Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share





'Secutiry Info' Phone Phishing Scam

Outline
Message purporting to be from the "technical security services department" claims that an error found in the user's account could result in an account suspension unless the user calls an included phone number to validate card information.

Office Assistant dialing phone number

© Depositphotos.com/ milinz



Brief Analysis
The email is not from any security department. In fact, it is a phone based phishing scam designed to trick recipients into calling criminals and providing their credit card details and other personal information.

Bookmark and Share
Example

Subject: Secutiry Info !

Our technical security services department has notified an error on your account, which may lead to your account suspension.

For you to gain access back to your account. you are required to call us now at the folowing number:
[Number removed]

You will be asked to validate your card information .

We apologies for any inconvenience caused !


Detailed Analysis


According to this "secutiry info" notification email, an account belonging to the recipient is about to be suspended due to an error found by the "technical security services department".  The message instructs recipients to call a number included in the text in order to validate their card information and regain access to their accounts.

However, the email is not from any legitimate security department. It is a phishing scam designed to trick users into divulging personal and financial information to criminals.

In essence, it is very similar to thousands of other phishing scam emails. Most such messages try to trick users into providing their information by clicking a link or opening an attachment and filling in a bogus form. However, in this case, the message tries to trick users into contacting the scammers directly via telephone.

The scam message purposely does not mention the provider of the supposedly suspended account. The scammers hope that less attentive users will simply assume that the email concerns their primary bank or credit card account and proceed regardless.

Those who fall for the trick and call the number will be told that they must first verify the procedure by naming the financial institution or credit card provider. Next, the scammer will ask them to validate their account by divulging their credit card numbers and other banking and personal details. The scammer on the line may even ask victims to provide their online banking username and password. After victims finish the call, the scammer can then use the stolen credit card details to make fraudulent transactions and possibly hijack bank accounts. If victims have provided enough information, the scammer may even manage to steal their identities.

Be wary of any message that claims that your account may be suspended if you do not provide account information, either via an online form or by calling a number. If in doubt, contact the institution directly. Do not use a phone number listed in any unsolicited message.

And, of course, any genuine message about an online account would certainly identify the institution it was sent from. Moreover, staff at your bank's security department can probably spell the word "security" correctly.

Bookmark and Share

Last updated: October 8, 2013
First published: October 8, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information