Beware of Schemers Who Are Trying to Steal Your PIN Codes Using This Clever Scam

There are all sorts of phishing scams out there. Some rely on emails; some mainly occurs via phone calls. But what if we were to combine both? What if an intricate phishing scheme would incorporate emails and phone calls? The reality is that there definitely are scams like that out there. Perhaps, the latest example of such criminal activity is the Verizon phone scam. We will go over the main aspects of this latest phishing scam, and then we will talk about the steps you have to take to protect your personal information from a malicious exploitation.

Verizon Mobile PIN Code Scam

Normally, when schemers create websites that try to pass for legitimate pages, there is often a way to tell that the page is fake. It might be the domain name or the overall layout that gives them away. However, this Verizon phone scam clearly targets users who spend most of their time on mobile devices. The fake Verizon domain, when opened on a mobile device, looks very much like a Verizon customer support app. This proves that the schemers have done their homework, and they know exactly who they want to target.

Like most schemers, the crooks behind this phone scam, depend a lot on the sense of urgency. When the victim receives the phishing email, it looks like the email was sent by Verizon, and there is something wrong with the victim's account. The sense of urgency makes the victim take action immediately. It is also very likely that they will not double-check whether there really is a problem with their account or not. Instead, at the end of the phishing email, they will find a contact number, and they will feel inclined to make a call.

It sometimes seems that when users get tricked into giving away their information, a schemer calls and asks for a PIN. However, in this case, the criminals don't even need to do that. Instead, the users who fall for this scam call the fraudsters back. Consequently, the fraudster tells them that they will receive a text message with a PIN code that they will have to tell the Verizon “employee.” This is actually the biggest red flag because no reputable service would ever require you to share such a sensitive piece of information over the phone.

If users give away the PIN code that they receive with a text, the fraudster can then exploit the password reset verification system. Verizon uses the system to confirm users' identities. Since the schemers already have your phone number, they just need the PIN code to reset your Verizon account password and make them the “master account user.”

What can the criminals behind this phone scam do once they have full control over your Verizon account? They can go straight to any Verizon vendor out there and buy new devices as the master user. The worst is that they can buy new devices under your account and then sell them, while you will be given the main bill to foot.

Do these phone scam schemers ever get caught? USA Today had reported that at least two (seemingly unrelated) schemers were caught by law enforcement authorities when a Verizon store in Florida noticed discrepancies in their customer accounts. And this is great because it shows that Verizon really cares about their customer data security. However, there is just so much that can be done on the service side. It is clear that users could easily protect themselves from such phone scams if they knew how to recognize a phishing attack when they see one. Instead of waiting for a schemer to call and ask for a PIN, make sure that you do not find yourself in such a situation in the first place.

Phishing Scam Checklist

Password security. Email and phone scams usually try to lure out your passwords and other sensitive information because they want to access your accounts. It would be a lot safer to employ a password manager to look after your passwords. Not only would you no longer need to memorize every single password, all of your passwords would also be regularly renewed, and you wouldn't have to reuse them.

Always double-check. Banks, telecommunication service companies, and other firms that process personal information work hard to implement the best security measures. Quite often, at the end of a legitimate email, you can see a disclosure line that says a company would never call you and ask you to supply them with personally identifiable information. Therefore, if someone calls you, and asks you to tell them certain information that only you should know, it is most probably a phone scam. If you are not sure, you can always double-check by contacting the customer service via the official credentials that you have.

Enable multi-factor authentication. If a certain service offers such option, please consider setting up multi-factor or two-factor authentication today. Whether it is a phone scam or any other type of phishing attack, having multi-factor authentication enabled would make it harder for schemers to take over your account. They would require a lot more security tokens to authenticate your identity, and not every fraudster would be willing to take the effort.

Automatic updates. No matter whether you are usually on a desktop or a mobile device, automated software updates should always be enabled. We do understand that sometimes users like to turn it off for various reasons, but the latest software updates might as well protect you from all sorts of scams. Maybe an updated service could filter phishing emails better. Or maybe it would block you from accessing a fake website. Hence, keeping your software updated is crucial.

Finally, just remember to always keep your guard up. You aren't the only one fighting the battle against phone scams, phishing attacks, and cyber crooks. It requires joint effort to keep dangerous attacks at bay, and if every one of us performs our own role in this battle, we can make the world a slightly better place.

May 15, 2019

Leave a Reply