I had thought those days were behind me, but I guess not. So in addition to phishing, another attack vector that scam artists and hackers are starting to employ with greater frequency is Vishing or Voice Phishing.
The common approach is that they get a list of names and phone numbers and will call folks and pose as their electric utility, their cell phone provider, or the water company. They will be calling because they either didn't get your last payment and now have to shut off your service, or have some other urgent matter to speak with you about. I have also seen where this is automated using a phone dialer and a recorded message instructing you to call another phone number immediately to resolve the issue. They will then try to get you to provide them with your personal information in order to "verify" who they are speaking with. They will structure the call in a way so they get your information in pieces so it doesn't raise any suspicions. They may try to get your banking or credit card information in order to "pay your overdue balance". Remember, if one of your service providers is calling you, they should already have your information as they are calling your phone number of record.
Red Flags to look for:
- Your utility companies will give you multiple late notices and you will need to be 2+ months late on paying your bill before they shut off your service.
- If you get one of these calls and are not sure if it is a scam, hang up and call the phone number on your last bill. This way you will know if it's legit.
Another popular vishing scheme is to call posing as the IRS. This scam has been targeting businesses and individuals alike. The "agent" will claim that you have an outstanding tax debt and it has to be paid immediately or you will be taken to court, lose your house, business, car, and bank account. As with "turning your service off" above, this scam preys upon most people's fear, and who isn't fearful of getting into trouble with the IRS? In some cases the scam is more about getting your social security number and date of birth rather than payment. Either way, don't give any information over the phone.
Red Flags to look for:
- The IRS will never call or e-mail you about a tax debt, they will send you notice via certified mail.
- The IRS will never ask you to pay your tax debt using Western Union, Money Gram, or by getting a prepaid debit card at your corner drug store.
While the above two schemes have been known to target both individuals and businesses, the last one I'll be discussing is just focused on individuals.
In this scenario, the caller will tell you they are calling from the local courthouse, and you had been sent a notice for jury duty months ago, but you did not show up to court today, so you are now in contempt. If you want to get out of going to jail, you need to immediately send money to pay the fine using Western Union (or one of their competitors). Again the fear factor is used to create panic and a sense of urgency.
So the lesson here is you need to authenticate the person on the other end of the phone. When in doubt, hang up and call back using a phone number you know is legitimate.
If only my grumpy old neighbor could see me now.
Be Secure!
No comments:
Post a Comment