FCAC Cautions Consumers About New "Vishing" Scam
OTTAWA, July 25, 2006 - The Financial Consumer Agency of Canada (FCAC) today warned consumers about "vishing", a new twist on fraud using telephone systems, and cautions them against divulging any personal information without first consulting their financial institution or online payment service provider directly.
The new scam has been named "vishing", short for "voice phishing", and is a variation on the "phishing" e-mail scams that have been used by fraudsters in recent years.
The original phishing e-mails are crafted to look like messages from major banks or other financial service providers. These messages generally instruct recipients to click a link in the e-mail to confirm their personal information. The link then connects them to a bogus site that mimics the service provider's site, where consumers are prompted to provide or verify private information, such as credit card numbers or an on-line banking password, which is then used by thieves to tap into accounts.
Vishing hooks consumers using two different approaches. The e-mail based version of the scam, like the original phishing, uses e-mails that mimic messages from an online payment service provider, such as PayPal or eBay. The messages may say that there is some problem with the recipient's account. Instead of providing a link to a fake website, vishing e-mails provide a false customer-support telephone number. When consumers call, an automated service prompts them to "log in" by providing account numbers and passwords, using the telephone keypad.
Consumers may also receive direct calls at home, or messages left on their answering machine warning that their account may be at risk and suggesting they call customer support immediately. Fraud artists may even try to gain consumers' trust by "confirming" personal information they have on file, such as the clients full name, address or credit card number.
For consumers who receive these types of telephone calls, messages or e-mails, FCAC offers the following advice:
- DO NOT respond to an e-mail asking you to disclose personal information, such as an online password, your debit or credit card numbers or your personal identification number (PIN).
- Do NOT use the phone number provided in the e-mail or in the telephone message without first verifying that it is valid. To confirm that the phone number provided is legitimate, contact your financial institution using the phone number provided on the back of your debit or credit card, your monthly statement or a published number you have looked up yourself.
- In some cases, financial institutions may contact you by phone or leave you a voicemail message if they suspect fraudulent activity on your debit or credit card or account. As part of a legitimate conversation with your financial institution, you may be asked questions to ensure they are speaking to their client. You will NOT, however, be asked to verbally provide your PIN or password. Use the procedures above to make sure that the financial institution or business you are contacting is legitimate.
- As a general rule, always be cautious about how and with whom you share personal and financial information.
- FCAC also advises consumers to contact the Agency if they are being held liable by a federally regulated financial institution for losses resulting from a phishing or vishing scam, as many of these institutions have publicly committed to protecting their customers in the event of fraud. FCAC oversees public commitments made by federally regulated financial institutions. Consumers can contact FCAC toll-free by calling: 1-866-461-3222.
To view a sample fraudulent e-mail, visit the Consumer Alerts section of FCAC's Web site at: www.fcac.gc.ca.
FCAC ensures compliance with the consumer protection laws that apply to banks and federally incorporated trust, loan and insurance companies. FCAC also provides consumers with accurate and objective information about financial products and services, and informs Canadians of their rights when dealing with financial institutions.
Media Contacts
Christina McDonald
Communications Officer
(613) 941-4168
mcdonald.christina@fcac.gc.ca
John Kane
Manager, External Communications
(613) 941-8988
kane.john@fcac.gc.ca
Next (Fraud Warning: Re: Low Interest Loans Scam 2006-07-27)
Previous (The Weather Australian International Lottery Programme Scam 2006-02-03)
Follow us on: