Vishing

As computer users have become more educated about the dangers of phishing emails and have learned to avoid them, perpetrators have begun incorporating the telephone into their schemes. This new wrinkle on the phishing ploy has been termed vishing, indicating that it is a combination of voice (phone) and phishing.

In a typical vishing attempt, you would receive a legitimate-looking email directing you to call a number. This would connect you to an automatic voice system, which would ask for your credit card information. In some cases email wouldn't be involved at all. Instead, you would receive an automated phone call requesting your account information. Often the perpetrators would already have your account number and would be requesting only the security code from the back of your card.

The increasing use of VoIP is facilitating this form of fraud. Users can telephone anonymously. In addition, caller ID devices can be fooled into displaying a false source for a call.

Handle a vishing attempt as you would a phishing situation:

• Don't respond to it.
• Don't call a number given in an email.
• Don't give out your account information in response to a phone call you didn't initiate.
• Contact your credit card company directly and only by your usual means.

Last modified July 24, 2006 by cawalker