What is Phone Phishing?

Mary Elizabeth
Mary Elizabeth

Phishing is a type of scam most closely associated with email, but also carried out through other media. In a phishing scam, the scammer tries to entice the target into revealing important information, often in the form of a credit card number, a Social Security number, a bank account number, and/or a user name and password combination. In an email or website phishing attack, the target is led by graphics and text to believe that a legitimate authority is seeking information and the goal is to have the target click a link, enter information and/or download malware. Phone phishing — which was around prior to email under a different name — is one type of phishing scam, and one that — according to experts — has been on the increase since computer users have become educated about email phishing.

Phishing is a type of scam most closely associated with email, but also carried out through other media.
Phishing is a type of scam most closely associated with email, but also carried out through other media.

Phone phishing is based mainly on acting. The caller, representing himself or herself as a representative of a financial institution most often, tries to convince the target that he or she may have suffered a security breach and he or she must provide account details over the phone in order for the financial institution to ascertain whether this has happened. Alternate methods to lend veracity to their claim include using an automated message, or a call requesting that the target go to a website and enter the information impersonally, rather than tell it to the caller, but using a spoof website address.

Another added trick used in phone phishing is Caller ID spoofing. Caller ID spoofing is the substitution of an alternate Caller ID for the actual phone number from which the caller is placing the call. This can be done for legitimate purposes, such as law enforcement, but is also a way to set the concerns of a target at rest. One can place a call through a website from anywhere in the world and appear to be calling from a financial institution around the corner from the target. The Truth in Caller ID Act of 2010, which by May 2010 had passed the House of Representatives but not yet passed the Senate, would make Caller ID spoofing a crime with some particular exceptions including use by law enforcement and the ability to block one’s own caller ID.

There are some simple steps to avoiding being entrapped by phone phishing. Recall that legitimate businesses will never ask for account information over the phone. Test the veracity of any request for information by calling the organization that any suspicious phone call seems to come using a phone number from published information, such as a billing statement or an account balance record, that you know to be accurate.

Mary Elizabeth
Mary Elizabeth

Mary Elizabeth is passionate about reading, writing, and research, and has a penchant for correcting misinformation on the Internet. In addition to contributing articles to wiseGEEK about art, literature, and music, Mary Elizabeth is a teacher, composer, and author. She has a B.A. from the University of Chicago’s writing program and an M.A. from the University of Vermont, and she has written books, study guides, and teacher materials on language and literature, as well as music composition content for Sibelius Software.

You might also Like

Readers Also Love

Discuss this Article

Post your comments
Login:
Forgot password?
Register: