December 28, 2011 Cyber security experts warn that the latest research evidences a considerable increase in two malicious schemes known as vishing and smishing.
The FBI and U.S.Depatment of Homeland Security CERT provide up to date information on cyber scams to watch out for – especially during the holiday season. The FBI web site section on e-scams states:
“while most cyber criminals target your computer, smishing and vishing scams targeting your mobile phone are a growing threat as a growing number of Americans own mobile phones. (Vishing scams also target land-line phones)”
In Vishing or SMishing schemes, the victim receives a phone call, SMS or text message informing the person, for instance, that they have been automatically enrolled in a paid service or an alert from the bank notifying a customer that their debit card has been locked.
Several financial institutions have recently alerted customers that the institution has been targeted and to beware of text or voice messages that appear to come from the bank, but instead are scam artists attempting to obtain the customer’s credit or debit card data.
On Thursday, Fifth Third Bank sent out an alert warning its customers that SMIshing (using text messages) and Vishing (using voice mail) attacks have occurred on banking customers, including Fifth Third customers.
Fifth Third spokeswoman Debra DeCourcy said:
“The goal of these attacks (much like their counterpart, phishing) is to obtain credit or debit card information. This event is one perpetrated by thieves on unsuspecting individuals.”
DeCourcy reminded Fifth Third customers that the bank never contacts customers by text or phone to get or verify information such as card information, PIN numbers or Social Security numbers.
Some customers were already targeted in the scam, according to the Fifth Third spokeswoman. The SMS reads:
“Fifth Third Bank alert. Debit card locked.”
Customers are then instructed to call a fraudulent number to unlock it or to activate their new card.
“If someone should receive a suspicious message, we advise them not to respond, and to delete the message from their mobile device or voice mailbox,” DeCourcy said. “Consumers need to be vigilant in protecting their personal information, especially this time of year.”
Tennessee Valley Federal Credit Union (TVFCU) also posted an alert on their web site warning both members and non-members that they may be targeted by fraudulent emails, calls, or text messages.
Cyber security experts say to avoiding these malicious plots, it is important not to panic. If you suspect that a call or email may be legitimate, contact the company involved directly, but never use the contact details provided by the person that’s on the other end of the line or click on the link, an important point stressed by the CERT team as well.
The FBI suggests reporting scam e-mails or text by filing a complaint at www.ic3.gov.