Telephone scams are nothing new. Almost all of us will have taken a call from someone claiming to be from our bank. Or a helpful representative of Microsoft who needs to help us fix our computers.
And because these scams are so common, we’ve got pretty good at spotting them. Which means we are also much less likely to fall victim to them.
Unfortunately, scammers have found other profitable phone scams – and they don’t even need to talk to you.
“Guess the password” scams
Almost every big business – including banks – now rely on call centres to provide help and support to customers. In general these services work quite well, but they can be compromised by determined criminals.
Often these call centres verify customer identity with relatively basic questions. What town were you born in? What is your mother’s maiden name? In the age of Facebook and over-sharing on social networks, this information is surprisingly easy to come by.
The scammer simply calls your bank, answers the relevant security questions and they can take full control of your account. As far as the bank knows, the caller is you.
Other phone services are protected by a 4-digit PIN number. The operator asks for the number – or some specific digits – before permitting access to the account.
The problem with PIN numbers is that there are just 10,000 possible combinations. Given enough time, criminals can simply keep calling in and guessing new combinations until they get the right one.
Both of these attacks work well – and neither requires you to speak with to the hacker.
Hackers are also turning to text-only attacks as a way to trick unsuspecting victims into handing over sensitive personal information like passwords. Scammers will often send a text message pretending to be from your bank.
These messages may ask you to text back to confirm your identity. They will ask for a password or PIN for instance – details they can then use to log into your account.
Other messages may contain a link. Tap the link and you land on a website that looks just like your bank’s. When you try to log in, nothing happens – as far as you can tell. But in reality, the scammers have managed to steal your user name, password and other important information that can be used on the real bank site.
By the time you realise, scammers may have already emptied your account. And again, they’ve done it using your phone – but without ever speaking to you.
Protect yourself against no-talk scams
Protecting yourself against no-talk scams is a three-step process. First you must choose security passphrases that are not easily guessed. Select security questions like “What was the name of your first teacher at school?” for instance.
Second, realise that your bank will never send you an SMS asking for your password or other details. And they will never send a link in their messages either – they will simply ask you to visit the website. It is then down to you to open the browser or app manually.
Third, make sure that you have anti-malware like Panda Security installed on your smartphone (free trial here). This will help prevent your phone from being hijacked by malware. And a premium VPN will protect you from fake websites and dodgy links.
No-talk scams are a significant risk to everyone – including you. But they can be avoided using these tips.
For more help and advice about staying safe online, check out the Panda Security blog.
Why is a number from the backside of credit card needed to complete an on line purchase?
I’m currently have Panda security on my pc’s and cell so I believe that I protected from undesirables. I’ve been using Panda since my friend told me of it. I hope that Panda will keep my devices secured since I don’t do business over the phone and I’m aware of the banks and IRS not calling or sending emails which are phony stuff.
Thanks for choosing Panda to protect your devices!
We will keep working to offer you the best cybersecurity solutions.
I have been with Panda Security for many years. Securing all of my devices I feel protected from possible threats. The best thing I have implemented this year is the Panda call blocking service. I no longer receive unknown callers. Thank you Panda Security
So glad to hear you are happy with us! Thank you for loyalty to Panda over the years! We will keep working to offer you the best cybersecurity solutions.
I must agree that I have always found Panda very reliable and have full confidence in it. But would never do “On line Banking” and only very limited Purchases. All protection is only as good as the operator/ end user ?
Common sense is the best weapon of mass destruction. what users need is awareness. each user should know which are the good practices and the less good ones. Is for that reason that we publish informative contente very often in our blog.
Thanks for reading us!