First, it was “phishing” and now criminals have come up with yet another scam called “vishing”.
With phishing, consumers receive an e-mail supposedly sent from their bank or credit card company asking them to update their account information and passwords. The e-mail directs the consumer to click on a link that takes them to what appears to be a legitimate site. The e-mail informs the consumer that the bank or company was requesting this information because of suspected fraudulent activity going on with their account.
Of course, as soon as consumers click on the site and provide their personal information, they immediately become part of an illegal identity theft collection system.
Now that consumers have become more aware of phishing, criminals have developed another scheme — vishing. Over the past several weeks, several Texas banks and their customers have been hit with this scam. It generally occurs over the weekend and by the time the bank opens on Monday morning, the damage has been done.
According to the FBI, these scams usually work one of two ways. In the first scenario, a consumer gets the typical e-mail, like with the traditional phishing scam. But instead of being directed to an Internet site, the consumer is given a phone number to call. Those who call the “customer service” number are led through a series of voice-prompted menus that ask for account numbers, passwords, and other critical information.
In the second scenario, the consumer will receive a phone call rather than an e-mail. The call could either be a “live” person or a recorded message telling you to take action on your account because of suspected fraudulent activity. The phone caller or recording usually already has some personal information on you, including your account or credit card number, so you think you are actually talking with someone from your financial institution or credit card company.
Because of recent technology called VoIP—Voice over Internet Protocol—identity thieves are able to use software programs to create phony automated customer service lines. They can mask the number they are calling from, thereby thwarting Caller ID. The number comes up on Caller ID as being from the bank. It can even show the bank’s actual phone number.
How You Can Avoid Becoming a “Vishy” Victim
Never call a phone number included in an e-mail, no matter how “official” looking it is. Even if the logo looks like your bank or credit card company logo, do not call the number until you verify the number.
People are generally trusting, but when it comes to your financial information, NEVER give out your account number, your password, your PIN, or other personal information to someone who calls you. It takes just a few minutes to look up the number in the phone book or check the phone number on your bank or credit card statement. It is a good practice to enter your bank’s phone number into your PDA, cell phone or rolodex and use only that number when contacting your bank. If you bank at a community bank, get to know someone at the bank and if you are ever suspicious, ask to talk to that person. If you don’t recognize their voice, hang up and call back.
Remember, a legitimate secure website (i.e. https://), requesting personal information will have an “s” in the http and a padlock in the browser. The “s” indicates that the website is on a secure network connection. If you don’t see either of these icons, delete the e-mail. Better stll, bookmark your bank’s website and use only that bookmark to go to your bank’s website.
Being overly cautious with your personal and financial information might just save you a world of headaches.
For more information and safety tips to prevent vishing, talk with your local community banker. They want to keep you and your money safe.
Provided As A Public Service By The Independent Bankers Association of Texas and the Main Street Foundation