Are You Ready for "Vishing"? Vishing
Scams Use Phones Instead of Fake Websites
In a new twist, identity thieves are sending spam that warns
victims that their credit union/bank account or PayPal accounts
were supposedly compromised. However, unlike typical phishing
emails, there is no website address in these phishing messages.
Instead, the victim is urged to call a phone number to verify
The automated voice message says: "Welcome to account
verification. Please type your 16-digit card number."
The goal is to get the victim to enter their credit card number.
In these reported scams, no mention of the credit union, bank
or PayPal is made.
Security experts tracking this scam and other instances
of "vishing," short for "voice phishing,"
say the frauds are particularly despicable because they imitate
the legitimate ways people interact with financial institutions.
In fact, some vishing attacks do not begin with an e-mail.
Some come as calls out of the blue, in which the caller already
knows the recipient's credit card number. This increases the
perception of legitimacy, the caller asks for the valuable
three-digit security code on the back of the card.
Vishing appears to be prospering with the help of Voice
over Internet Protocol, or VoIP, the technology that enables
cheap and anonymous Internet calling, as well as the ease
with which caller ID boxes can be tricked into displaying
- Never call a number you receive from a spam email, and
if you do call by mistake, certainly do not enter any private
information. If you want to call your bank, use the phone
number you normally use, not a phone number you receive
in an e-mail.
- Never click on the link provided in an e-mail you believe
- Do not open an attachment to an unsolicited e-mail unless
you have verified the source.
- Do not be intimidated by an e-mail or caller who suggests
dire consequences if you do not immediately provide or verify
- If you believe the contact is legitimate, go to the company's
website by typing in the site address directly or using
a page you have previously book marked, instead of a link
provided in the e-mail.
- Visit the FTC (Federal Trade Commission) website, www.onguardonline.gov.
You will find interactive quizzes designed to enlighten
you about identity theft, phishing, spam and online-shopping
scams. The site also provides detailed guidance on how to
monitor your credit history, use effective passwords and
recover from identity theft.