my correct address (available in a few places publicly, such a the Electoral Register), my correct date of birth (not a big secret).
It gave a mobile number that isn't mine, an email address that isn't mine. It listed my occupation as medical (it isn't) and a made-up salary etc. It's an attempt at fraud; all they needed to do was intercept that application (perhaps by fishing it out of my letterbox?). writing something that looks like my name as a "signature" and they would have their account, all ready to commit frauds.
So I called NatWest. And after being passed around a couple of times, I was able to talk to someone who said they'd pass the case on to their "identity theft" department. But the impression I got from him was that the bank felt that it was my job to defend myself from identity theft (how? I reminded then of the recent Equifax loss of 140 million personal details) and not theirs.
So I explained that I feel that it is the bank's responsibility to ensure that the people they make loans to actually exist and have requested those loans.
We don't have a bank account with Natwest, whatsoever. So.
The upshot is, we're going to upgrade our letterbox so that it becomes one-way. The postman or any delivery service will be able to put things in, but you won't be able to fish things out unless you have the private key. It was already supposed to be like that, but ladysolly used a coat hanger to fish stuff out.
A bit like RSA public/private key encryption, really.