08/ 01/ 2006
You're a smart, savvy small-business owner, and you read up on the latest with regard to identity theft and e-scams. But the latest one making its way through cyberspace, one which experts predict will soon "explode," is a little trickier.
VoIP, or voice over Internet protocol, telephone numbers are getting very easy (and cheap) to obtain. Services like Skype allow users to make calls for very cheap—or even for free. These services have been used to bring folks all over the world together for education, business and just plain ol' fun.
E-mail scam artists know that you're watching for unsolicited e-mail messages from credit card companies, travel agencies and hundreds of other bogus fronts asking you to visit a Web site because your account has been compromised (called "phishing" by the experts). Unsuspecting readers of these messages click on these links and provide personal information to this "Web site," which is not an official Web site at all, but one built solely for the purpose of identity theft. We've all been told not to click on these links and become victims, but instead to simply pick up the phone and call.
And that's how the new scam came about.
Now with this latest e-mail scam, "vishing," you may see a message in your inbox from PayPal, for instance, that says your personal account information needs to be updated, and there is a phone number listed instead of the usual Web site address in the e-mail that you are asked to call. When you call that number, you're then asked for your personal information. These VoIP numbers are easy and cheap to obtain.
In another use of the vishing scam, the criminals set up an automatic telephone dialer to call phone numbers, and when a real person answers, an automated recording saying his or her credit card has had fraudulent activity plays, asking the listener on the other end to call. When the person calls, he or she is asked for credit card account information.
In an interview with Grant Gross of IDG News Service, Secure Computing offered the following tips to keep from becoming a victim of this latest e-mail con:
- Credit card companies usually refer to customers by their full names in any communication. If an e-mail or phone call does not refer to your full name, it could be a scam.
- You should not call a telephone number provided in a phone call or an e-mail regarding possible security issues with any credit card or bank account. You should call the phone number on the back of your credit card or on your bank statement to report security concerns.
- If anyone purporting to be a credit card provider calls and requests your card number, hang up. Instead, call the phone number on the back of your credit card and report the attempt. If the call was legitimate and information is needed, the credit card provider will have knowledge of it.
For more information, read Gross' full article on PCWorld.com.
