InfobITS Logo ITS - Fall 2006
In This Issue QuickbITS Archives IT Directory Publishing Info
Vishing - A New Twist on an Old Scam
to previous article to next article
by Jodi Ito

Don't be a victim of VishingIdentity thieves are getting more creative as they try to get you to give them your personal information. “Vishing” (Voice Phishing) is the latest technique that criminals are using to trick you into giving them your credit card number or other personal information.

Potential victims receive a phishing email that states there is a problem with their account and asks the victim to call a phone number to verify their information. Earlier phishing techniques would instead ask you to click on a link. When the listed phone number was called, an automated voice response system would then prompt the victim to enter their name, credit card number, expiration date and even the security code printed on the card.

With the growth of voice over IP (VoIP) phones, it becomes very easy for the criminal to obtain a phone number that cannot be tracked to a physical location. With voice over IP phone services, a subscriber does not need to have a valid physical address. Additionally, with VoIP phone services, it is very easy to spoof the caller ID so that it appears the phone number is originating from your financial institution or other legitimate business or entity. For example, a scammer could call you and forge the caller ID so that you think the call is from the Internal Revenue Service and pretend that there is a problem with your tax return and could ask you for your full name, social security number, address and date of birth to “confirm your identity”.

So how do you prevent yourself from becoming a victim? NEVER RESPOND using the phone number or web address listed in the email. ALWAYS CALL using a phone number from an official source. Legitimate businesses are aware of phishing scams and do not use email as an official method of communications. If you receive an unsolicited phone call from someone asking for your personal information to “verify your information”, DO NOT GIVE IT TO THEM. Ask the person for their name, phone number, and a description of what the problem is and tell them you'll call them back. Then call the organization back using a phone number from a legitimate source.

Be alert and watchful. Don't fall prey to phishing and now, vishing scams. Monitor your financial statements. Ensure that you are receiving them on a timely basis. And check your credit reports annually. Everyone is entitled to review their reports once a year from all three credit bureaus without any fees.

To check your credit report, visit:

New scams will be always be forthcoming. Be wary of any unsolicited emails and phone calls. Think before giving out any information. Call the organization back using a legitimate phone number. It's better to be safe than sorry.

to previous article to next article

Information Technology Services
Maintained by:
ITS Guide to Services
© 2006 University of Hawai'i
Last Updated: November 2006