 Standard phishing scams use e-mail to direct potential victims to phony Web pages to steal their identities. Phone phishing scams work a little differently: Instead of being directed to a Web page, you could be prompted by e-mail to call a customer support number. On the other end of the phone line, a person or an audio response unit waits to take your account number, personal identification number, password, or other valuable personal data. The person on the other end of the phone line might claim that your account will be closed or other problems could occur if you don't respond. Perpetrators often use payphones, stolen cellular phone numbers, or hacked accounts. This scam might also take advantage of fax or VoIP (Voice over Internet Protocol) numbers. Tips to help avoid phone phishing e-mail scams: | • | Treat all unsolicited e-mail (and phone) messages with skepticism and avoid clicking on links. | | • | Before you call, research unfamiliar area codes first using legitimate local phone companies to avoid long distance, international, or other toll charges. | | • | To determine actual customer support and other phone numbers, check the organization's Web site. And when you do your research, don't follow a link in an e-mail—always type the Web site URL address yourself. | | • | If available, refer to your hardcopy records of past invoices or statements for legitimate contact phone numbers and other information. Creditor customer support phone numbers are also often listed on the back of credit cards. | | • | Stay current about the latest identity-theft scams through industry-standard security newsletters, security Web sites, and other reliable sources. | | • | Scrutinize your e-mail for telltale signs of a phishing attempt, such as poor grammar, typos, strange Web addresses, or anything else that seems suspicious. | | • | In the United States report suspicious e-mail to the FBI, the Federal Trade Commission (FTC), and the Anti-Phishing Working Group (APWG). |
| |
