Consumers: How to avoid dangerous and costly telephone scams

Posted on: May 1st, 2012 by art

Criminals are after your personal information and money, and the telephone is one of the most popular ways to do it.

Merriam-Webster first included the new slang word “phish” into its dictionary in 2005. Phish (verb): to send an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.

Well, now there is an even newer word for the fast-growing risk. Vishing, or “voice phishing” is a type of scam that criminals use over the telephone to obtain consumers’ personal information and money. The way it works is a fraudster calls someone on the phone, but makes the call appear to be coming from someone else by “spoofing” or altering the Caller ID that the consumer sees on the display.

This scam has gotten so common that if your caller ID display indicates the call is coming from your bank, there is a reasonable chance that it is not.

In this type of Vishing attack, you will receive a call to your home or wireless phone from a “live” person or recorded message that appears to be coming from a known reputable institution. The caller will ask for money or your personal information.

Fraudsters are also luring victims to seemingly credible toll-free phone numbers where an automated recording asks for account information. Those who call the fake customer service number are greeted with a pirated recording of an automated voice system, ostensibly for the reputable institution, and are requested to enter their card number to authenticate themselves. They are then led through a series of voice-prompted menus that ask for their PIN code, card expiration date, date of birth, and other critical pieces of information. Once the victim enters these details, the scammer has enough information to commit identity fraud.

What do Vishing scams look like?

  • Typically, an incoming recorded telephone message using a spoofed Caller ID that matches the identity of a misrepresented organization.
  • An urgent email or text message from a known institution that directs you to a bogus toll-free number.
  • An invitation to punch your personal information on your telephone keypad. From there, criminals capture the key tones and convert them back to a numerical format.

Characteristics of Vishing:

The content of the incoming message generally is not personalized, and is designed to trigger an impulsive reaction such as:

  • Upsetting or exciting information
  • Demanding an urgent response
  • Using a false pretense

What data is at risk?

Any numerical personal information, including:

  • Payment card information (numbers, expiration dates, and the last three digits printed on the signature panel)
  • Personal identification number (PIN)
  • Social security number
  • Date of birth
  • Bank account numbers
  • Passport number
  • Driver’s license number

How crooks use your information?

Once your personal details have been stolen, fraudsters can use them to perform any number of identity crimes, including:

  • Taking control of your financial accounts
  • Open new bank accounts
  • Transfer bank balances
  • Apply for loans
  • Credit cards and other goods/services
  • Luxury purchases
  • Hide criminal activities
  • Receive government benefits, or
  • Obtain a passport

What can you do reduce your risk?

  • As a general rule, be suspicious when receiving any unsolicited incoming texts or telephone communications.
  • If an email or caller does not use your full name, it may be suspicious.
  • DO NOT use the number provided to call back.
  • If you are asked for sensitive information, hang up.
  • Never provide personal information in these circumstances.
  • Never rely solely on your telephone Caller ID function.

What to do if you suspect fraud:

  • Consumers have a role to play in stopping Vishing scams. You are encouraged to recognize, report and stop it.
  • Do not react immediately without thinking.
  • If this concerns you, investigate by using telephone numbers known to be valid. In the case of credit cards, for example, use the telephone number printed on the back of the card.
  • Never provide personal or financial information to non-validated sources.

Vishing scams target all types of individuals. It doesn’t matter if you are an employee, consumer or student, continuing to educate yourself about the latest fraud tactics that criminals use to steal personal or financial information can play a critical role in protecting your identity, money and confidential information from getting into the wrong hands.

Tags: , , , , , , , , ,

Comments are closed.

  • REQUEST INDUSTRY BRIEFING PAPERS
  • VIEW DEMO
  • USE CASE
  • ANI SPOOFING TOOL

  • CISO Text

             

    Authentication without caller involvement materially improves the customer experience, especially for ‘premier accounts.’ TrustID will greatly assist with not only customer service, but also with board level compliance issues.

    – CISO, top 10 global bank

  • CISO 2 Text

             

    As less customer PII is made available to our contact  center advocates for identity validation, our enterprise risk of a costly data  breach is dramatically decreased.

              – CSO, global financial company

    Offshore agents are highly vulnerable to fraud schemes  and social engineering. TrustID’s solution enables informed routing decisions,  optimizing agent cost reduction programs.

             - CISO, top 10 global bank           

  • VP Quote text

         

    Since  it is now commonly sold by criminals, personal information for identity  authentication is no longer the single solution to identity resolution. The  value of knowing reliably that a customer is calling from their phone is far better security than knowing the last four digits of someone’s SSN.

    - VP of Card Fraud, large international bank