Security News > 2020 > April > Would You Have Fallen for This Phone Scam?

You may have heard that today's phone fraudsters like to use caller ID spoofing services to make their scam calls seem more believable.

You probably didn't know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account - data that can then be abused to make their phone scams more believable and expose you to additional forms of identity theft.

"After we figured out what was going on, we were left asking ourselves how the crooks had obtained her last three transactions without breaking into her account online. As it turned out, calling the phone number on the back of the credit card from the phone number linked with the card provided the most recent transactions without providing any form of authentication."

In a phone interview with KrebsOnSecurity earlier this week, Jim made a call to Citi's automated system from his mobile phone on file with the bank, and I could hear Citi's systems asking him to enter the last four digits of his credit card number before he could review recent transactions.

After verifying the recent legitimate transactions with the caller, the person on the phone asked for her security word.

News URL

https://krebsonsecurity.com/2020/04/would-you-have-fallen-for-this-phone-scam/