Published: October 16, 2021 on our newsletter Security Fraud News & Alerts Newsletter.
Ask a robocall recipient and they’ll tell you that robocalls are annoying and a waste of time. But the victim of a phone scam (vishing) will tell you it could mean losing a lot more than just time. Like email phishing, falling for a vishing scam can put you in danger of losing your identity, your money, and any other private information a criminal can get. So, what to do when the caller claims to be from a trusted business and has a legitimate reason to call?
The latest vishing trend exploits the likes of Apple, Amazon, Google, and other trusted tech companies. A caller will tell a user there’s an issue with their account that needs immediate action, even leaving voicemails with the same urgent message. Using popular big tech names adds credibility to the call, especially if the person answering the phone has an account with the tech company. Happy to help resolve the issue, the victim could hand over their full name, account number, password, credit card info, address, and more. And that doesn’t help anyone but the criminal.
Although vishing topics evolve with the times, the goal remains the same: get your trust, your financial data, and perhaps your identity. Email phishing scams are designed to work in a similar way, starting with trust. Fortunately, there are ways to stop or seriously hinder vishing and email scams, and common sense is always the best tool to start with.
Details Do Matter
Be skeptical of any call or email, and those requiring a quick response should go to the top of that ignore list. Ignoring them is always fool proof, but if you’re curious, hang up and call the company’s official support line to verify if it’s legitimate. If an email has a similar message, closely check the URL for sneaky typo’s like “Gooqle.com." Type-in the company’s official URL yourself or call them to get your answer. Remember, never call a provided phone number, URL, follow email links or open attachments.
Be aware that most companies and federal institutions don’t call directly, especially unsolicited. Most, like the IRS, will use snail mail to alert you of something important. Some companies do send emails but pay attention to spelling mistakes and bad grammar – it’s a sure sign of a hacker. If a caller has a demanding tone or uses urgency or scare tactics, hang up and move on.
Consider putting your phone number on the government’s “National Do Not Call Registry.” It won’t stop calls from some charities or political fund raisers, or even stop calls completely, but it goes a long way keeping bad actors from getting through to you. There are manual call-blocking tricks for smartphones, and call-blocking apps are available. Always research the app company and read customer reviews before signing up.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at email@example.com