StarTribune.com
Consumer Lookout: Be alert for yet another cyberscam - 'vishing'
Jackie Crosby
(snip)
Like phishing attacks, vishers send out an official-looking e-mail blast that masquerades as your bank, credit card or even eBay's online PayPal service, which was caught up in a slew of phone-based vishing schemes last summer along with Santa Barbara Bank & Trust, the first known target of the new scam.
Instead of sending you to a website, the e-mail tells you to call a fake number. The scam artists seem authentic because they know a little about you -- your name, address and birthday, perhaps even the last four digits of your Social Security number or your mother's maiden name. Unsuspecting victims comply when the recording instructs you to "confirm" account details and provide your credit card number. By using technology known as voice over Internet protocol, which allows people to use the Internet to make phone calls, crooks can easily "wipe the trail," making them difficult to catch, Ramzan said.
(snip)
So how can you protect yourself?
First, don't blindly give out financial information unless you made the call to a number you know.
Second, don't be shy about making the person at the other end of the phone prove they are legitimate. Don't trust caller ID boxes, either, because they're easy to spoof. "If somebody's calling you, the first thing you should do, even if it's 100 percent real, is get a name and phone number and ask to call them back," said Doug Howard, of Counterpane Internet Security in Mountain View, Calif. As added security, Ramzan suggests asking for your most recent transaction. A thief wouldn't have that information.
Third, if you get an e-mail, voice mail or letter that directs you to call about a problem with your account, don't call the number contained in the missive. Instead, call the number on your credit card or your latest bill.
(snip)
http://www.startribune.com/535/story/771318.html