For years, government officials have warned the public of e-mail frauds that request personal information, known as phishing. Over time, the public education has made it more difficult to trick people with fraudulent e-mail. However, there has been less public outreach about similar new types of telephone schemes, sometimes called “vishing.” The occurrence of telephone swindles, where recipients are often asked to provide personal or financial information, is up sharply during the last couple of years. In 2012, the Federal Trade Commission reported that telephone calls accounted for 34 percent of the fraud complaints it received from people who reported how they had been contacted. Telephone fraud was second only to e-mail, which accounted for 38 percent of complaints in 2012.
As an example, a potential victim may receive a telephone call from a swindler saying that their cellphone or bank accounts has been compromised, and that the potential victim needed to provide credit card information. Moreover, the swindler may use software to make the calls look as if they were originating from a legitimate telephone number such as a bank or law firm. Consequently, businesses have begun warning their customers to avoid providing any personal data through their telephones when they receive such calls.
However, there are circumstances when a financial institution may need to urgently contact a client for various reasons such as fraud alert or validating certain transactions. One approach is for a business associate of the financial institution to physically call up the client and request information from the client to validate if the called person on the telephone is actually the client. However, the issue on the client side is for the client to validate that the caller is actually an authorized individual from the financial institution, as opposed to a swindler or other bad actor, before providing such sensitive information to the caller.