Vishing & Other Personal Security Threats

We might be familiar with “phishing” or the obtaining of your personal information using an e-mail containing a hyperlink. The verbiage in the e-mail leads you to click the link in order to harvest your personal details via a false web site, according to MSNBC.com. The Associated Press reports this fraud imitates legitimate ways that people usually contact financial organizations and other companies.


Advertisement


Full-featured accounting software at an easy-to-afford price.

PLUS:
- Total integration throughout
- Data migration for QuickBooks upgrades
- Complete security -- audit trail and
employee access control
- GAAP Compliant
- Installation services
- Wide range of training options
- U.S.-based support

Contact Cougar Mountain today for a free demo!


The July 17, 2006, issue of USTelcoms Crossroads Express stated, “The new technique has been used by criminals to collect details from credit cards, including the three-digit CVV security code, expiration date and account number. ‘Vishing’ scams usually begin when a criminal gets a cheap and easily available VoIP number and then configures an automatic dialing system to call people,” according to the GnomeREPORT.

The GnomeREPORT continued, “When the call is answered, an automated recording alerts the person that his or her credit card has been compromised and the consumer should call a phone number immediately to correct the problem. The phone number is often a toll-free number with a spoofed caller ID of a legitimate financial company.”

Phishing is still the most prevalent Internet scam, generating $929 million in losses in 2005, according to the Gartner Group. MSNBC reports that phishing has progressed into “vishing” where a phone call or the verbiage in the malicious e-mail contains a phone number to call instead of a link to click. An automated answering system is most likely to pick up your call and harvest the requested information you enter.

As more consumers have become more experienced not to click the links in unsolicited e-mails, vishing e-mails or calls have emerged. MSNBC reports that the most recent scams have targeted customers of PayPal and especially Santa Barbara Bank & Trust, using an e-mail that looked like it originated at the bank’s online customer service department.

“Their e-mail blast shows a new level of sophistication. It was targeted to people in the bank’s 805 area code. The phone number people were asked to call was also an 805 number. You’d have to be pretty suspicious not to fall for that one,” said Paul Roberts, speaking with MSNBC. Roberts is a senior editor at InfoWorld magazine.

The other factor making vishing more viable and even convincing is the fact you can easily obtain a Voice over Internet Protocol (VoIP) phone number. The required verification is minimal. Bill Rosenkrantz told MSNBC, “You can be in Russia and get a local area code number in Seattle very quickly.” Rosenkrantz is the director of consumer products at Symantec Corporation.

The lesson in all this is not to respond to unsolicited mail, especially those asking for personal information. Clicking on links or calling phone numbers found in these e-mails should be considered dangerous. Federal Trade Commission attorney Patti Ross told MSNBC, “Use your common sense. What would you do if you were on the street and someone came up to you and asked for your credit card number? You wouldn’t do that!”

Security analyst Ron O’Brien said, “It is becoming more difficult to distinguish phishing attempts from actual attempts to contact customers,” according to the Associated Press. Contacting financial and other organizations using the phone number found on your account statements or on the back of your credit cards allows you to discuss your account information safely.


Already a member? log in here.

Editor's Choice

Upcoming CPE Webinars

Dec 18In this presentation Excel expert David Ringstrom, CPA focuses exclusively on how to perform repetitive tasks more efficiently in Excel.