The Acoustic Guitar Forum

Go Back   The Acoustic Guitar Forum > Other Discussions > Open Mic

Reply
 
Thread Tools
  #1  
Old 09-15-2023, 09:05 AM
imwjl imwjl is offline
Registered User
 
Join Date: Feb 2007
Location: My mom's basement.
Posts: 8,386
Default PSA: Vishing & smishing.

Vishing & smishing are using phone calls and SMS (text) messages to spoof and breach your security.

It is important to know this because you can receive an attack where a very sophisticated and teamwork group will try and trick you as a bank and payment service. In the workplace and home too, a fake tech support call can occur.

Make sure you verify phone numbers. Use your bank's and payment services legitimate apps. If a fake support call and especially in the work place verify against an incident or ticket number.

This comes to mind because I read it was how a major breach in the news started, and not long ago I was targeted. Even with knowledge from my work I was pretty impressed with the amount of teamwork and sophistication in the attempt.

Of course don't forget other basics such as spoofing in email and to always read the actual inks before you click on search results. If you own a business make sure you train, document and be sincere with your PCI DSS compliance. Choose security products that use the TALOS database applies to business and individuals.
__________________
ƃuoɹʍ llɐ ʇno əɯɐɔ ʇɐɥʇ
Reply With Quote
  #2  
Old 09-15-2023, 10:32 AM
Talk2Me Talk2Me is offline
Registered User
 
Join Date: Feb 2023
Posts: 603
Default

The weakest point in any security system are the people. "Social engineering" my hacker friend used to cal lit. Apparently that worked very well recently in Vegas...just not for the casino(s) involved.
Reply With Quote
  #3  
Old 09-15-2023, 11:54 AM
Chipotle Chipotle is offline
Registered User
 
Join Date: Aug 2016
Posts: 2,128
Default

A good way to keep yourself safe... never go through the link or phone number you are provided in the email or sms, unless it is something you are expecting (like a password reset or security code). Always reach back to the company with your own verified link or phone number, from your bookmarks/contacts or a legit search.
Reply With Quote
  #4  
Old 09-15-2023, 10:14 PM
seannx seannx is offline
Charter Member
 
Join Date: Feb 2010
Posts: 4,544
Default

That happened to one of my sons recently. He got several calls and didnít answer them, and messages were left saying it was from BofA wanting to verify account information and protect him from fraud.

He checked the number, and it was the same as the one BofA texts with security verification codes had been sent from in the past. So he answered the next time they called. They were very sophisticated, and had his credit card numbers and account numbers along with current balances.

Then they said he would be getting an authorization code by text to pass along to them. One came from the same number they had been calling him on, which was the same one he had gotten legitimate texts from BofA in the past. Even though he hadnít given them his username and password, they were able to use the code and change them.

He discovered this after he had supplied a good amount of personal information (SS #, address, credit card cvc codes, etc.) They kept pushing him for more info to the point he got suspicious, and asked why they needed additional details. The guy couldnít give him a good answer, and my son hung up. Next he went to sign in to his account online, and discovered he was locked out.

He immediately went to the local branch, where they helped him close all of his accounts, open new ones, and create a new user name and password. Thankfully no money had been taken out of his accounts.

So as a PSA, no matter how legitimate phone, text or email contacts appear, donít reply. Instead sign in online or contact the bank directly.
__________________
1950 Martin 00-18
RainSong Concert Hybrid Orchestra Model 12 Fret
Emerald X20 Artisan Short Scale
Strandberg Boden Original 6
Eastman T185MX
G&L ASAT Classic USA Butterscotch Blonde
Rickenbacher Lap Steel
Voyage-Air VAD-2
Martin SW00-DB Machiche
1968 Guild F-112
Taylor 322e 12 Fret V Class
Reply With Quote
  #5  
Old 09-16-2023, 07:44 AM
Gitfiddlemann Gitfiddlemann is offline
Charter Member
 
Join Date: Nov 2009
Posts: 2,247
Default

Quote:
Originally Posted by seannx View Post
So as a PSA, no matter how legitimate phone, text or email contacts appear, donít reply. Instead sign in online or contact the bank directly.
Excellent advice.
Don't reply. Don't call back. Don't touch or click on anything that's within the message.
Also, many if not all reputable financial institutions, like banks and CC companies, and also Social Security and Medicare governmental offices, go out of their way to remind account holders that they will NEVER contact you by phone, text or email to "verify" anything.
These are always scams.
__________________
Best regards,
Andre
(New user name Gitfiddlemann. Formerly AndreF)

Golf is pretty simple. It's just not that easy.
- Paul Azinger

"It ainít what you donít know that gets you into trouble. Itís what you know for sure that just ainít so."
Ė Mark Twain

http://www.youtube.com/user/Gitfiddlemann
Reply With Quote
Reply

  The Acoustic Guitar Forum > Other Discussions > Open Mic

Thread Tools





All times are GMT -6. The time now is 08:30 AM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2023, vBulletin Solutions Inc.
Copyright ©2000 - 2022, The Acoustic Guitar Forum
vB Ad Management by =RedTyger=