The latest attempt to steal your credit card number and personal information comes from a new technique that security experts are labeling "vishing", shorthand for "voice phishing". These con artists are using a combination of telephone and e-mail tricks which are designed to mimic the well known e-commerce business PayPal, and of course, relieve you of your hard earned money.
These e-mails utilize a slick come-on warning you that there is a problem with your PayPal account. However, there is no mysterious link to click which usually raises all kinds of warning flags for regular internet users. Instead, you will be asked to call a phone number where an automated answering machine will ask you for specific account information. This method truly mimics the legitimate way that customers interact with PayPal today. I myself have activated a PayPal credit card through their voice service and never had to talk to a real live person.
Other times the vishing will begin with the scammer calling you. Many people have fallen victim to this type of vishing which can be quite believable. The caller already knows your credit card number which gives the illusion they are a legitimate vendor. The only thing you are asked to provide is the three-digit security code found on the back of the card to confirm whatever it is their clever minds can come up with. "It is becoming more difficult to distinguish phishing attempts from actual attempts to contact customers," Ron O'Brien, a security analyst with Sophos PLC.
Your best bet, should you ever get one of these telephone calls, is to immediately hang up and call your financial institution with the number on the back of your card. If there is a real issue, they will know how to handle it. Remember, in this day and age you can never be to careful with your financial information. Never give anyone your credit card number or even the three-digit security code on the back of the card unless you have initiated the call. However, if you're calling in response to an e-mail that definitely doesn't count as initiating the call!