You’ve probably been warned about “phishing” – an email scam that gets people to reveal personal financial info at counterfeit websites that appear to be run by such companies as Citibank and Ebay.
Now you can start worrying about "vishing," which is voice phishing.
People in California received emails telling them that their online banking privileges had been suspended. They were instructed to call a local phone number, where an automated system asked them to enter their account numbers, PINs and other information. The phone number they dialed did NOT belong to their bank, and could have connected callers to crooks anywhere in the world, thanks to the number choices available through internet phone service providers.
According to the Wall Street Journal, the FBI traced the scheme to computers inside and outside the U.S., but hasn't arrested anyone yet. The phone number has been deactivated. It is unclear whether any money was stolen.
"Everyone's accustomed to the standard phishing attack," said Adam O'Donnell, a senior research scientist at San Francisco-based online security firm Cloudmark Inc. "Their banks have told them not to click on the URLs," but customers aren't as careful with phone calls, because they are accustomed to entering their account information before speaking to a representative.