Beware of Potential "Vishing" Scams

October 9, 2018
Cyber Alert

Download a PDF of the alert

Risk Management Question: What should I do if I receive a call from my bank or a retailer about possible fraud or suspicious charges made with my credit card?

The Issue: A phone call from your bank or a retailer that suspicious charges were just placed on your card or account can be difficult to ignore. Voice phishing or "vishing" scams involve a caller impersonating a legitimate company to steal money or personal information from the victim. These types of scams are on the rise—the Federal Trade Commission has reported that 77% of its fraud complaints involve contacts by telephone.

There are a number of open source and free tools available that allow a hacker to spoof a legitimate phone number on caller ID, which adds a sense of legitimacy to the scam. You see the call is from a number supposedly associated with your bank or a retailer you use and think this can't be a scam. But you should never trust the number that appears on a caller ID.

Coupled with the use of Voice over Internet Protocol (VoIP) calling systems, these calls are virtually untraceable because they occur over the internet. And they are becoming increasingly sophisticated. Here's a short article from a noted security researcher, Brian Krebs, which explains how even technology experts are falling for these scams:

Risk Management Solutions:

If you receive a call from a bank or retailer regarding suspicious activity involving your account or charges placed on your card, remember the following:

Even if it's just answering your phone, remember to be careful out there.