Province
Consumers may have become wise to e-mail scams designed to steal bank account numbers and other personal information, but fraudsters are now taking a new tack to get at their money over the phone, experts say.
“Our main concern there is these voice-phishing guys were spoofing a method that legitimate institutions use very often in terms of getting hold of their customers,” says John Kane, a spokesman for the Financial Consumer Agency of Canada, a federal watchdog for the financial services sector.
“Our concern there was that consumers wouldn’t really have a way of telling the real from the false.”
The technique known in web lingo as “phishing” involves a scam artist posing as a bank or other official to convince their targets to give up sensitive information.
Older e-mail phishing scams prompt potential victims to click on a link on an official looking e-mail to confirm account details.
Some refer to a security breach or an upgraded security system that requires verification, while others try to scare unsuspecting users with talk of recent repeated attempts to access their account from a foreign-based computer.
But while the newer scam may also come in an e-mail, a more sinister version dubbed as “vishing” or “voice phishing” comes as an official-sounding phone message asking the consumer to call the bank back at a given number to confirm account details.
The number is actually set up by the fraudster, who uses an automated service that prompts consumers to “log in” by providing account numbers and passwords using the phone keypad, then captures those numbers.
“We figured people were already sensitized somewhat to the e-mail sort and, even if it contained a phone number in it, people were somewhat sensitized to that avenue,” Kane said. “What these fraudsters were apparently doing was using machines to call people automatically and leave a voice message on their home phone saying there’s a problem, give us a call back at the bank and here’s the phone number.”
According to Phonebusters, the national anti-fraud call centre operated by the RCMP and the Ontario Provincial Police, there were 11,231 reported identity-theft complaints last year that swindled consumers out of a total of $8.6 million in Canada.
Maura Drew-Lytle, spokeswoman for the Canadian Bankers Association, said: “Some of the phishing people have pretended they are the government trying to get your social insurance number. It is any sort of personal information that they can get to use to commit some sort of fraud.”
Drew-Lytle said Canadian banks may call and leave a voice messaging saying they suspect fraudulent activity on your card, but they will never send an e-mail to a customer asking him or her to call them back at a specific phone number.
She suggested that someone concerned about a possible scam should call the bank back at the number listed on a recent statement or on the back of a bank card to confirm it is a legitimate inquiry.
“The other thing with phishing or vishing is that these are mass either e-mails or voicemails that are sent out to all kinds of people. They don’t know who you are,” said Drew-Lytle.
She said if the call is legitimate, it will address you by name, and that’s the same with e-mail, not: “Dear valued customer.”
SUSPICIOUS? WHAT TO DO AND WHAT NOT TO DO
Advice for consumers who receive a phone call, message or e-mail, purportedly from their financial institution, that they suspect may be fraudulent:
– Do not respond to an e-mail asking you to disclose personal information, such as an online password, your debit- or credit-card numbers or your personal identification number.
– Do not use the phone number provided in the e-mail or in the phone message without first verifying that it is valid.
– To confirm that a phone number provided is legitimate, contact your financial institution using a number you have looked up yourself.
– As part of a legitimate conversation, you will not be asked to verbally provide your personal identification number or password.
– Always be cautious about how and with whom you share personal and financial information.
Source: Financial Consumer Agency of Canada
© The Vancouver Province 2006
