John Cipriano
From:
San Francisco
|
Posted 10 Apr 2010 11:24 pm |
|
From http://www.h-i-r.net/2010/04/clever-phishing-attempt.html:
| Quote: |
My phone just rang. It was a call from +1-817-688-7853. The other end was an Interactive Voice Response script.
Me: "Hello?"
IVR: "Hello. For security purposes, your Visa debit card has been deactivated for debit and ATM use..."
First reaction on my end was "oh, great. Somewhere, someone got my details..."
I listened through the prompts and there was no option to speak to a real human. I tried "0" "*" and "#" multiple times, to no avail. It just kept playing the short prompt menu over and over again. I chose option 1, to "re-activate" my card, suspecting a ruse. On cue, it asked me for my 16-digit card number, followed by #... |
Just as your bank won't ask for passwords, they also won't ask for your credit card number, at least not on a call that they initiated. This is not a very advanced scam, either... these days, setting up your own PBX and voice menu is free and easy. So be careful who you give information out to.
FWIW I don't think I've ever had to tell the bank my whole card number, plus expiration date to lift a fraud warning. Maybe the last few digits. Sometimes when you activate the card you do that, but you know the right number to dial, so if you call from a landline you can be mostly sure you're getting the bank and not a scammer. (Not so on a cell phone, at least not with GSM). |
|
