Phishing and Vishing - the New Scams!
The New Scams: Phishing and Vishing
Phishing – The act of sending an e-mail to a user, falsely claiming to be an established legitimate enterprise, in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. However, the website is bogus and set up only to steal the user’s information.
Vishing – The criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of “voice” and phishing. Vishing exploits the public’s trust in landline telephone services, which have traditionally terminated in physical locations which are known to the telephone company, and associated with a bill-payer. The victim is often unaware that VoIP allows for caller ID spoofing, that is, the caller ID information appearing on the victim’s phone set is false and has been stolen or “spoofed”. Vishing is typically used to steal credit card numbers or other information used in identity theft schemes. Vishing is very hard for legal authorities to monitor or trace. Consumers are advised to be highly suspicious when receiving messages directing them to call and provide credit card or bank numbers. The consumer should contact their bank or credit card company directly to verify the validity of the message.
