Phishing, the impersonation of your bank or financial institution by hackers seeking your personal information, isn't just web or e-mail thing. The hackers are shifting into blind calling phones, including sell phones, and IM.
The phone call typically uses an computer generated voice to tel you there is a problem with your account, that they are putting a 'hold' on your CC, or they are canceling the CC. The voice then suggests you need to address this issue and to get the inquiry started they will need you CC number, your account number ...
The IM sends a text message claiming a similar problem and telling you to call a number. If you call the number you get a computer voice that says it is the security office, credit department or some such and that to get the issue corrected they need you 16 digit CC number and ...
I have no idea what happens in the call after you give them your information. I never go that far.
When this sort of thing happens I call my credit union and explain the situation. I also call the CC company. If the call came in by IM I also call the cell service provider. Interestingly while the general impression I get from the financial side is: 'Yes it happens. We are aware of this. We will make a note of it and report it.'; the general impression is that they are annoyed I called, they really can't do much about it, and they are primarily humoring me because it isn't their problem.
The cell phone company was more attentive and asked if I remembered the identity of the IM caller and the number they wanted me to call. The IM caller was within their system and while they never claimed there would be prosecution I got the impression they would be looking into it and, at the very least, removing that client.
I figured I was reporting a crime. I could imagine someone with limited capacity handing over their information and losing everything. The calls to all the offices were toll-free and didn't take long. I figure that if nobody raises a stink nothing will get done. If it annoys the companies it is part of running a business and perhaps they might be motivated to do something.
The security systems around our financial sector, and the simple fact you can set up a CC account with just their name, SSN, DOB, and mother's maiden name are a disgrace. Using a person's SSN as a password is brain-dead stupid. But it is how the system is set up.
Previous Topic
Index
