You are probably already familiar with phishing, which leverages the trust people have in email to trick them into visiting fake websites and providing confidential information. If you have ever received a legitimate-looking email purporting to be from your bank, you may have been the target of a phishing attack. The sophistication of those fake emails can be quite impressive, and every year untold numbers of victims click on the embedded links and find their computers infected as a result.
Now that so many of us have moved our computing to mobile devices, the scam artists have followed suit. While phishing schemes still run rampant, scammers have moved beyond the desktop and are now targeted mobile phones. If you carry a smartphone or use text messaging to communicate, you need to be aware of vishing and Smishing.
What is Vishing?
Vishing is defined as the act of using the phone to try to scam a user into providing confidential information. While vishing is often associated with mobile phones, landline users are frequent targets as well. Phone scams are as old and the telephone. It is all about getting an unsuspecting person to do something (wire money, send a check, whatever) at benefits the phone scammer at the expense of the victim. What identity theft highly profitable to criminals in this computer age, we now have vishing. The only difference is the criminal wants to get your personal information by phone – then rob you later.
A typical vishing scam starts with a phone call to the targeted individual. The caller generally claims to be affiliated with a legitimate business, often a bank or brokerage firm. They caller claims they need to verify certain information, typically a bank account number, Social Security number or other private information.
While a vishing call can seem legitimate, giving it a bit more thought can protect you and your identity. If you have a bank account, the financial institution no doubt has your Social Security number and account number already. There would be no need to provide this information a second time.
The best way to handle a vishing call is to ask for the caller’s contact information. Most likely the caller will either refuse to provide the information and simply hang up. If they DO provide contact information, and they claim to be from your bank, phone provider, credit union, credit card company or any other company you do business with, here is the what you do: Contact THAT company using a phone number you KNOW is associated with that company and report someone is trying to contact you about your account. They will direct you as to what you should do next. If someone tries vishing on you, and you got a call back number, and you are unsure what to do, then call your local police department and pass on the visher’s contact information. This way you help protect others from similar scams.
Also very important is to educate everyone in your household to NOT give out personal information when someone calls and asks for it. Always do the reverse. You call whatever business, via a number you have been given by that company, to provide personal information.
POSSIBLE EXCEPTIONS: Sometimes banks, credit unions, credit card companies and so forth do need to call you. However, they ALREADY HAVE all your personal information. There is NO reason for them to ask for that information. They may need to ask if you made a certain charge, or wrote a check to a certain person or so forth. In this case, you can answer certain questions (like you are not in France at the moment so that credit card charge is not yours in Paris). However, as soon as the caller wants YOU to provide account information or other personal information, STOP. Inform the caller you will need to contact them via a verified number for the company.
What is Smishing?
If you use a mobile phone and text messaging, you may be seeing a smishing scam in your inbox soon. You can think of smishing as phishing for the mobile phone texting world. In a smishing scam, the criminal sends you a text message which asks for personal information – such as your account number or Social Security number.
As with phishing, the best defense against a smishing scam is to simply ignore it. Just delete the message, and NEVER click on any links within it. If you want, you can contact the local police, the company that claims to have sent the text message, or both. Unless you can absolutely identity from whom a text message is sent, it’s a good policy to NEVER click on links in a mobile phone text message.
If you provide you children with cellphones, smartphones or whatever, make sure you teach them NOT to click on text links from unknown texters. The same with answering questions from unknown callers. Work with everyone in the household about safe was to use mobile phones, how to safely download apps and so forth. Chances are your kids, especially teens, can teach you more about mobile phone safety than you can teach them … what’s important is to get the dialog going about preventing identity theft and the hazards of unknown callers/text messages/downloading/emails that could be phishing.
Start Alert
Identity theft scams are not going away. As technology grows and evolves, so do the threats. The move from desktop and laptop computers to mobile devices has led to the shift from phishing to smishing, and no mobile user can afford to let their guard down. No matter what device you are using, the best defense against phishing, vishing and smishing is stay aware of and alert for dangers that come with these new devices … and use that most uncommon sense, common sense.
