Are you one of many who have received an e-mail, text message, or telephone call, purportedly from your credit card/debit card company directing you to contact a telephone number to re-activate your card due to a security issue? The IC3 has received multiple reports on different variations of this scheme known as “vishing”. These attacks against US financial institutions and consumers continue to rise at an alarming rate.
Vishing operates like phishing by persuading consumers to divulge their Personally Identifiable Information (PII), claiming their account was suspended, deactivated, or terminated. Recipients are directed to contact their bank via telephone number provided in the e-mail or by an automated recording. Upon calling the telephone number, the recipient is greeted with “Welcome to the bank of …” and then requested to enter their card number in order to resolve a pending security issue.
For authenticity, some fraudulent e-mails claim the bank would never contact customers to obtain the PII by any means, including e-mail, mail, and instant messenger. These e-mails further warn recipients not to provide sensitive information when requested in an e-mail and not to click on embedded links, claiming they could contain “malicious software aimed at capturing login credentials.”
Please beware; spam e-mails may actually contain malicious code (malware) which can harm your computer. Do not open any unsolicited e-mail and do not click on any links provided.
A new version recently reported involved the sending of text messages to cell phones claiming the recipient’s on-line bank account has expired. The message instructs the recipient to renew their on-line bank account by using the link provided.
Due to rapidly evolving criminal methodologies, it is impossible to include every scenario. Therefore, be cognizant and protect your PII. Beware of e-mails, telephone calls, or text messages requesting your PII.
If you have a question concerning your account or credit/debit card, you should contact your bank using a telephone number obtained independently such as; from your statement, a telephone book, or another independent means.