The Better Business Bureau has warned banks, especially Bank of America and their depositors/creditors to be alert of a new phishing attack using a newer social engineering technique. Some victims of the new phishing attack suddenly realized that their bank accounts were totally wiped-out of funds, even without remembering if she gave her banking information to someone before it happened. Victims receive a phone call from a smooth-talking stranger, which targets, the customer’s emotional tendency to suddenly decide on something unplanned.
“Honestly, this is a new twist on that whole phishing scam. This is one of things where your first instinct when you get one of these phone calls is to say, ‘Thank you so much for calling me. What do I need to do?’ We’ve all gotten those and I think that we all for whatever reason think those are a little more legitimate,” explained Lechelle Yates, a representative from Better Business Bureau.
Calls that create not only distractions but using human emotion for the receiver of the call to do irrational action in relation to the demands of the caller can only be pulled off by a professional swindler, who talks smoothly to convince their victim. This time, using the urgency of a ticking clock to persuade the victim to immediately make decisions.
“Don’t get caught up in that rush. Say, ‘Thank you very much for calling. I’m going to call you back,’ and then hang up the phone immediately. Don’t give them time to protest. I think that they could also leave a voicemail. So if you get one of these voicemails don’t leave the phone number that they leave,” added Yates.
The best way to create a barrier between a fraudulent caller and the bank customer is with the use of phone apps that automatically divert unknown phone numbers to a voicemail. That way, the sense of urgency is immediately extinguished, preventing the possibility of making quick irrational decisions.
It is also a good practice to keep emotions in-check when dealing with financial queries through the phone, through instant messaging clients or email. The bank itself already holds the personal information of the customers, and they are not in their interest to ask that same information again through a phone call, instant messaging or email.