To the Barnard Community:

From time to time, as information reaches us about email scams, we alert the community. The following information was forwarded by Bill Plackenmeyer, Director of Safety & Security:

Please be advised of a new scam called "vishing." Vishing, or "voice phishing," occurs when a scammer sends an e-mail hoping to get victims to telephone a voice mail box to disclose sensitive financial and personal information.

Many computer users are already aware of so-called "phishing e-mails," which link to counterfeit Web sites that ask computer users to enter account numbers or other personal information. Those scam e-mails look as though they were sent from companies like American Express, Bank of America, and other major companies, informing customers they need to update their records. When they do so, the customer unwittingly provides sensitive financial and personal information that is often used for identify theft and other such purposes.

New tools - including software that helps locate phony Web sites - have made phishing more difficult to pull off. However, the new "vishing" scam gets around computer safeguards by using the telephone instead.

A vishing scammer contacts people by email, pretending to be a legitimate company. Often these messages are alarming in nature, i.e. "This is XYZ bank. We have detected fraudulent use of your account." The message asks that the person contacted dial a telephone number with a local area code. This number is answered by an automated voice that requests account numbers, personal-access codes, and other information. Armed with that data, vishing scammers quickly access accounts and transfer money, or make fraudulent purchases with a stolen credit card number.

The bottom line: You should never turn over private, personal information based on an e-mail or phone request. Legitimate institutions and companies do not request such information by outgoing phone calls or email.

last update 07/21/06