Vishing: Phishing By Phone

Types of Phishing:
 arrows Spear Phishing
 arrows Vishing
 arrows Pharming
Phishing Attempt Examples
E-mail from Hancock Bank
Protecting Yourself
Security Hints
Identity Theft
Advanced e-Fraud Protection

You may have heard about a form of identity theft known as "phishing." In a phishing scam (see examples of past phishing attempts aimed at Hancock Bank customers), identity thieves send cleverly disguised e-mails, supposedly from legitimate and reputable companies, to mass e-mail address lists of potentially millions of people.

This is short for "voice phishing," another twist on phishing in which e-mails and the telephone are used together to steal sensitive personal information.

Since many people are now aware of phishing techniques, thieves have discovered that adding a phone number to call to "verify" information appears to add legitimacy to the request.

In most instances, callers reach an automated voice response system that tells them what information (like a bank account or credit card number) is supposedly needed to maintain their account or fix the "problem." In addition to banks, PayPal, the online payment processing company, has recently been targeted by vishers.

With internet telephone service (like Voice over Internet Protocol, or VoIP), it is now easy for thieves to get local area code phone numbers from anywhere in the world. These local area codes make the solicitations seem even more legitimate, though the calls may be going to identity thieves on the other side of the world.

To protect yourself, if you believe the e-mail may be legitimate, contact the company that (supposedly) sent the e-mail in a way that you know is safe. This may be via a phone number on your account statement or on the company's website (by typing in the Web address yourself, not clicking on a link in the e-mail), but not by calling the number in the e-mail.